Threat Post

Justice Department Indicts 12 Russian Nationals Tied to 2016 Election Hacking

Threat Post - Fri, 07/13/2018 - 2:17pm
Indictments are part of special counsel Robert Mueller's investigation of Russian interference in the 2016 elections.
Categories: Threat Post

Indian iPhone Spy Campaign Used Fake MDM Platform

Threat Post - Fri, 07/13/2018 - 1:52pm
Cyberattackers have used a bogus mobile device management (MDM) system to target a small – but presumably high-value – set of iPhones in India in a cyberespionage campaign that has some unusual hallmarks.
Categories: Threat Post

ThreatList: Bug Bounty Payouts Increase Six Percent for Critical Vulnerabilities

Threat Post - Fri, 07/13/2018 - 12:30pm
HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.
Categories: Threat Post

Sextortionists Shift Scare Tactics to Include Legit Passwords

Threat Post - Fri, 07/13/2018 - 12:23pm
The scam emails offer, as proof of compromise, a password associated with the target’s online accounts.
Categories: Threat Post

Unsanctioned Apps Invite Fox into Cybersecurity Hen House

Threat Post - Fri, 07/13/2018 - 10:43am
In this InfoSec Insider, Tim Bandos looks at why network admins will want to keep a close watch on network traffic within the enterprise.
Categories: Threat Post

Hacker Compromises Air Force Captain to Steal Sensitive Drone Info

Threat Post - Thu, 07/12/2018 - 4:04pm
The thief also had a second dataset, including the M1 Abrams maintenance manual, a tank platoon training course, a crew survival course and documentation on improvised explosive device (IED) mitigation tactics.
Categories: Threat Post

Cisco Patches High-Severity Bug in VoIP Phones

Threat Post - Thu, 07/12/2018 - 12:02pm
Cisco also patched three medium-security flaws in its network security offerings; and, it issued a fix for a high-severity bug in its platform for mobile operator routers, StarOS.
Categories: Threat Post

ThreatList: 6-Year-Old Dorkbot Banking Malware Resurfaces as Big Threat

Threat Post - Thu, 07/12/2018 - 11:49am
Old banking malware called Dorkbot has reemerged in 2018 to become a serious threat.
Categories: Threat Post

Chrome Now Features Site Isolation to Defend Against Spectre

Threat Post - Thu, 07/12/2018 - 11:37am
A new feature called site isolation is being tapped to protect Chrome users against Spectre.
Categories: Threat Post

Ticketmaster Breach: Just One Part of a Wide-Ranging Campaign

Threat Post - Wed, 07/11/2018 - 4:33pm
A whopping 800 e-commerce sites around the world have been targeted by the Magecart criminal group so far, according to RiskIQ.
Categories: Threat Post

Multiple Bugs Found in QNAP Q’Center Web Console

Threat Post - Wed, 07/11/2018 - 3:08pm
QNAP said in a security advisorythat it has fixed the issues in Q'Center Virtual Appliance, and urged customers to update to the latest version.
Categories: Threat Post

Deceased Patient Data Being Sold on Dark Web

Threat Post - Wed, 07/11/2018 - 2:30pm
Why are hackers selling medical records of deceased patients?
Categories: Threat Post

Newsmaker Interview: Scott Helme on Securing the Web

Threat Post - Wed, 07/11/2018 - 2:12pm
Scott Helme, the well-known security researcher, international speaker and the founder of the and free tools for web security, has devoted himself to improving the security environment of the internet for the past decade. Threatpost sat down with Helme to discuss the state of web security, particularly on the encryption front — including certificate […]
Categories: Threat Post

Fresh Spectre Variants Come to Light

Threat Post - Wed, 07/11/2018 - 1:48pm
The newly-discovered Spectre variants can be exploited to uncover confidential data via microarchitectural side channels in CPUs.
Categories: Threat Post

Microsoft Fixes 17 Critical Bugs in July Patch Tuesday Release

Threat Post - Tue, 07/10/2018 - 3:50pm
Microsoft patches 17 critical bugs and 34 important bugs as part of its monthly security bulletin.
Categories: Threat Post

Adobe Issues Over 100 Patches for Flash, Acrobat and Reader

Threat Post - Tue, 07/10/2018 - 12:37pm
The company issued fixes for 112 vulnerabilities in products spanning from Flash Player, Acrobat and Reader, Experience Manager, to Adobe Connect.
Categories: Threat Post

Researchers Reveal Workaround for Apple’s USB Restricted Mode

Threat Post - Tue, 07/10/2018 - 9:36am
Researchers released a workaround for Apple's USB Restricted Mode security feature the same day it was rolled out.
Categories: Threat Post

Apple OS Update Lifts Curtain on iPhone USB Restricted Mode

Threat Post - Mon, 07/09/2018 - 4:53pm
Apple has officially added a controversial security feature, USB Restricted Mode, to iPhones as part of its new iOS 11.4.1, released on Monday.
Categories: Threat Post

Polar Fitness App Exposes Location of ‘Spies’ and Military Personnel

Threat Post - Mon, 07/09/2018 - 1:43pm
The fitness app Polar Flow exposes the whereabouts of some of its high-profile users, including “spies” and those with sensitive positions in the military.
Categories: Threat Post

ThreatList: Virtualization-related Bug Reports Jump 275 Percent in 2018

Threat Post - Mon, 07/09/2018 - 11:46am
The Zero Day Initiative said that the number of bugs reported in 2018 is on track to trump its previous busiest year, 2017.
Categories: Threat Post