• Mar 19, 2020

    Hacking Android Smart TVs using the IR remote control

    Valerio Mulas published an interesting analysis about the security of Android-based Smart TVs. The analysis points out the default configuration of most Android-based TVs, which allows you to enable the ADB, install unsigned applications and theoretically gain full control of… read more »
  • Mar 18, 2020

    What do browsers say when they phone home?

    Professor Douglas Leith from Trinity College in Ireland, tested six web browsers to determine what data they were sharing. According to research [1], tested browsers splits into three distinct groups from this privacy perspective.In the first group, the most private, lies… read more »
  • Mar 17, 2020

    Some thoughts about the Signal Messaging Protocol

    The Signal protocol is provides end-to-end encryption for instant messaging in WhatsApp, Wire, and Facebook Messenger among many others, serving well over 1 billion active users. Some years ago, a team of researchers (Katriel Cohn-Gordon, Cas Cremers, Benjamin Dowling, Luke… read more »
  • Mar 16, 2020

    My Weekly RoundUp #131

    These are hard times but, everything will be fine! Italians are singing songs from their windows to boost morale during coronavirus lockdown https://twitter.com/Veritatisvis/status/1238552631548747777 Videos have been shared on social media of Italian citizens singing and dancing during a nationwide lockdown… read more »
  • Mar 13, 2020

    How to block Windows 10 telemetry using "hosts" file

    Since Windows 8, Microsoft has moved to a new commercial strategy: in addition with traditional selling of OS licenses, started got revenues from searches, apps and games. But to do this, MS has started the collection of “telemetry” data, considered… read more »
  • Mar 11, 2020

    SMBGhost (CVE-2020-0796): a new wormable Windows SMBv3 vulnerability

    Security firms inadvertently leaked info about a 0-Day 'wormable' vulnerability found in the SMBv3 protocol. UPDATE - 2020/03/13 Microsoft released the KB4551762 security update to patch the vulnerability: update ASAP! After the release of Patch Tuesday fixes, Fortinet [2] and Cisco Talos [3] published… read more »
  • Mar 11, 2020

    Load Value Injection (CVE-2020-0551): a new Side-Channel attack affects Intel's CPUs

    Many processors made by Intel are vulnerable to a new type of attack named Load Value Injection. The vulnerability, tracked as CVE-2020-0551, was first reported to Intel in April 2019 by Jo Van Bulck from the KU Leuven research university… read more »
  • Mar 10, 2020

    Security analysis of Telegram Messenger

    Do you need a secure and private messenger? You shouldn't be use Telegram! In the past, I've already written about security laks of major messenger systems [1]. So, today I'd like to share some interesting highlight from a post by… read more »