-
Apr 2, 2026
There are many version of Mimikatz, and today I’d like to share a C# port, “SharpKatz”. SharpKatz has been developed by security researcher b4rtik, and released on Github [1]. The tool implements the Sekurlsa module of Mimikatz used for attacks such… read more »
-
Apr 2, 2026
In the past weeks, I've already written about some funny experiments that i made first with music and machine learning, then with music composed using pseudo-random algorithms. In both cases, results are some interesting, but strange, melodies that I finished… read more »
-
Apr 2, 2026
After some experiments with machine learning and music, I also tried algorithmic composition. According to Wikipedia [1], Algorithmic composition is the technique of using algorithms to create music. Algorithms (or, at the very least, formal sets of rules) have been… read more »
-
Apr 2, 2026
Vladimir Katalov published, on ElcomSoft's blog, a good post about forensic acquisition techniques for iOS devices. It's a really interesting paper, from which I'd like to share some highlights: Logical acquisition Logical acquisition is the fastest, simplest, and most compatible… read more »
-
Apr 2, 2026
The Electronic Frontier Foundation, one of the most respected associations for the protection of privacy and digital rights, that fights since its beginnings against abuses of digital technologies, has published a large article that takes stock of anti-pandemic tracking apps,… read more »
-
Apr 2, 2026
A lot of interesting links, this week: Ransonmware, new APT grops, new vulnerabilities and (as usual) some coronavirus-related news! TEMPEST@Home - Finding Radio Frequency Side Channels Have you ever listened to a photocopier or a car engine to infer what… read more »
-
Apr 2, 2026
"I do not fear computers. I fear lack of them."— Isaac Asimov Cloudflare Workers Now Support COBOL Recently, COBOL has been in the news as the State of New Jersey has asked for help with a COBOL-based system for unemployment claims. The system… read more »
-
Apr 2, 2026
Cybersecurity startup ZecOps discovered two zero-day vulnerabilities affecting iPhone and iPad devices during the analysis of a series of ongoing remote attacks that have targeted iOS users since at least January 2018. Following a routine iOS Digital Forensics and Incident… read more »
-
Apr 2, 2026
D'oh! A lot of dataleaks! Telsy’s report on UniCredit’s data breach went viral worldwide On the evening of April 19, Telsy denounced that the personal data of about 3000 employees of the UniCredit S.p.A. bank, one of the largest banks… read more »
-
Apr 2, 2026
A proof-of-concept remote code execution exploit for the Windows 10 "SMBGhost" vulnerability (CVE-2020-0796) was developed and presented yesterday by Yuki Koike, a researcher by Ricerca Security. The vulnerability, that only impacts specific versions of Windows 10 and Windows Server, was… read more »
-
Apr 2, 2026
As was the case in the past weeks, threat actors attempt to capitalize on coronavirus outbreak. System32 Comics Is BGP Safe Yet? No. But we are tracking it carefully BGP leaks and hijacks have been accepted as an unavoidable part… read more »
-
Apr 2, 2026
This week NASA, MIT and…d'oh! COVID-19, again! Sandboxie's Source Code has been released Sophos, the company that acquired the Sandboxie sandboxing software and technology from Invincea in 2017, has released the source code of the application to the public. Sandboxie,… read more »
-
Apr 2, 2026
Here in your mind you have complete privacy. Here there's no difference between what is and what could be – Chuck Palahniuk EU Commission Recommends a Common Approach to Using Mobile Apps and Location Data to Combat and Exit COVID-19… read more »
-
Apr 2, 2026
The issue has been discovered by two developers, Talal Haj Bakry and Tommy Mysk. Developers have demonstrated how easy it is to trick TikTok into connecting to a fake server, exploiting app architecture, that uses HTTP instead of HTTPS to retrieve media… read more »
-
Apr 2, 2026
In an interesting article on The MIT Press Reader, Finn Brunton & Helen Nissenbaum discuss how opting out of surveillance is practically useless, and suggests to use data obfuscation as a better alternative. I suggest to read the whole article,… read more »
-
Apr 2, 2026
Piccolo aggiornamento al precedente articolo: visto il gran numero di iscrizioni all'istanza di TinyTinyRSS che ho installato per sopperire alla chiusura di GoogleReader, ho deciso di spostare l'installazione su un server più performante (su DigitalOcean) e al contempo registrare un… read more »
-
Apr 2, 2026
In late March 2026, around 200 people in Italy received an unusual warning from WhatsApp. Their devices, according to the company, had been compromised through a fake client that looked like the real app but behaved like spyware. Meta publicly… read more »
-
Apr 2, 2026
Show an engineer a twenty-year-old codebase and the reflex is often immediate: this is a liability waiting to explode. Old equals dangerous, new equals safe. It is one of those assumptions so widely shared in software development that it barely… read more »
-
Mar 29, 2026
Apple introduced Lockdown Mode in iOS 16 as a hardened protection layer targeted at a narrow group of users exposed to targeted attacks and mercenary spyware. Executive summary: Lockdown Mode significantly narrows the acquisition paths available to examiners by restricting… read more »
-
Mar 26, 2026
In 1966, Joseph Weizenbaum created a program called ELIZA. It was, by any technical measure, trivial: a pattern-matching engine that reflected the user’s words back as open-ended questions, mimicking the style of a Rogerian therapist. Weizenbaum expected it to be… read more »