Chris Soghoian, principal technologist with the American Civil Liberties Union, explained that government surveillance could exploit service update process. Chris Soghoian, principal technologist with the American Civil Liberties Union, during the recent TrustyCon conference highlighted the possibility that the government will exploit automated update services to serve malware and spy on users. Is this the next […]
Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices. A vulnerability in Apple products is once again the center of controversy because and also in this case the user’s privacy is at risk. The excellent team of security researchers at FireEye discovered another […]
Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network  to capture or modify […]
Cyber Defense Magazine (CDM) CYBER WARNINGS JANUARY 2014 EDITION is available for free. Yes, 2014 is here and weâre surrounded by more and more personally identifiable information (PII) theft, as predicted. Keep an eye on these at http://www.privacyrights.org and find out that we all have common  vulnerabilities and exposures (CVEs) which are searchable here at the National Vulnerability Database […]
A post on cybersecurity written by Larry Karisny, director of ProjectSafety.org,a cybersecurity expert,advisor,consultant, writer and industry speaker. Most of the recent attention on cybersecurity has been directed toward the disclosure of NSA activities and recent corporate breaches now reaching record-breaking levels. Both the public and private sectors are beginning to witness how devastating cyber breaches […]
Intego Malware Research Team discovered that OSX Flashback trojan is still active with sinkholing activity. Mac users must be aware. Flashback Trojan is a cyber threat known since 2011, it is a trojan horse that targeted a Java vulnerability on Mac OS X machines, early 2012 it spread to infect up to 600,000 machines as […]
Leaked documents shared by Der Spiegel show how NSA spyware codenamed DROPOUTJEEP can spy on every Apple iPhone. Apple denies any claim. Users buy the iPhone, NSA controls them. This is not a slogan for the last Apple advertising, it is the uncomfortable truth revealed by another set of NSA documents leaked by Snowden and […]
The evad3rs team has released the untethered jailbreak for different Apple devices running running iOS version from 7.0 to 7.0.4. The evad3rs team has released the untethered jailbreak for numerous Apple devices running running iOS version from 7.0 to 7.0.4 including iPhone (4/5/5S/5C), iPad, and iPod. Device jailbreak allows removal of the limitations designed by manufacturer, the procedure […]
Researchers at Kaspersky Lab discovered Apple Safari browser stores previous secure session data unencrypted in a hidden folder. Appleâs Safari browser stores session information including authentication credentials used in previous HTTPS sessions to implement the feature “Reopen All Windows from Last Session”. Safari stores in a plain text XML file called Property list, or plist, […]
NSS Labs issued the report titled “The Known Unknowns” to explain dynamics behind the market of zero-day exploits. Last week I discussed about the necessity to define a model for “cyber conflict” to qualify the principal issues related to the use of cyber tools and cyber weapons in an Information Warfare context, today I decided […]