car-hack

Chinese Researchers Remotely Hack Tesla Model S (Update)

Security researchers from China-based tech company Tencent have identified a series of vulnerabilities that can be exploited to remotely hack an unmodified Tesla Model S while it’s parked or on the move. The researchers managed to perform various actions. While the vehicle was parked, the experts demonstrated that they could: control the sunroof, the turn signals, the position of the seats, all the displays, the door locking system. While the car was on the move, the white hat hackers showed that they could activate the windshield wipers, fold the side view mirrors, and open the trunk. They also demonstrated that…

Read More

yahoo

Yahoo was hacked in 2014 and lost the credentials of over 500Mil accounts

Oh boy…. they were hacked two years ago and they say it was a “state sponsored attack”. What the hack is that ?! How do you differentiate a hack done by an employee from a state sponsored attack? Let’s take it step by step: Yahoo has started to write to all affected customers this email: https://s.yimg.com/sf/support/en-us-security-notice-content.pdf Below is the text of the email notice sent by Yahoo to potentially affected users. Please note that the email from Yahoo about this issue does not ask you to click on any links or contain attachments and does not request your personal information. If an…


wired

Annoying Internet Ads: An Open Letter To Digital Marketers Everywhere

I gave a nice interview to MICHAEL O’DWYER for IPSwitch and he wrote the following article: Annoying Internet Ads: An Open Letter To Digital Marketers Everywhere “Ads consume bandwidth, especially those delivered as Flash or code. If you’re on a mobile device, with a small screen, the ads will also cover a good portion of the screen, thus making it difficult or even impossible to see the desired content you want to see,” says Sorin Mustaca, CSSLP, Security+, Project+, an independent IT security consultant. “[Over] the last 3 years, we hear[d] more and more about malvertising — the delivery of malicious software…


2016-08-31 08.18.01

Dropbox was breached in 2012, the data is now online – a quote in SecurityWeek

68 Million Exposed in Old Dropbox Hack By Ionut Arghire on August 31, 2016 In an email response to a SecurityWeek inquiry, IT security expert Sorin Mustaca said that the surprising fact is that the 2012 hack of Dropbox didn’t emerge earlier, along with the other mega-breaches. He also notes that the use of the SHA1 hashing algorithm with salting improves the security of these passwords. “Fortunately, Dropbox was using the SHA 1 hashing algorithm (today this is not considered “strong” anymore) and it was using salting even in 2012 – an operation that many other services don’t do even…


pexels-photo-14551-large

How to easily secure your smartphone

Most people these days have a smartphone. These phones are actually no longer just mobile phones, in reality they are powerful mobile computers with several GB RAM, multicore CPUs and many GB storage. Despite these characteristics which bring them closer to computers than to phones, most of their users don’t consider security and privacy in the way they should do with their personal mobile computers. Actually, users are split in two categories: those who care about security and privacy and those who don’t. The advices below are meant to address both categories and they are sorted according to the difficulty…


blog2-default_header

Awesome Malware Analysis – Resources

Source and credit: https://github.com/rshipp/awesome-malware-analysis   I save it here for easier reference. Do note that this list grows a lot !   A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Awesome Malware Analysis Malware Collection Anonymizers Honeypots Malware Corpora Open Source Threat Intelligence Tools Other Resources Detection and Classification Online Scanners and Sandboxes Domain Analysis Browser Malware Documents and Shellcode File Carving Deobfuscation Debugging and Reverse Engineering Network Memory Forensics Windows Artifacts Storage and Workflow Miscellaneous Resources Books Twitter Other Related Awesome Lists Contributing Thanks Malware Collection Anonymizers Web traffic anonymizers for analysts….


car-hack

Car hacking again… now at high speed!

Not even a week has passed since I was writing about “Not yet worried about vehicle hacking? You should be!” and we see in the news that at Blackhat that exactly this is happening. At BlackHat USA this week, the security researchers Charlie Miller and Chris Valasek are scheduled to present their latest findings in the world of car hacking. Again ! Miller and Valasek have already made names for themselves last year with the dramatic hacking of Jeep Cherokee, a interfering with its entertainment system, engine and brakes, while it was being driven down a busy highway at 70mph. Fiat Chrysler announced…


car-hack

Not yet worried about vehicle hacking? You should be!

  As a matter of fact, it is not only vehicles that can be hacked, actually any IoT device can be hacked. AV-Test.org published this paper about vulnerabilities in the fitness wristbands and Apple Watch, which shows how they tested and how secure the devices are. However, a hack of these IoT devices is not as dangerous as hacking a vehicle. I am not saying that they don’t matter, on the contrary. This is why I am mostly interested in vehicles: hacking can be dangerous and it is, with manufacturer’s permission at least, to improve their security.   According to the RSA…


2016-07-20 12.40.08

IT Security News has its own Android App

I have finally found the time to make the app I always wanted to have for the “IT Security News” service.   Here is the page on Google’s Play Store: And the screenshots of the app:       Right now it is available only on Android devices, soon it will be available in the Apple’s Appstore.   Help me spread the word about it so that I can have some downloads 😉 Thanks.


fbpurity

How to get rid of Pokemons in your Facebook feed

Short version For those who are really, really, pissed off: Install FB Purity: http://www.fbpurity.com/ Open the FB Purity Facebook app by clicking on the word “FBP” near the search bar. Write in the main screen the word “pokemon” Save the configuration Enjoy your Pokemon free feed   Longer version Go and install FB Purity from http://www.fbpurity.com/install.htm. This means that you need to install an extension for your browser. F.B. Purity is compatible with the following web browsers: Firefox, Google Chrome, Safari, Opera and Maxthon, running on Windows, Mac, Linux. Open the FB Purity Facebook app by clicking on the word “FBP” near…


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close