Passa ai contenuti principali

Post

In primo piano

2FA - Smartphone

Limitazioni How Hackers Bypass Gmail 2FA at Scale
A new Amnesty International report goes into some of the technical details around how hackers can automatically phish two-factor authentication tokens sent to phones.
https://www.vice.com/en_us/article/bje3kw/how-hackers-bypass-gmail-two-factor-authentication-2fa-yahoo

The Return of The Charming Kitten
A review of the latest wave of organized phishing attacks by Iranian state-backed hackers
https://blog.certfa.com/posts/the-return-of-the-charming-kitten/

Real-time phishing tool:
Modlishka is a powerful and flexible HTTP reverse proxy....can be currently used to: Support ethical phishing penetration tests with a transparent and automated reverse proxy component that has a universal 2FA “bypass” support.https://github.com/drk1wi/Modlishka
SMS OTP interception

Thieves drain 2fa-protected bank accounts by abusing SS7 routing protocol https://arstechnica.com/information-technology/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-r…

Ultimi post

TOR

Report on hacking tools

Provetta 2018 - commenti

Ships

VPN

IoT / ICS

Threat intelligence

ARP spoofing / ARP poisoning

Sidejacking - "infilarsi" in una sessione HTTP autenticata

Spam