Threatpost

Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 32 min 1 sek zpět

SMSVova Spyware Hiding in ‘System Update’ App Ejected From Google Play Store

22 Duben, 2017 - 14:00
An Android app that falsely claimed to be a tool for keeping smartphones up-to-date with the latest version of the OS was found surreptitiously tracking the physical location of it users using spyware called SMSVova.
Kategorie: Hacking & Security

Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug

21 Duben, 2017 - 22:00
Microsoft fixed a bug in Skype last month that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application.
Kategorie: Hacking & Security

Threatpost News Wrap, April 21, 2017

21 Duben, 2017 - 17:20
Last Friday's ShadowBrokers dump, Microsoft ditching passwords, and a new car dongle hack are all discussed.
Kategorie: Hacking & Security

Google Pleads for Better Cross-Border Exchange of Digital Evidence

21 Duben, 2017 - 16:30
Google asked for MLAT reform, and released its biannual Transparency Report revealing it received a record number of government requests for user data.
Kategorie: Hacking & Security

Mirai and Hajime Locked Into IoT Botnet Battle

21 Duben, 2017 - 15:26
A white hat hacker is believed responsible for the Hajime IoT botnet because its main objective appears to be to secure IoT devices vulnerable to the notorious Mirai malware.
Kategorie: Hacking & Security

Google Fixes Unicode Phishing Vulnerability in Chrome 58, Firefox Standing Pat

20 Duben, 2017 - 20:32
Google fixed a vulnerability that could've let an attacker carry out phishing attacks with Unicode domains in Chrome but Mozilla is holding off - for now.
Kategorie: Hacking & Security

20 Linksys Router Models Vulnerable To Attack

20 Duben, 2017 - 18:38
Researchers say more than 100,000 Linksys routers in use today could be vulnerable to 10 flaws found in 20 separate router models made by the company.
Kategorie: Hacking & Security

Stuxnet LNK Exploits Still Widely Circulated

20 Duben, 2017 - 18:15
Endpoints are still encountering exploits for the LNK vulnerability, one of the principal infection mechanisms used by the Stuxnet worm.
Kategorie: Hacking & Security

Drupal Closes Access Bypass Vulnerability in Core Engine

20 Duben, 2017 - 15:57
Drupal released a point update for its core engine to patch a critical access bypass vulnerability.
Kategorie: Hacking & Security

Microsoft Touts New Phone-Based Login Mechanism

19 Duben, 2017 - 22:08
Microsoft announced this week its giving users a new way to sign into their accounts without long and complicated passwords.
Kategorie: Hacking & Security

Patched Flaw in Bosch Diagnostic Dongle Allowed Researchers to Shut Off Engine

19 Duben, 2017 - 18:58
Two vulnerabilities were identified in Bosch’s Drivelog Connect OBD-II dongle and smartphone app that allowed researchers to shut off the engine of a vehicle.
Kategorie: Hacking & Security

Record Oracle Patch Update Addresses ShadowBrokers, Struts 2 Vulnerabilities

19 Duben, 2017 - 13:20
Oracle released a record 299 patches, including a fix for a Solaris vulnerability disclosed by the ShadowBrokers, and another for the recently disclosed Apache Struts 2 flaw.
Kategorie: Hacking & Security

IHG Confirms Second Credit Card Breach Impacting 1,000-Plus Hotels

18 Duben, 2017 - 20:15
InterContinental Hotels Group said on Friday that it found malware designed to access payment card data at more than 1,000 of its hotels.
Kategorie: Hacking & Security

Facebook Delegated Account Recovery SDKs Published for Java, Ruby Apps

18 Duben, 2017 - 19:45
At F8 today, Facebook released SDKs and documentation for the integration of Delegated Account Recovery into Java, NodeJS and Ruby applications.
Kategorie: Hacking & Security

Low-Cost Ransomware Service Discovered

18 Duben, 2017 - 14:23
A new ransomware-as-a-service called Karmen appeals to ransomware newbies with a low price, easy setup and developer updates.
Kategorie: Hacking & Security

Wave of Java-Based RATs Target Tax Filers

17 Duben, 2017 - 21:13
A rash of Java-based remote access Trojans is targeting tax filers with bogus IRS attachments.
Kategorie: Hacking & Security

ShadowBrokers’ Windows Zero-Days Already Patched

17 Duben, 2017 - 20:06
Microsoft eased some anxiety over the latest ShadowBrokers dump of Windows zero days with news most of the vulnerabilities had already been patched.
Kategorie: Hacking & Security

VMware Fixes Critical RCE in vCenter Server

17 Duben, 2017 - 18:05
VMware patched a critical vulnerability in its vCenter Server platform late last week that could have let an attacker execute arbitrary code in some scenarios.
Kategorie: Hacking & Security

ShadowBrokers Expose NSA Access to SWIFT Service Bureaus

14 Duben, 2017 - 23:08
The latest ShadowBrokers dump includes exploits that allowed the NSA to target SWIFT data managed by outsourced service bureaus in the Middle East.
Kategorie: Hacking & Security

Google Making Life Difficult for Ransomware to Thrive on Android

14 Duben, 2017 - 16:00
At the Kaspersky Lab Security Analyst Summit, Android Security Team malware analyst Elena Kovakina explained Google’s strategy for countering ransomware on Android.
Kategorie: Hacking & Security