-
Sep 4, 2019
Are you a privacy obsessed? You can do everything in your power to avoid being tracked through your phone, such as change OS, avoid Google's services, only use open-source apps from F-Droid, turn off WiFi and location services but…there is… read more »
-
Sep 3, 2019
Michał Brygidyn is an AWS DevOps engineer with AWS Certified Security and a security researcher with CompTIA Security+ certification. In this post on the PGS Software Blog, he shares some interesting tips about Cloud Security on AWS. ...the Cloud is safe. The… read more »
-
Sep 2, 2019
Also this week, a lot of SciFi news! Entertainment Elliot is coming back! Mr. Robot’s fourth and final season gets an October 6th premiere date in new trailer https://www.youtube.com/watch?v=9Hmb33a7ATM The new trailer for the upcoming season — like the first season… read more »
-
Aug 30, 2019
Security researchers from Google’s Project Zero team say they have discovered a number of compromized websites which used previously undisclosed security flaws to attack any iPhone that visited them. "There was no target discrimination; simply visiting the hacked site was… read more »
-
Aug 30, 2019
Okay, this is the third post dedicated to Another World (previous are this and this): I think now it's clear how much I appreciate this game. In any case, I also love software developing and computer archaeology, so when I've… read more »
-
Aug 29, 2019
During a penetration test, once you get a local access to a target, you should start a local assessment of the machine in order to plan a correct tactic for privileges escalation and lateral movement. So, today l'd like to… read more »
-
Aug 28, 2019
Credit card skimming is a type of credit card theft performed using a small device to steal credit card information during a legitimate credit card transaction. How skimmers works? When a credit or debit card is swiped through a skimmer,… read more »
-
Aug 27, 2019
Imperva disclosed today a security incident that led data exposure affecting a subset of customers using its Cloud Web Application Firewall (previously known as Incapsula). The data exposure incident is limited only to the Cloud WAF, according the blog post… read more »
-
Aug 27, 2019
In the beginning it was the wardialing: the scan a block of numbers (dialed with specific software and a modem) often related to a company, in order to find out a fax or a modem response. https://www.youtube.com/watch?v=zb1r_uKOew4 With the advent… read more »
-
Aug 26, 2019
Uff..Facebook announces a new privacy tool and a new Matrix's chapter is coming but…"not all that glitters is gold"! Wait! Did you say "Breaking Bad"? Cybersecurity Apple, what are you doing? iOS 12.4 makes it possible to jailbreak your iPhone… read more »
-
Aug 23, 2019
Do you remember this post about Kazakhstan government attempts to deploy a root certificate in order to start a spying campaign of citizen's HTTPS traffic? Google, Microsoft, and Mozilla are discussing a plan of action... https://www.andreafortuna.org/2019/07/19/kazakhstan-government-begins-intercepting-all-citizens-https-traffic/ Well, good news! Some… read more »
-
Aug 22, 2019
When you start analyzing a Linux memory dump using volatility, the first problem you may need to face is choosing the correct memory profile. In my opinion, the best practice is generate your own profile, using a machine with the… read more »
-
Aug 21, 2019
An interesting article by Luca Bongiorni explains how to create a remote controlled HID injector cable using some simple hardware components easily purchased on online stores (with less then 10$) https://www.youtube.com/watch?v=kmCjYPdNIPM The main idea (for the hardware-side) is to re-use… read more »
-
Aug 20, 2019
The vulnerability resides in the way devices choose an entropy value for encryption keys while establishing a connection: an attacker in close proximity to the victim’s device could intercept or manipulate encrypted Bluetooth traffic between two paired devices. Researchers at… read more »
-
Aug 19, 2019
Some interesting topics from BlackHat and DefCon! Technology Japanese user of Microsoft Excel asks: "Why is the SAVE ICON a 'Vending Machine w/ a Beverage dispensed?' " The save icon is not a vending machine https://twitter.com/fea0er/status/1160099135569063936 Privacy A researcher abused the… read more »
-
Aug 16, 2019
Another World was one of the video games I most loved in my youth. It was also one of the first software on which I had fun to do reverse engineering: with an hexadecimal editor on my Amiga 500 I… read more »
-
Aug 15, 2019
OS X is, in effect, a *nix based system. Therefore the forensic image acquisition processes are very similar to those used on Linux systems.Today I'd like to share my personal acquisition workflow for Apple Mac systems, suitable for OSX before… read more »
-
Aug 14, 2019
Google Project Zero disclosed a vulnerability in CTF, a Microsoft protocol used by all Windows versions since Windows XP that can be exploited with ease. What is CTF? What CTF stands is currently unknown: it is part of of the… read more »
-
Aug 13, 2019
Researchers have discovered that some DSLRs and mirrorless cameras are actually vulnerable to ransomware attacks. Once in range of your camera's WiFi, a bad actor could easily install malware that would encrypt your valuable photos unless you paid for a… read more »
-
Aug 12, 2019
End-to-end encryption is not everything! Yes, WhatsApp implements E2E using the Signal Protocol: The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations. https://en.wikipedia.org/wiki/Signal_Protocol End-to-end encryption ensures that your message is turned into a… read more »