Researchers at CheckPoint said that over half of all Android handsets are vulnerable to a over-the-air (OTA) SMS phishing attack that could allow an attacker to route all internet traffic through a rogue proxy that can sniff traffic and steal information about (for example) email accounts and directory servers for synchronizing contacts and calendars.
Are you a privacy obsessed? You can do everything in your power to avoid being tracked through your phone, such as change OS, avoid Google‘s services, only use open-source apps from F-Droid, turn off WiFi and location services but…there is one thing that is majorly overlooked.
Michał Brygidyn is an AWS DevOps engineer with AWS Certified Security and a security researcher with CompTIA Security+ certification. In this post on the PGS Software Blog, he shares some interesting tips about Cloud Security on AWS.
Security researchers from Google’s Project Zero team say they have discovered a number of compromized websites which used previously undisclosed security flaws to attack any iPhone that visited them.
During a penetration test, once you get a local access to a target, you should start a local assessment of the machine in order to plan a correct tactic for privileges escalation and lateral movement.