mobile

Pierluigi Paganini March 20, 2014
Tor browser app in the Apple app store is fake

For more than two months is is present in the official App Store a fake version of the Tor Browser app. It’s full of adware and spyware. The Tor Browser is the most popular tool for anonymization of the user’s Internet experience, it’s use is literally exploded after the  disclosure of numerous documents leaked by […]

Pierluigi Paganini March 20, 2014
Fraudulent infrastructure behind 5M harvested Russian phone numbers service

Danchev profiling a service which proposes more than 5M harvested mobile phone numbers has discovered a fraudulent architecture used for illicit purposes. Cybercrime has targeted mobile industry more than ever, the number of attacks is on the rise and the proposal in the underground of tools and services for mobile market is rapidly growing. The […]

Pierluigi Paganini March 20, 2014
FireEye discovered Android spying components in Winspy RAT

FireEye experts investigating on a spear-phishing campaign on an US-based financial institution discovered that common WinSpy RAT was adapted to hit Android devices. FireEye Security Researchers have recently identified a new variant of Winspy RAT that can infect users’ PC and also their Android Devices during synchronization operations. We have a long discussed about the increment for […]

Pierluigi Paganini March 15, 2014
A sophisticated phishing scheme is targeting Google Docs Users

Security Researchers at Symantec detected a new Sophisticated Phishing Scam that is targeting the Google Docs Users with complex social engineering tricks. Phishing is still considerable as one of the major cyber threats, its impact on the IT industry is devastating considering that attackers are adopting new techniques even more sophisticated.  Principal security firms and CERTs […]

Pierluigi Paganini March 14, 2014
WhatsApp flaw allows hackers to steal private Chats on Android devices

A security consultant disclosed a security flaw in WhatsApp which can be exploited to gain access to the private chats of Android device owners.    The recent acquisition of WhatsApp by Facebook has done much to discuss, ever a price so high was paid for an app, but major concerns relate to users’ privacy. The security consultant Bas Bosschert […]

Pierluigi Paganini March 13, 2014
Samsung Galaxy backdoor allows files access on the mobile’s storage

Replicant developers Kocialkowski has discovered a backdoor inside Samsung Galaxy which allows file access on the mobile’s storage. Android is the open source operating system most diffused, but being an open project, there are many customized versions that run  on mobile devices. Almost every mobile phone manufacturer commercializes its devices with a version of the Android OS that […]

Pierluigi Paganini March 06, 2014
Trend Micro report on Chinese Mobile Underground Market

This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]

Pierluigi Paganini March 05, 2014
GnuTLS flaw in certificate verification exposes Linux world to attacks

A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop,  all Debian and Ubuntu Linux distributions and many […]

Pierluigi Paganini March 04, 2014
Soghoian on government surveillance through service update process

Chris Soghoian, principal technologist with the American Civil Liberties Union, explained that government surveillance could exploit service update process. Chris Soghoian, principal technologist with the American Civil Liberties Union, during the recent TrustyCon conference highlighted the possibility that the government will exploit automated update services to serve malware and spy on users. Is this the next […]

Pierluigi Paganini February 27, 2014
FireEye discovered an Apple vulnerability which allows iOS keylogging

Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices. A vulnerability in Apple products is once again the center of controversy because and also in this case the user’s privacy is at risk. The excellent team of security researchers at FireEye discovered another […]