Feed aggregator

House Committee Initiates NIST-NSA Separation on Crypto Standards

Threatpost for B2B - Tue, 05/27/2014 - 10:54
The House Science and Technology Committee approved an amendment to the FIRST Act that would sever the NSA's relationship with NIST related to the development of cryptography standards.

Blog: Scammer of a Lonely Heart

Secure List feed for B2B - Tue, 05/27/2014 - 10:36
Users in a particular rush to find love online are paying dearly as a popular referral service is flooded with spam bots promising to fulfill fantasies at a deceptively low price.

Zeus-Carberp Hybrid Trojan Pops Up

Threatpost for B2B - Tue, 05/27/2014 - 10:21
Researchers have discovered a new hybrid Trojan that combines elements of two of the more notorious crimeware strains of the last few years: Zeus and Carberp. It’s not uncommon for malware writers to steal bits and pieces of code from one another, but both Zeus and Carberp were once exclusively private tools, but the source […]

Executive Agencies Pass on New Cybersecurity Regulations

Threatpost for B2B - Fri, 05/23/2014 - 12:37
Three federal agencies crucial to critical infrastructure protection will be allowed to continue to voluntarily assess cyber risk, rather than force the development and implementation of additional regulations.

Threatpost News Wrap, May 23, 2014

Threatpost for B2B - Fri, 05/23/2014 - 10:35
Dennis Fisher and Mike Mimoso discuss the US indictments of Chinese army officers for hacking, the Blackshades malware arrests, the new IE 8 zero day and the US prospects in the World Cup.

Apple Patches 22 Safari WebKit Vulnerabilities

Threatpost for B2B - Fri, 05/23/2014 - 09:03
Apple released an update to its Safari web browser that patches 22 vulnerabilities in the Webkit browser engine, including a number of remote code execution and denial of service vulnerabilities.

Android Outlook App Could Expose Emails, Attachments

Threatpost for B2B - Thu, 05/22/2014 - 15:25
There are two issues with the way Microsoft’s Outlook application encrypts content on older versions of Android that could expose users’ emails and email attachments.

eBay Hack Raises Password ‘Encryption’ Questions

Threatpost for B2B - Thu, 05/22/2014 - 15:25
eBay did not enjoy its finest hour responding to and communicating about a breach of its password database.

Microsoft Working on Patch for IE 8 Zero Day

Threatpost for B2B - Thu, 05/22/2014 - 13:57
UPDATE–Microsoft officials say they’re well aware of the Internet Explorer 8 zero day disclosed Wednesday by the Zero Day Initiative and have been working on a fix for it. However, there’s no stated timeline for releasing that patch. The vulnerability in IE 8 is a use-after-free bug in the way that the browser handles CMarkup […]

Adobe Shockwave Lugging Around Hobbled, Vulnerable Version of Flash

Threatpost for B2B - Thu, 05/22/2014 - 13:15
Adobe promises that its next Shockwave update will bring its bundled Flash Player patch levels up to date; in the meantime, Shockwave offers hackers a large attack surface to target.
Syndicate content