The SANS Institute is one of the largest organizations that offer information security training and security certification to users worldwide.
In a notification posted recently on their site, the organization states that a phishing attack that target an employee allowed a threat actor to gain access to their email account.

A team of academics from the Ruhr University in Bochum, Germany, has discovered that not all mobile operators follow the 4G standard to the letter of the law: they supports encrypted voice calls, but many calls are encrypted with the same encryption key.

At the DEFCON virtual security conference, security researcher Yamila Levalle outlined how she was able to bypass biometric authentication for a number of different types of fingerprint scanners.

Check Point Research reported finding more than 400 bugs in the code used to control the Digital Signal Processing (DSP) cores in Qualcomm’s Snapdragon chip families.

It’s a question that I’m often asked, from friends, colleagues and clients.

A list that may be useful to readers that are studying for a certification exam or, more simply, to those who just want to have fun!

In a good article on Recode, Sara Morrison made a useful overview on trackers hidden in smartphone SDKs.

Last Microsoft’s Patch Tuesday addressed a 17-year-old vulnerability impacting Microsoft Windows DNS Server, tracked as CVE-2020-1350 and dubbed “SigRed” by ChekPoint‘s researchers.

The CEO of WhatsApp talking about the future of communication and privacy? Yes, in “virtual” TED-Talk!

In a good post on SANS ISC InfoSec Forum, Jan Kopriva shows how windows explorer shell links could be used by an attacker in order to download malicious payloads.