Here’s the story of how a casual conversation uncovered a huge security hole in one of the most reliable messaging services. Story time It was Thursday afternoon: we were chatting as usual and suddenly Alfredo shows us an XSS in an Argentinian government site (don’t worry, it’s been reported). He was using the Signal add-on for Chrome. Javier and I were using the desktop version,...
Read More
An important warning for people using widely used email encryption tools—PGP and S/MIME—for sensitive communication. A team of European security researchers has released a warning about a set of critical vulnerabilities discovered in PGP and S/Mime encryption tools that could reveal your encrypted emails in plaintext. What’s worse? The vulnerabilities also impact encrypted emails you sent in the past. PGP, or Pretty Good Privacy, is...
Read More
Grant West, a cunning hacker who goes by the online handle of “Courvoisier” on the Dark Web has been arrested by British police. The 26-year-old hacker is known for hacking over 200 companies around the world including Apple, Asda, Uber, and Just Eat, Groupon, and Nectar etc. West not only breached the security of these companies but also stole their user data before selling them on the...
Read More
Last week, the European Central Bank has published the European framework for testing financial sector resilience to cyber attacks. The framework aims to simulate the effects of cyber attacks on critical systems in the banking industry in the European Union. The move is the response to the numerous cyberheists that hit the financial industry in the past years, like the attacks against the SWIFT system and the assault against online...
Read More
The upcoming version of the Android OS —codenamed only Android P for the moment— will block applications from accessing and monitoring the operating system’s network activity. Android project developers took this decision to improve the operating system’s privacy and prevent user-installed apps from sniffing on the user’s network activity outside the app. /proc/net access abused by apps Currently, apps can access networking data by requiring...
Read More