-
Apr 1, 2020
Also in my privacy roundup the main topic this week is, again and unfortunately, the COVID-19 pandemic. Bluetooth tracking and COVID-19: A tech primer In a scramble to track, and thereby stem the flow of, new cases of Covid-19, Governments… read more »
-
Mar 31, 2020
Recently in Norway a school had to stop using the Whereby video conference service because during a video lesson a man broke into the group video conference and showed himself naked. This new phenomenon is called, according to Wikipedia, "Zoombombing":… read more »
-
Mar 30, 2020
From today, i'll start to split the original "Weekly Roundup" in several small posts spread over the entire week.So, let's start with the "Weekly Cybersecurity Roundup"! Two zero days are Targeting DrayTek Broadband CPE Devices From December 4, 2019, 360Netlab… read more »
-
Mar 27, 2020
Amethyst is a great project by Matt Sarnoff.It's like a classic home computer: it has an integrated keyboard and can generate audio and video and has a built-in high-level programming language for users to write their own programs. It uses… read more »
-
Mar 26, 2020
A recently discovered campaign that targets home and small-office routers is redirecting users to fake COVID-19 informational sites that attempt to install password stealing malware. A post published by security firm Bitdefender [1] said the attack is targetting Linksys routers,… read more »
-
Mar 25, 2020
Windows Service Accounts are the elephant in the room in the corporate environment: things that nobody ever talks about or considers to be a problem. Often, these service accounts are in the Domain Admins group, with passwords like "Service123", "Password123",… read more »
-
Mar 24, 2020
Microsoft has released a security advisory about a remote code execution vulnerabilities affecting all currently supported versions of Windows and Windows Server operating systems. According to advisory [1], a remote attacker can exploit these vulnerabilities, affecting the Adobe Type Manager… read more »
-
Mar 23, 2020
Also last week, the main topic was Covid-19: Let's try to recap.Ah, I forgot: STAY. AT. HOME. http://www.commitstrip.com/en/2020/03/19/stay-at-home/ Technology Google’s coronavirus information site is now live Google has just launched a site with information and resources to understand the coronavirus… read more »
-
Mar 20, 2020
Mimikatz is a famous post-exploitation tool written in C by Benjamin Delpy: it allows a local attacker to dump secrets from memory exploiting Windows single sign-on functionality. How Mimikatz works? Until Windows 10, Microsoft's OSs by default used a feature… read more »
-
Mar 19, 2020
Valerio Mulas published an interesting analysis about the security of Android-based Smart TVs. The analysis points out the default configuration of most Android-based TVs, which allows you to enable the ADB, install unsigned applications and theoretically gain full control of… read more »
-
Mar 18, 2020
Professor Douglas Leith from Trinity College in Ireland, tested six web browsers to determine what data they were sharing. According to research [1], tested browsers splits into three distinct groups from this privacy perspective.In the first group, the most private, lies… read more »
-
Mar 17, 2020
The Signal protocol is provides end-to-end encryption for instant messaging in WhatsApp, Wire, and Facebook Messenger among many others, serving well over 1 billion active users. Some years ago, a team of researchers (Katriel Cohn-Gordon, Cas Cremers, Benjamin Dowling, Luke… read more »
-
Mar 16, 2020
These are hard times but, everything will be fine! Italians are singing songs from their windows to boost morale during coronavirus lockdown https://twitter.com/Veritatisvis/status/1238552631548747777 Videos have been shared on social media of Italian citizens singing and dancing during a nationwide lockdown… read more »
-
Mar 13, 2020
Since Windows 8, Microsoft has moved to a new commercial strategy: in addition with traditional selling of OS licenses, started got revenues from searches, apps and games. But to do this, MS has started the collection of “telemetry” data, considered… read more »
-
Mar 11, 2020
Security firms inadvertently leaked info about a 0-Day 'wormable' vulnerability found in the SMBv3 protocol. UPDATE - 2020/03/13 Microsoft released the KB4551762 security update to patch the vulnerability: update ASAP! After the release of Patch Tuesday fixes, Fortinet [2] and Cisco Talos [3] published… read more »
-
Mar 11, 2020
Many processors made by Intel are vulnerable to a new type of attack named Load Value Injection. The vulnerability, tracked as CVE-2020-0551, was first reported to Intel in April 2019 by Jo Van Bulck from the KU Leuven research university… read more »
-
Mar 10, 2020
Do you need a secure and private messenger? You shouldn't be use Telegram! In the past, I've already written about security laks of major messenger systems [1]. So, today I'd like to share some interesting highlight from a post by… read more »
-
Mar 9, 2020
A lot has happened on last week, folks! But, first, don't panic! Don’t Panic: The comprehensive Ars Technica guide to the coronavirus More than 100,000 people have been infected with a new coronavirus that has spread widely from its origin… read more »
-
Mar 6, 2020
In 2008, a team of students and researchers from Princeton University, Wind River Systems and the Electronic Frontier Foundation published a research paper [3] examining the phenomena of computer memory remanence.That paper has confirmed what had long been theorized by… read more »
-
Mar 5, 2020
A research team has recently discovered a new attack method that enables remote users to interact with voice-controlled device using ultrasonic waves transmitted through (for example) the surface on which is placed the target device. The attack, dubbed "SurfingAttack" [1]… read more »