-
Sep 13, 2019
Stealth Falcon is a state-sponsored cyber espionage group that since 2012 targets political activists and journalists in the Middle East. Security researchers from ESET have discovered a new malware associated with Stealth Falcon that abuses a built-in component of the… read more »
-
Sep 12, 2019
Some updates here! Researchers from AdaptiveMobile Security have uncovered a new and previously undetected vulnerability and associated exploits, called Simjacker. This vulnerability is currently being actively exploited by a specific private company that works with governments to monitor individuals. Simjacker… read more »
-
Sep 12, 2019
Browser fingerprinting is an incredibly accurate method of tracking online activity but, luckily, there are a few things you can do to try to wipe your fingerprints. TL;DRAre you a privacy obsessed? Don't use an unusual browser! What is browser… read more »
-
Sep 11, 2019
Intel chipset can be exploited to sniff SSH passwords as they're typed over the network. In 2011, Intel introduced a feature called Data-Direct I/O (DDIO) its server processors that allowed network cards and other peripherals to connect directly to a… read more »
-
Sep 10, 2019
Ok, it is true that Exim is one of the most used SMTP servers in the world, and for this reason it is continuously monitored by many security experts, but in the last months the Remote Code Execution vulnerabilities found… read more »
-
Sep 9, 2019
A lot of interesting topics in the last week! Cybersecurity https://twitter.com/GossiTheDog/status/1170014744176148481 Let's get this party started! No, XKCD too? XKCD Forum Breach Exposes Emails, Passwords of 562,000 Users https://xkcd.com/327/ The forums of the XKCD webcomic created by Randall Munroe in… read more »
-
Sep 7, 2019
There’s been a lot of discussion about BlueKeep, a security hole in the Windows Remote Desktop Protocol that allows a remote attacker to access your machine. https://twitter.com/GossiTheDog/status/1170014744176148481 According to this article by Brent Cook on the Rapid7 site: Today, Metasploit… read more »
-
Sep 6, 2019
KolibriOS is an open source operating system with a monolithic preemptive kernel, video drivers, for 32-bit x86 architecture computers. The entire operating system with a good set of application fits into a 1.44 Mb Floppy Disk. The project is an… read more »
-
Sep 5, 2019
Researchers at CheckPoint said that over half of all Android handsets are vulnerable to a over-the-air (OTA) SMS phishing attack that could allow an attacker to route all internet traffic through a rogue proxy that can sniff traffic and steal… read more »
-
Sep 4, 2019
Are you a privacy obsessed? You can do everything in your power to avoid being tracked through your phone, such as change OS, avoid Google's services, only use open-source apps from F-Droid, turn off WiFi and location services but…there is… read more »
-
Sep 3, 2019
Michał Brygidyn is an AWS DevOps engineer with AWS Certified Security and a security researcher with CompTIA Security+ certification. In this post on the PGS Software Blog, he shares some interesting tips about Cloud Security on AWS. ...the Cloud is safe. The… read more »
-
Sep 2, 2019
Also this week, a lot of SciFi news! Entertainment Elliot is coming back! Mr. Robot’s fourth and final season gets an October 6th premiere date in new trailer https://www.youtube.com/watch?v=9Hmb33a7ATM The new trailer for the upcoming season — like the first season… read more »
-
Aug 30, 2019
Security researchers from Google’s Project Zero team say they have discovered a number of compromized websites which used previously undisclosed security flaws to attack any iPhone that visited them. "There was no target discrimination; simply visiting the hacked site was… read more »
-
Aug 30, 2019
Okay, this is the third post dedicated to Another World (previous are this and this): I think now it's clear how much I appreciate this game. In any case, I also love software developing and computer archaeology, so when I've… read more »
-
Aug 29, 2019
During a penetration test, once you get a local access to a target, you should start a local assessment of the machine in order to plan a correct tactic for privileges escalation and lateral movement. So, today l'd like to… read more »
-
Aug 28, 2019
Credit card skimming is a type of credit card theft performed using a small device to steal credit card information during a legitimate credit card transaction. How skimmers works? When a credit or debit card is swiped through a skimmer,… read more »
-
Aug 27, 2019
Imperva disclosed today a security incident that led data exposure affecting a subset of customers using its Cloud Web Application Firewall (previously known as Incapsula). The data exposure incident is limited only to the Cloud WAF, according the blog post… read more »
-
Aug 27, 2019
In the beginning it was the wardialing: the scan a block of numbers (dialed with specific software and a modem) often related to a company, in order to find out a fax or a modem response. https://www.youtube.com/watch?v=zb1r_uKOew4 With the advent… read more »
-
Aug 26, 2019
Uff..Facebook announces a new privacy tool and a new Matrix's chapter is coming but…"not all that glitters is gold"! Wait! Did you say "Breaking Bad"? Cybersecurity Apple, what are you doing? iOS 12.4 makes it possible to jailbreak your iPhone… read more »
-
Aug 23, 2019
Do you remember this post about Kazakhstan government attempts to deploy a root certificate in order to start a spying campaign of citizen's HTTPS traffic? Google, Microsoft, and Mozilla are discussing a plan of action... https://www.andreafortuna.org/2019/07/19/kazakhstan-government-begins-intercepting-all-citizens-https-traffic/ Well, good news! Some… read more »