Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 55 min 13 sek zpět

Triton Malware Targets Industrial Control Systems in Middle East

15 Prosinec, 2017 - 19:30
Malware intended for a “high-impact” attack against safety systems likely would of caused physical damage to a targeted company located in the Middle East.
Kategorie: Hacking & Security

Synaptics Says Claims of a Keylogger in HP Laptops are False

14 Prosinec, 2017 - 22:26
Synaptics said reports that hundreds of HP laptops contained a secret keylogger that traced back to debugger software made by the company are inaccurate.
Kategorie: Hacking & Security

Permissions Flaw Found on Azure AD Connect

14 Prosinec, 2017 - 18:43
A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network. 
Kategorie: Hacking & Security

19-Year-Old TLS Vulnerability Weakens Modern Website Crypto

13 Prosinec, 2017 - 20:33
New research shows how an old vulnerability called ROBOT can be exploited using an adaptive chosen-ciphertext attack to reveal the plaintext for a given TLS session.
Kategorie: Hacking & Security

Microsoft December Patch Tuesday Update Fixes 34 Bugs

12 Prosinec, 2017 - 23:12
Microsoft patched 34 vulnerabilities in all on Tuesday with most of the bugs impacting Microsoft Edge, Microsoft Office and Microsoft’s Scripting Engine.
Kategorie: Hacking & Security

New Spider Ransomware Comes With 96-Hour Deadline

12 Prosinec, 2017 - 20:01
A ransomware campaign targeting the Balkans comes with a 96-hour deadline and includes a link to a video that assures victims payments can be made easily.
Kategorie: Hacking & Security

Vulnerability Found in Two Keyless Entry Locks

12 Prosinec, 2017 - 00:34
Researchers are warning of a default-configuration vulnerability in the enterprise-class keyless entry products made by AMAG Technology.
Kategorie: Hacking & Security

Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models

11 Prosinec, 2017 - 18:59
HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger.
Kategorie: Hacking & Security

Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code

8 Prosinec, 2017 - 23:20
An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps.
Kategorie: Hacking & Security

Apple Fixes Flaw Impacting HomeKit Devices

8 Prosinec, 2017 - 16:31
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.
Kategorie: Hacking & Security

Banking Apps Found Vulnerable to MITM Attacks

7 Prosinec, 2017 - 19:51
Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks.
Kategorie: Hacking & Security

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

6 Prosinec, 2017 - 20:48
As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical.
Kategorie: Hacking & Security

TeamViewer Rushes Fix for Permissions Bug

5 Prosinec, 2017 - 22:04
TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission.
Kategorie: Hacking & Security

Developers Targeted in ‘ParseDroid’ PoC Attack

5 Prosinec, 2017 - 18:27
A proof of concept attack developed by researchers target users of the development platforms for Android and Java.
Kategorie: Hacking & Security

Google Cracks Down On Nosy Android Apps

4 Prosinec, 2017 - 21:28
Google beefs up privacy protections on apps distributed via third-party Android marketplaces and Google Play that that collect personal data without user consent.
Kategorie: Hacking & Security

Ursnif Trojan Adopts New Code Injection Technique

4 Prosinec, 2017 - 17:41
Researchers have found a variant of Ursnif Trojan they said is a “v3 build” that targets Australian bank customers with new redirection attack techniques.
Kategorie: Hacking & Security

Flaw Found In Dirty COW Patch

1 Prosinec, 2017 - 17:43
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016.
Kategorie: Hacking & Security

Cisco Patches Critical Playback Bugs in WebEx Players

30 Listopad, 2017 - 20:22
A Cisco Systems security advisory is urging users of its WebEx platform to patch six vulnerabilities that could allow attackers to execute remote code.
Kategorie: Hacking & Security

RAT Distributed Via Google Drive Targets East Asia

30 Listopad, 2017 - 18:02
Researchers say a new remote access Trojan dubbed UBoatRAT is targeting individuals or organizations linked to South Korea or video games industry.
Kategorie: Hacking & Security

Apple Announces Emergency Patch to Fix High Sierra Login Bug

29 Listopad, 2017 - 19:17
Apple said on Wednesday that it will rush an emergency patch to users that fixes an embarrassing login bug in its High Sierra operating system.
Kategorie: Hacking & Security