Some thoughts about SIM Hijacking

The SIM hijacking, also know as SIM swapping, is an attack where a criminal contacts the cell phone provider of a target user, and convinces it (sometimes involving employees of the phone company) to switch target’s account to a SIM that he control.
Since smartphones are often used as a security measure/verification system, this allows the fraudster to take over accounts of the target.

Continue…

DevSecOps: the value of “Security Champions”

In a previous article [1], I’ve started to talk about DevSecOps and the concept of “shifting left” security.
In order to move security checks to the early steps of development, a great help may be the presence of a security-aware person in every scrum team, the so-called “Security Champions“.

Continue…