• Nov 14, 2019

    Vulnerabilities in 5G protocol may allows to track users and make fake emergency alerts

    Security researchers at Purdue University and the University of Iowa have found new vulnerabilities that can be used to track a victim’s real-time location, spoof emergency alerts or silently disconnect a phone from the 5G network. Despite some net neutrality… read more »
  • Nov 13, 2019

    A glitch on Facebook App's UI reveals a weird camera activity

    UPDATE 2019/11/14: Facebook released version 247.0 that fixes the glitch. Joshua Maddux published on his Twitter account a video captured from an iPhone running iOS 13.2.2: in this video, a glitch in the interface of Facebook App reveals that the… read more »
  • Nov 12, 2019

    The myths of VPNs

    Some days ago, a group of servers belonging to multiple VPN providers has been breached.After this events, many people have expressed doubts about the real usefulness of VPNs. In my opinion, VPNs are great privacy tools, but some providers tryes… read more »
  • Nov 11, 2019

    My Weekly RoundUp #115

    Over the past seven days, i've read a lot of interesting news.So, today let's talk about the BerlusconiMarket shutdown, LulSecITA and FifthOfNovember, ransomware attack on a hospital, GoLang birthday, Apple vs. Electron, EA and VisualStudio, GraphQL, strange naming policies for… read more »
  • Nov 8, 2019

    MESSAGETAP: Eavesdropping on SMS Messages inside Telco Networks

    FireEye reports on a Chinese-sponsored espionage campaign to eavesdrop on text messages, violating telco servers: yet another example that demonstrates why end-to-end message encryption is so important. A new malware, dubbed “Messagetap”, developed by the Chinese APT41 [2] hacker group… read more »
  • Nov 7, 2019

    Some thoughts about WS-Discovery DDoS attacks

    Security researchers from Akamai published interesting details about the Web Services Dynamic Discovery (WS-Discovery) protocol, which they say can be abused to launch massive DDoS attacks. What is WS-Discovery? WS-Discovery is a multicast protocol that can be used on local networks… read more »
  • Nov 6, 2019

    Light Commands: hacking voice assistants via laser beam

    Researchers from the University of Michigan and the University of Electro-Communications in Tokyo, demonstrated that is possible to hack smart voice assistants like Siri, Alexa and Google using a lasers beam to send them inaudible commands. This new technique, dubbed… read more »
  • Nov 5, 2019

    A brand-new mass attack uses BlueKeep exploit to infect with Monero miners

    It was just a matter of time: the first "mass exploiting" of BlueKeep vulnerability is spotted in the wild.If you haven’t already patched your servers, do it asap! Last sunday, security researcher Kevin Beaumont posted a tweet about a large… read more »