Threatpost for B2B
The First Stop For Security News
Updated: 7 hours 47 min ago
Tor Executive Director Andrew Lewman told the BBC that intelligence agency insiders share bug information with Tor developers under their bosses' noses.
UPS reported this week that 51 of its stores suffered a “broad-based malware intrusion” earlier this spring.
Amazon Web Services announced that it has turned on Perfect Forward Secrecy and other SSL improvements for its CloudFront content delivery platform.
Facebook announced at USENIX its new Internet Defense Prize, a bounty that rewards researchers for defensive technologies that prevent vulnerabilities and mitigate attacks.
More than 400 organizations were recently targeted by a Bitcoin phishing campaign that intended to con users into giving away their wallet passwords.
Rogue antivirus malware is on the decline, but a new, simpler version of that threat that simply redirects users to the site of a fake malware protection service has been infecting users around the world.
Hackers involved in the Community Health Systems data breach used a Heartbleed exploit to access the provider's network and steal 4.5 million patient records, said security firm TrustedSec.
An iSEC Partners report examining hardening features of the Tor Browser recommends moving off Firefox to Chrome, but budget and feature constraints make that unlikely.
Hackers hit the U.S. Nuclear Regulatory Commission (NRC) three separate times over the past three years.
Facebook published numbers today that demonstrate the pervasiveness of encryption on the web; the social network said 95 percent of its notification emails are encrypted with Perfect Forward Secrecy, up from 29 percent in May.
The Community Health Systems data breach has been tied to a Chinese APT gang that has branched out to medical espionage, stealing patient data in an effort to target intelligence on medical device development.
Malware deployed against activists in Syria is increasing as the groups deploying these remote access tools become more sophisticated and utilize more complex tactics.
Microsoft said it is still working on a fix for a broken patch released last Patch Tuesday that is causing Blue Screens of Death and system crashes.
Siemens released an update for its SIMATIC S7-1500 CPU last week, patching a denial of service vulnerability in the programmable logic controller.
Open source software distribution systems that lack security processes and integrity checks are prone to a new attack that binds malware to a download without modifying the original application.
Albertsons and SUPERVALUE, the second and third largest grocery store chains in the U.S., yesterday announced that customer payment information was exposed a month-long data breach earlier this summer.
Researchers have now identified a new variant of the Cridex malware that has adopted some of the techniques that made GOZ so successful in its day.
Google patched its Chrome browser this week, fixing 12 vulnerabilities including both a serious information disclosure bug and a use-after-free vulnerability that could let users obtain potentially sensitive information and execute arbitrary code.
Research from Arbor Networks points to a rejuvenated GameOver Zeus botnet that has grown more than 1,800 percent, confirming it has been rebuilt from scratch.
Fifteen zero day vulnerabilities were exploited during the SOHOpelessly Broken router hacking contest at DEF CON.