Threatpost

Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 50 min 33 sek zpět

Creating a More Altruistic Bug Bounty Program

7 Duben, 2017 - 20:22
David Jacoby and Frans Rosén said at this year's Security Analyst Summit they offered companies free pen-testing and raised $15,000 for charity in the process.
Kategorie: Hacking & Security

Apache Struts 2 Exploits Installing Cerber Ransomware

7 Duben, 2017 - 18:46
Attackers are attempting to exploit the recent Apache Struts vulnerability on Windows servers and the payload is a variant of the Cerber ransomware.
Kategorie: Hacking & Security

Samsung Tizen Security ‘Feels like 2005’

7 Duben, 2017 - 17:50
A researcher at the Security Analyst Summit described the insecure state Samsung’s Tizen operating system.
Kategorie: Hacking & Security

Chrome Security Team Tackles ‘Friendly Fire’ To Keep Browser Safe

6 Duben, 2017 - 20:27
Justin Schuh, lead engineer of Chrome Security, said ensuring browser security for Chrome users is a balancing act juggling OEM pressures, questionable certificate authorities and quashing third-party software incompatibility issues.
Kategorie: Hacking & Security

Malware Scanning Services Containers for Sensitive Business Information

5 Duben, 2017 - 19:01
At the Kaspersky Lab Security Analyst Summit, one researcher shared how he was able to find corporate emails, confidential business plans and classified FBI flash alerts.
Kategorie: Hacking & Security

Security Analyst Summit 2017 Day Two Recap

5 Duben, 2017 - 17:16
Mike Mimoso and Chris Brook recap the second day of Kaspersky Lab's Security Analyst Summit, including how a Brazilian bank was compromised, and more.
Kategorie: Hacking & Security

Android Variant of Notorious Pegasus Spyware Found

5 Duben, 2017 - 00:10
Researchers say a variant of the notorious surveillance software called Pegasus has been targeting Android users allowing third parties to take screenshots, capture audio, read email and exfiltrate data from targeted phones.
Kategorie: Hacking & Security

Details Around Romanian Phishing Kit Creator, Campaign Revealed

4 Duben, 2017 - 23:46
Researchers at the Security Analyst Summit on Monday divulged details behind the alleged creator of a Romanian phishing kit.
Kategorie: Hacking & Security

Lessons From Top-to-Bottom Compromise of Brazilian Bank

4 Duben, 2017 - 21:50
Hackers pulled off a stunning compromise of a Brazilian bank’s operations, gaining control of each of the bank’s 36 domains, corporate email and DNS.
Kategorie: Hacking & Security

Trump Signs Repeal of ISP Privacy Rules

4 Duben, 2017 - 20:59
President Trump signed a resolution to complete the overturning of internet privacy protections that would have prevented ISPs from tracking you online without first asking users to opt-in.
Kategorie: Hacking & Security

New RAT Targets Koreans And Is Skilled At Evading Detection

4 Duben, 2017 - 17:35
Cisco Talos researchers spot a stealthy new remote administration tool calling ROKRAT that targets Korean-language Microsoft Word alternative Hangul Word Processor.
Kategorie: Hacking & Security

Security Analyst Summit 2017 Day One Recap

4 Duben, 2017 - 00:53
Mike Mimoso and Chris Brook recap the first day of this year's Security Analyst Summit, including Mark Dowd's memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT.
Kategorie: Hacking & Security

Lazarus APT Spinoff Linked to Banking Hacks

3 Duben, 2017 - 22:38
The Lazarus Group has splintered off a group whose mission is to attack banks and steal money in order to fund its operations.
Kategorie: Hacking & Security

Fileless Banking Malware Attackers Break In, Cash Out, Disappear

3 Duben, 2017 - 21:57
Attackers behind February's fileless malware attacks dropped malware on some bank ATMs that gave them the ability to dispense money, "at any time, at the touch of a button."
Kategorie: Hacking & Security

Lines Around Cyber Threat Intelligence Sharing Blurring

3 Duben, 2017 - 20:00
The lines between between information shared between intelligence services, companies, and the government are getting increasingly blurry, a Georgetown professor warned.
Kategorie: Hacking & Security

Memory Corruption Mitigations Doing Their Job

3 Duben, 2017 - 19:00
At the Security Analyst Summit, Mark Dowd described how memory corruption mitigations are successfully driving up exploit development costs.
Kategorie: Hacking & Security

Fake SEO Plugin Used In WordPress Malware Attacks

3 Duben, 2017 - 18:29
Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.
Kategorie: Hacking & Security

Russian-Speaking Turla Joins APT Elite

3 Duben, 2017 - 18:09
Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker.
Kategorie: Hacking & Security

Verizon Rebuts Critics of Data-Collecting App

31 Březen, 2017 - 22:33
The Electronic Frontier Foundation retracted a blog post today highly critical of Verizon and the upcoming rollout of an app called AppFlash made by Evie Labs.
Kategorie: Hacking & Security

Threatpost News Wrap, March 31, 2017

31 Březen, 2017 - 17:55
This year's Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.
Kategorie: Hacking & Security