Pierluigi Paganini
January 24, 2018
According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts. The availability of billions of credentials in the criminal underground due to the numerous massive data breaches occurred in the last years makes it easy for crooks to take over users’ accounts. We always […]
Pierluigi Paganini
September 19, 2017
Hackers have exploited security weaknesses in SS7 protocol to break into a GMail account, take control of a bitcoin wallet and steal funds. In June 2016, researchers with Positive Technologies demonstrated that it is possible to hack Facebook accounts by knowing phone numbers by exploiting a flaw in the SS7 protocol. The technique allows bypassing […]
Pierluigi Paganini
July 10, 2017
Crooks behind the Operation Emmental hacking campaign have started targeting the Swiss banks using a variant of the DoK Mac OS X malware. In July 2014, malware researchers at Trend Micro published a report on the hacking campaign âOperation Emmentalâ that was targeting Swiss bank accounts whit a multi-faceted attack that allowed crooks to bypass two factor authentication implemented […]
Pierluigi Paganini
November 07, 2016
Enterprises running Exchange Server using two-factor authentication on Outlook Web Access (OWA) could be hacked due to a design flaw. New troubles for enterprises running Exchange Server, two-factor authentication implementations on Outlook Web Access (OWA) could be easily bypassed due to a design flaw. An attacker can bypass two-factor authentication to access email inboxes, calendars, contacts and […]
Pierluigi Paganini
October 18, 2016
Even if you have an iPhone 6S protected by a 6 digits password plus the touch ID fingerprint it is possible to unlock it. 1. Introduction You have an iPhone 6S protected by a 6 digits password plus the touch ID fingerprint and you may think that nobody can unlock it without the code, right? […]
Pierluigi Paganini
July 19, 2016
A security expert revealed a number of flaws in the big playerâs two-factor authentication methods that could allow crooks to steal money. Social media bug bounty hunter, Arne Swinnen, has revealed a number of flaws in the big playerâs 2 factor authentication (2FA) methods that could enable a malicious user to illicit large sums of […]
Pierluigi Paganini
June 12, 2016
Is Two-factor authentication the solution for any kind of hacks? A text message could be used to take over your Google Account. Following the recent data breaches suffered by IT giants (e.g. MySpace, LinkedIn, Twitter) security experts are inviting users to avoid sharing login credentials on multiple websites and to enable two-factor authentication (2FA) when it […]
Pierluigi Paganini
January 08, 2016
The Rovnix Banking Trojan is an aggressive malware that has been used in a new campaign targeting the customers of more than a dozen Japanese banks. Malware experts at IBM’s X-Force have spotted a new strain of the Rovnix malware targeting the Japanese bank customers. The new threat comes from Russia and it is very […]
Pierluigi Paganini
September 07, 2015
Security experts at Vulnerability Lab have discovered a restriction filter bypass vulnerability affecting the PayPal mobile app. Under specific conditions, PayPal can ask users to confirm their identity to prevent frauds. When users are asked to verify their identity, their account is not accessible and in order to unblock it PayPal request them to make […]
Pierluigi Paganini
August 30, 2015
According to a report published by the Citizen Lab Iranian hackers have elaborated a sophisticated phishing scheme to takeover Gmail accounts. According to a report published by the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, Iranian hackers have elaborated a sophisticated phishing scheme to circumvent security measures that defend Gmail […]
