• Feb 3, 2020

    My Weekly RoundUp #125

    Some server issues, this week! So few links, sorry! Cybersecurity IM­P4GT: IM­Per­so­na­ti­on At­tacks in 4G NeT­works Long Term Evo­lu­ti­on (LTE/4G) es­ta­blis­hes mu­tu­al au­then­ti­ca­ti­on with a prov­a­b­ly se­cu­re Au­then­ti­ca­ti­on and Key Agree­ment (AKA) pro­to­col on layer three of the net­work stack.… read more »
  • Jan 31, 2020

    Some thoughts on Information Technology in a post-apocalyptic environment

    Some funny thoughts about information technology on a post-apocalyptic environment, and some info about a more serious project! When most people think about what to do after an apocalyptic event, the first time that comes to mind is food and… read more »
  • Jan 30, 2020

    CVE-2019-8641: remotely compromising an iPhone through iMessage

    Last December, in a talk at 36th Chaos Communication Congress, Samuel Groß presented a technical report about the infamous iOS vulnerability that allowed remote code execution on all iDevices up to iOS 12.4, within a couple of minutes and without… read more »
  • Jan 29, 2020

    CacheOut - Another day, another CPU attack!

    A team of researchers from University of Michigan (Stephan van Schaik, Marina Minkin, Andrew Kwong and Daniel Genkin) and University of Adelaide (Yuval Yarom) recently presented a new attack technique that targets Intel CPUs. The attack, dubbed CacheOut (CVE-2020-0549), is… read more »
  • Jan 28, 2020

    TLDR #1: Jeff Bezos’ iPhone hack

    Just few words (and links) about this hot topic. The Amazon billionaire Jeff Bezos had his mobile phone “hacked” in 2018 after receiving a WhatsApp message that had apparently been sent from the personal account of the crown prince of… read more »
  • Jan 27, 2020

    My Weekly RoundUp #124

    Starting from this week, I'm going to start a recostructing of WeeklyRoundup (and also the whole blog): less images, more content! (...and, yes! Star Trek: Picard is awesome!) Cybersecurity Jeff Bezos hack: Amazon boss's phone 'hacked by Saudi crown prince'… read more »
  • Jan 24, 2020

    Some thoughts about SIM Hijacking

    The SIM hijacking, also know as SIM swapping, is an attack where a criminal contacts the cell phone provider of a target user, and convinces it (sometimes involving employees of the phone company) to switch target's account to a SIM… read more »
  • Jan 23, 2020

    DevSecOps: the value of "Security Champions"

    In a previous article [1], I've started to talk about DevSecOps and the concept of "shifting left" security.In order to move security checks to the early steps of development, a great help may be the presence of a security-aware person… read more »