Threatpost

Syndikovat obsah
The First Stop For Security News
Aktualizace: 55 min 47 sek zpět

Video: Bishop Fox on Device Threats and Layered Security

1 hodina 58 min zpět
Bishop Fox's Christie Terrill talks to us about IoT security and other trends at Black Hat 2018 this month.
Kategorie: Hacking & Security

Google Faces Legal Turmoil After Location Tracking Debacle

2 hodiny 44 sek zpět
After a report said Google tracks users even when they opt out, the company is under fire from activists and has been slapped with a lawsuit.
Kategorie: Hacking & Security

Canadian Telcos Patch an APT-Ready Flaw in Disability Services

20 Srpen, 2018 - 22:49
An attacker could escalate privileges on the server, further penetrating the network, harvesting customer information or mounting credible social-engineering campaigns.
Kategorie: Hacking & Security

Side-Channel PoC Attack Lifts Private RSA Keys from Mobile Phones

20 Srpen, 2018 - 22:42
Researchers launched a Proof-of-Concept attack on two Android mobile phones and an embedded system board.
Kategorie: Hacking & Security

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw

20 Srpen, 2018 - 18:39
The recently-patched flaw could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Kategorie: Hacking & Security

GandCrab’s Rotten EGGs Hatch Ransomware in South Korea

20 Srpen, 2018 - 18:07
This could mark yet another reinvention for the VenusLocker group, which has mostly been focused on cryptomining this year.
Kategorie: Hacking & Security

Philips Vulnerability Exposes Sensitive Cardiac Patient Information

17 Srpen, 2018 - 21:07
The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose.
Kategorie: Hacking & Security

Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks

17 Srpen, 2018 - 20:47
A new email campaign includes a Microsoft Office Publisher file with malicious URLs leading to the FlawedAmmyy RAT.
Kategorie: Hacking & Security

Severe PHP Exploit Threatens WordPress Sites with Remote Code Execution

17 Srpen, 2018 - 20:03
The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF.
Kategorie: Hacking & Security

AT&T Faces $224M Legal Challenge Over SIM-Jacking Rings

17 Srpen, 2018 - 18:47
Cryptocurrency angel investor Michael Terpin seeks damages for "gross negligence" by the carrier, alleging it turned a blind eye to store employees' malicious activities.
Kategorie: Hacking & Security

ThreatList: Almost Half of the World’s Top Websites Deemed ‘Risky’

17 Srpen, 2018 - 15:46
An analysis of the world's most-visited websites shows that vulnerable software, too much active content and large amounts of code execution open visitors to a raft of potential dangers.
Kategorie: Hacking & Security

ATM Heists Only Set to Accelerate After $13M Break-In

17 Srpen, 2018 - 13:00
The Cosmos Bank incident is only the latest, not the last, thanks to lagging security practices.
Kategorie: Hacking & Security

Highly Flexible Marap Malware Enters the Financial Scene

16 Srpen, 2018 - 22:24
A new downloader, which has been spotted in an array of recent email campaigns, uses anti-analysis techniques and calls in a system fingerprinting module.
Kategorie: Hacking & Security

New Trickbot Variant Touts Stealthy Code-Injection Trick

16 Srpen, 2018 - 19:58
Trickbot is back, this time with a stealthy code injection trick.
Kategorie: Hacking & Security

‘China’s MIT’ Linked to Espionage Campaign Against Alaska, Economic Partners

16 Srpen, 2018 - 19:06
The targets were scanned millions of times, and are all in some way linked to China's ongoing economic development activities, according to Recorded Future.
Kategorie: Hacking & Security

Google Expands Bug-Bounty Program to Battle Abuse Methods

16 Srpen, 2018 - 16:45
The program focuses on potential abuse methods across Google's product-specific channels like Google+, Youtube, Gmail and Blogger.
Kategorie: Hacking & Security

Open MQTT Servers Raise Physical Threats in Smart Homes

16 Srpen, 2018 - 15:44
Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.
Kategorie: Hacking & Security

ThreatList: Telecom Sector Plagued with Advanced Malware

16 Srpen, 2018 - 15:00
Advanced behavior malware threats are targeting telecom services - at a higher level than the global average, researchers found.
Kategorie: Hacking & Security

Google Chrome Bug Opens Access to Private Facebook Information

16 Srpen, 2018 - 14:00
The method could be used to deduce the age, sex, likes or the location history of a user – essentially, the attacker can play “20 questions” to profile the victim.
Kategorie: Hacking & Security

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

15 Srpen, 2018 - 22:42
The tricky Cortana flaw, CVE-2018-8253, was addressed by Microsoft during Patch Tuesday.
Kategorie: Hacking & Security