Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 1 min 28 sek zpět

Neptune Exploit Kit Dropping Cryptocurrency Miners Through Malvertisements

22 Srpen, 2017 - 23:51
Researchers say the Neptune, or Terror exploit kit has been spreading Monero cryptocurrency miners via malvertisements.
Kategorie: Viry a Červi

Android Spyware Linked to Chinese SDK Forces Google to Boot 500 Apps

22 Srpen, 2017 - 19:28
More than 500 Android mobile apps have been removed from Google Play after it was discovered that an embedded advertising SDK called Igenix could be leveraged to quietly install spyware on devices.
Kategorie: Viry a Červi

Foxit to Fix PDF Reader Zero Days by Friday

22 Srpen, 2017 - 18:33
Foxit Software says it will fix two vulnerabilities in its PDF reader products that could be triggered through its JavaScript API to execute code.
Kategorie: Viry a Červi

Fuze Patches TPN Handset Vulnerabilities

22 Srpen, 2017 - 14:05
VoIP vendor Fuze earlier this year patched three vulnerabilities that exposed user account information and enabled unauthorized authentication.
Kategorie: Viry a Červi

Industrial Cobots Might Be The Next Big IoT Security Mess

22 Srpen, 2017 - 14:00
Researchers at IOActive are sounding an early alarm on the security of industrial collaboration robots, or cobots. These machines work side-by-side with people and contain vulnerabilities that could put physical safety at risk.
Kategorie: Viry a Červi

Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method

21 Srpen, 2017 - 20:28
Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week.
Kategorie: Viry a Červi

Meeting and Hotel Booking Provider’s Data Found in Public Amazon S3 Bucket

21 Srpen, 2017 - 17:13
Personal and business data belonging to Boston area meeting and hotel booking provider Groupize was discovered in a publicly accessible Amazon Web Services S3 bucket, which has since been locked down.
Kategorie: Viry a Červi

Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket

18 Srpen, 2017 - 19:55
Voter registration data belonging to the entirety of Chicago’s electoral roll—1.8 million records—was found a week ago in an Amazon Web Services bucket.
Kategorie: Viry a Červi

It’s Not Exactly Open Season on the iOS Secure Enclave

18 Srpen, 2017 - 18:00
Despite yesterday's leak of the Apple iOS Secure Enclave decryption key, experts are urging calm over claims of an immediate threat to user data.
Kategorie: Viry a Červi

Threatpost News Wrap, August 18, 2017

18 Srpen, 2017 - 15:30
Mike Mimoso and Tom Spring discuss this week's security news, including a discussion on recent hijacking of popular Chrome extensions and Adobe's decision to end-of-life Flash Player.
Kategorie: Viry a Červi

Hacker Publishes iOS Secure Enclave Firmware Decryption Key

18 Srpen, 2017 - 02:32
A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor.
Kategorie: Viry a Červi

Cisco Patches Privilege Escalation Bugs in APIC

17 Srpen, 2017 - 21:55
Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine.
Kategorie: Viry a Červi

Drupal Patches Critical Access Bypass in Core Engine

17 Srpen, 2017 - 21:50
A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.
Kategorie: Viry a Červi

Rowhammer Attacks Come to MLC NAND Flash Memory

17 Srpen, 2017 - 19:48
IBM researchers have demonstrated a filesystem-level version of the Rowhammer attack against MLC NAND flash memory.
Kategorie: Viry a Červi

Locky Ransomware Variant Slips Past Some Defenses

16 Srpen, 2017 - 23:41
Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.
Kategorie: Viry a Červi

Flash’s Final Countdown Has Begun

16 Srpen, 2017 - 19:59
The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.
Kategorie: Viry a Červi

Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack

16 Srpen, 2017 - 19:33
A.P. Moller -Maersk said June's NotPetya wiper malware attacks would cost the world's largest shipping container company $300M USD in lost revenue.
Kategorie: Viry a Červi

Google Removes Chrome Extension Used in Banking Fraud

16 Srpen, 2017 - 17:14
Google has removed the Interface Online Chrome extension from the Chrome Web Store. The plugin was used by criminals in Brazil to target corporate users with the aim of stealing banking credentials.
Kategorie: Viry a Červi

Seven More Chrome Extensions Compromised

15 Srpen, 2017 - 20:58
The list of compromised Chrome extensions that hijack traffic and substitute advertisements on victims’ browsers grows.
Kategorie: Viry a Červi

Attackers Backdoor Another Software Update Mechanism

15 Srpen, 2017 - 20:00
Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.
Kategorie: Viry a Červi