-
Aug 12, 2019
End-to-end encryption is not everything! Yes, WhatsApp implements E2E using the Signal Protocol: The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations. https://en.wikipedia.org/wiki/Signal_Protocol End-to-end encryption ensures that your message is turned into a… read more »
-
Aug 8, 2019
After a post focused on Android, another list of tools useful for penetration testing and reverse engineering of iOS applications.Also all this tools are OSS and freely available. Access Device iProxy Let's you connect your laptop to the iPhone to… read more »
-
Aug 7, 2019
Security researchers at Bitdefender disclosed a new way of exploiting a flaw in Intel chips. Speculative execution attacks As Spectre, Meltdown and other similar attacks, the SWAPGS attack takes advantage of speculative execution, a functionality that seeks to speed-up the… read more »
-
Aug 7, 2019
And some suggestion to hardening your buckets! Google Storage Buckets is a service similar to S3 Buckets and, like the must know Amazon's service, has the same security problems related to uncorrect configurations. Also Google Buckets may expose sensitive data… read more »
-
Aug 5, 2019
On this article on his blog, Bruce Schneier talks on protecting yourself from identity theft. TL;DR: You can’t. You can only prevent criminals from using your personal information, which they almost certainly already have. Bruce Schneier is a cryptographer, privacy… read more »
-
Aug 2, 2019
Some months ago, Speigel Online reported on comments by Germany’s Interior Minister Horst Seehofer, who proposed greater governmental access to end-to-end encrypted communications, such as those by WhatsApp and Telegram. Seehofer proposing greater governmental access to end-to-end encrypted communications, such as those… read more »
-
Aug 1, 2019
Memory analysis on Windows 10 is pretty different from previous Windows versions: a new feature, called Memory Compression, make it necessary a forensic tool able to read compressed memory pages. Windows 10 memory compression Recent releases of Windows 10 include… read more »
-
Jul 31, 2019
Cybersecurity firm Immunity Inc. decided to sell a BlueKeep exploit module capable of full remote code execution as part of its penetration testing toolkit. https://vimeo.com/349688256/aecbf5cac5 https://twitter.com/Immunityinc/status/1153752470130221057 Concerns about malicious usage of this module spreds around the whole cybersecurity community: According… read more »
-
Jul 29, 2019
I'm going on vacation and get offline for a few days to recharge my batteries.
During this time, blog updates will be pretty sporadic.
See you soon!
… read more »
-
Jul 28, 2019
Last weekly roundup before my vacation: my last respect to an iconic actor, some privacy troubles for Apple Siri and a new interesting production from Hulu. INBOX Regarding GDPR CLI (a command line tool for checking websites GDPR compliancy), Lucy… read more »
-
Jul 27, 2019
This vulnerability, discovered by Nils Emmerich, resides in LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice, and still exists in the latest version has been patched in version 6.2.5. LibreLogo allows users to specify pre-installed… read more »
-
Jul 26, 2019
Recently, GitLab performed a survey on over 4,000 developers and operators, with interesting results. This year, over 4,000 respondents – across various industries, roles, and geographic locations – candidly shared their experiences, helping us uncover what software professionals require in… read more »
-
Jul 25, 2019
A couple of very brief tip, useful during a forensic acquisition. During the initial phase of a digital forensic investigation, a lot of information about target systems need to be collected. One of this item are the information about the… read more »
-
Jul 24, 2019
Yes, that's an uncomfortable topic! A team of researchers (Elena Maris, Timothy Libert and Jennifer Henrichsen) from Microsoft, the University of Pennsylvania, and Carnegie Mellon have revealed a study showing that Google and Facebook are keeping tabs on user's porn… read more »
-
Jul 23, 2019
QCSuper is a tool allowing to capture raw 2G/3G/4G radio frames, generating PCAP captures using Qualcomm-based phones and modems. Lately, I have been playing with a 3G dongle – a small USB device enabling to connect to the mobile Internet.… read more »
-
Jul 22, 2019
What happened last week? 50 years since the moon landing, 4 trailers from San Diego Comic-Con, 7.5 Terabytes of secret data and a proper recognition to the father of computer science! 50 years ago, NASA’s Apollo 11 mission changed our… read more »
-
Jul 21, 2019
Last weekend, on July 13, a group of hackers going by the name of 0v1ru$ hacked into Active Directory server of SyTech, a contractor for FSB, Russia's national intelligence service.From this server they gained access to the company's entire network,… read more »
-
Jul 19, 2019
Do you want to know the reason why? To "protect them from cyber threats"! Kazakhstan government has started intercepting all HTTPS internet traffic inside its borders, starting July 17. Governement instructed local ISPs to force their users into installing a… read more »
-
Jul 19, 2019
It's the killer app of the last weeks, but FaceApp has been giving people the power to change their facial expressions, looks, and now age, since 2017. But at the same time, people have been giving FaceApp the power to… read more »
-
Jul 18, 2019
This list of tools is really useful both in penetration testing on an Android application and in reverse engineering of a suspicious application.All tools are OSS and freely available: so, enjoy! Reverse Engineering APKInspector GUI tool for analysis of Android… read more »