Last year, at DEF CON‘s Recon Village and Bsides Las Vegas, I gave a talk explaining a new OSINT technique to obtain a target’s phone number by knowing their email address. Feel free to read the detailed post explaining the techniques or watch the talk. If you insist on a TL;DR, I demonstrate how the …
Lately I’ve been spending time researching weaknesses and attack vectors in password reset options. At BSides Las Vegas I presented a tool called “Ransombile”. It automates the password reset process over SMS for many Alexa top 100 websites and facilitates targeted attacks when having physical access to locked mobile devices for a short period of …
A while ago, I was at a friend’s house and he mentioned he had to join a work meeting. He used Google Meet to join. The WiFi was acting weird and he was not able to follow the discussion. Someone suggested that he could “call in” making a regular phone call. I overheard that and immediately found …
There are more mobile devices than actual people on this planet. These contain loads of personal information, private files and sensitive data. We carry them everywhere at all times and as such, we are prone to lose them or leave them unattended. What are the real consequences of doing so? News like the Apple vs FBI …
I just achieved one of my career goals, giving a talk at DEF CON. What an incredible experience, I cannot thank enough the amazing people that make this con happen. My talk’s title was “Compromising online accounts by cracking voicemail systems” and I thought I write a blog post about it for people that was …
Introduction Apple introduced a new set of features in iOS 8 and Yosemite under the name “Continuity”. These features allow iPhones to work with other iDevices such as Macs and iPads in new ways. Handoff, Instant hotspot and Airdrop are some of the new services offered by Continuity. Among these new services is one named …
As part of a Red Team engagement I found myself looking for a way to bypass two-factor authentication (2FA) in Lastpass. Unfortunately this happened before Tavis Ormandy reported multiple 0-days in Lastpass. Would have saved us so much time! Anyway, 2FA is an additional layer of security to protect user accounts from attackers that have already compromised your password. I mention …
Venmo is a very popular mobile app which simplifies payments among friends. Once you link your bank account or credit card, you can start sending money to others, instantly. With Venmo, you are not limited to just make payments. It allows you to charge others as well. Say your friend had no cash for that tasty burrito …
I am back from Amsterdam after presenting our research at Blackhat “Even the LastPass Will be Stolen, Deal with It!” together with Alberto Garcia. We had a blast at the conference and we got great feedback from the audience. Many asked for the video, slides, etc. so I though it was worth writing a post …
Today, LastPass issued a security notice on their blog explaining that they detected some suspicious activity on their network. They believe that “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised” but also that the encrypted passwords (the vault) was not accessed. What does all this really mean? I found …