Security Alerts & News
by Tymoteusz A. Góral

#1693 Netflix account takeover through automated phone calls
In the last few weeks I took a closer look on caller ID spoofing and the impact which this “feature” can have on todays online services. A few months ago I came across a great blogpost from Shubham Shah which is an Australian security researcher and pentester. You can find the post here.

He did great work 2 ½ years ago – he analyzed the impact of caller ID spoofing on 2 factor authentication on many popular services like Google, Facebook and so on. The caller ID is basically the number which gets displayed on the phone on the receiving end of the call. He was able to bypass the 2 factor authentication on this services quite effectively. For bypassing 2FA he used a long known issue which affects the authentication of voicemails - I will cover this topic in detail later on in this post.
Read more
#1695 The first cryptor to exploit Telegram
#1694 What the Trump win means for tech, science, and beyond
#1693 Netflix account takeover through automated phone calls
#1692 Pawn Storm ramps up spear-phishing before zero-days get patched
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12