-
May 11, 2020
"Computers are useless. They can only give you answers" - Pablo Picasso NASA still doesn’t know how long SpaceX’s astronaut mission will last We’re fast approaching crunch time for the partnership between NASA and SpaceX that will culminate in the… read more »
-
May 8, 2020
Security researcher Siguza published a really interesting paper about a strange bug in iOS XML parsers, still unpatched, that allows sandbox escape. In his article [1], Siguza explains how to allow an app to gain full access to the entire… read more »
-
May 7, 2020
A research presented in 2019 by Jacob Leon Kröger and Philip Raschke, during the 33rd Annual IFIP WG 11.3 Conference, analyze technical and economical feasibility of eavesdropping on modern smartphones. The study’s findings [1] suggest that eavesdropping activity would not… read more »
-
May 6, 2020
"If someone steals your password, you can change it. But if someone steals your thumbprint, you can’t get a new thumb. The failure modes are very different." – Bruce Schneier Is the GDPR failing? If it is, how can it… read more »
-
May 5, 2020
In the past, I've already written about Kerberos attacks, especially on Ticket Attacks. In all examples, I've always used only Mimikatz, because i think is the most know tool used for this kind of attacks. However, some days ago, I… read more »
-
May 4, 2020
"Being able to break security doesn't make you a hacker anymore than being able to hotwire cars makes you an automotive engineer." - Eric Raymond Hackers say they stole millions of credit cards from Banco BCR Hackers claim to have… read more »
-
May 1, 2020
"The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency." - Bill Gates Coronavirus… read more »
-
Apr 30, 2020
Vladimir Katalov published, on ElcomSoft's blog, a good post about forensic acquisition techniques for iOS devices. It's a really interesting paper, from which I'd like to share some highlights: Logical acquisition Logical acquisition is the fastest, simplest, and most compatible… read more »
-
Apr 29, 2020
"What does censorship reveal? It reveals fear" - Julian Assange Nintendo says 160,000 users impacted in recent account hacks Japanese gaming company Nintendo confirmed today that hackers gained unauthorized access to around 160,000 user accounts since the start of the… read more »
-
Apr 28, 2020
The Electronic Frontier Foundation, one of the most respected associations for the protection of privacy and digital rights, that fights since its beginnings against abuses of digital technologies, has published a large article that takes stock of anti-pandemic tracking apps,… read more »
-
Apr 27, 2020
A lot of interesting links, this week: Ransonmware, new APT grops, new vulnerabilities and (as usual) some coronavirus-related news! TEMPEST@Home - Finding Radio Frequency Side Channels Have you ever listened to a photocopier or a car engine to infer what… read more »
-
Apr 24, 2020
"I do not fear computers. I fear lack of them."— Isaac Asimov Cloudflare Workers Now Support COBOL Recently, COBOL has been in the news as the State of New Jersey has asked for help with a COBOL-based system for unemployment claims. The system… read more »
-
Apr 23, 2020
Cybersecurity startup ZecOps discovered two zero-day vulnerabilities affecting iPhone and iPad devices during the analysis of a series of ongoing remote attacks that have targeted iOS users since at least January 2018. Following a routine iOS Digital Forensics and Incident… read more »
-
Apr 22, 2020
D'oh! A lot of dataleaks! Telsy’s report on UniCredit’s data breach went viral worldwide On the evening of April 19, Telsy denounced that the personal data of about 3000 employees of the UniCredit S.p.A. bank, one of the largest banks… read more »
-
Apr 21, 2020
A proof-of-concept remote code execution exploit for the Windows 10 "SMBGhost" vulnerability (CVE-2020-0796) was developed and presented yesterday by Yuki Koike, a researcher by Ricerca Security. The vulnerability, that only impacts specific versions of Windows 10 and Windows Server, was… read more »
-
Apr 20, 2020
As was the case in the past weeks, threat actors attempt to capitalize on coronavirus outbreak. System32 Comics Is BGP Safe Yet? No. But we are tracking it carefully BGP leaks and hijacks have been accepted as an unavoidable part… read more »
-
Apr 17, 2020
This week NASA, MIT and…d'oh! COVID-19, again! Sandboxie's Source Code has been released Sophos, the company that acquired the Sandboxie sandboxing software and technology from Invincea in 2017, has released the source code of the application to the public. Sandboxie,… read more »
-
Apr 16, 2020
Here in your mind you have complete privacy. Here there's no difference between what is and what could be – Chuck Palahniuk EU Commission Recommends a Common Approach to Using Mobile Apps and Location Data to Combat and Exit COVID-19… read more »
-
Apr 15, 2020
The issue has been discovered by two developers, Talal Haj Bakry and Tommy Mysk. Developers have demonstrated how easy it is to trick TikTok into connecting to a fake server, exploiting app architecture, that uses HTTP instead of HTTPS to retrieve media… read more »
-
Apr 14, 2020
In an interesting article on The MIT Press Reader, Finn Brunton & Helen Nissenbaum discuss how opting out of surveillance is practically useless, and suggests to use data obfuscation as a better alternative. I suggest to read the whole article,… read more »