Threatpost for B2B
The First Stop For Security News
Updated: 11 hours 42 min ago
The ICS-CERT is warning users about a vulnerability in a secure public cloud product from Innominate that enables an attacker to gain valuable configuration data about a target system, information that could be used in future attacks. The vulnerability is an information disclosure bug in the Innominate mGuard product, which is meant to connect operators to […]
An encryption issue in the Android and iOS versions of the Instagram photo-sharing application could allow for man-in-the-middle attacks and more.
One of Canada’s premier research and technology organizations was hit with an apparent cyber-attack recently that forced the cooperative offline.
Tor is warning users of its hidden services to upgrade relays after attackers were discovered on the network trying to deanonymize users.
Facebook has fixed a vulnerability in its Android app could allow an attacker to cause a denial-of-service condition on a device or run up the victim’s mobile bill by transferring large amounts of data to and from the device. The flaw lies in the way that the Facebook app handles HTTP requests. The app include an HTTP server […]
A new and allegedly super secure microkernel was made open source today, a move that could have serious security implications across a number sensitive and increasingly connected fields.
The informational systems that the National Oceanic and Atmospheric Administration (NOAA) runs are fraught with vulnerabilities and what the U.S. Department of Commerce deem “significant security deficiencies.”
Open WhisperSystems today released Signal, a free app that brings encrypted calling to the iPhone.
Sen. Patrick Leahy has introduced an updated, tougher version of the USA FREEDOM Act that would end the bulk collection of data under Section 215 of FISA.
Georgia Tech Research Institute has released an open source threat intelligence gathering tool called BlackForest that automates attack-data mining.
A collection of privacy and consumer groups from the United States and Europe has asked the Federal Trade Commission to force Facebook to suspend a recently installed program that mines information on sites that users' visit around the Web.
There is a critical vulnerability in millions of Android devices that allows a malicious app to impersonate a trusted application in a transparent way.
A new report claims attackers, apparently based in China, were able to hack into three Israeli defense firms to make off with sensitive military data in 2011.
ISE will host a two-tracking hacking contest at DEF CON next week that focuses on the security of home and small office wireless routers.
When the topic of mobile security comes up, users and researchers often discuss Android as if it’s one monolithic operating system like iOS is. But the fact is that there are nearly as many versions of Android as there are Android devices, which has led to plenty of confusion when it’s time to fix a security […]
Researchers at Kaspersky Lab report on the infrastructure supporting the Koler ransomware, which not only has components targeting Android devices, but also redirects desktop browsers to other ransomware and exploit kits.
The EFF has asked a federal judge to rule that the NSA's collection of massive amounts of upstream user data is unconstitutional, violating the Fourth Amendment.
Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of issues, four of which are remotely exploitable.
One of Microsoft's top security executives said the company has never been asked by the United States government to build a backdoor into any of its products, and if the company was asked, it would fight the order in the courts.
The developers of the TAILS operating system say that users can mitigate the severity of the critical vulnerability researchers discovered in the I2P software that's bundled with TAILS with a couple of workarounds, but there is no patch for the bug yet.