Threatpost for B2B
The First Stop For Security News
Updated: 14 hours 19 min ago
TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today.
Google patched a vulnerability that a researcher was able to exploit in order to collect every Gmail address.
News aggregator Feedly and note-taking service Evernote were both knocked offline by distributed denial of service attacks in the last 24 hours.
Mozilla has fixed seven security vulnerabilities in Firefox 30, including five critical flaws that could enable remote code execution.
The hackers behind last month’s iPhone ransomware campaign – in which many users were asked to pay $100 to unlock their devices – may be behind bars now.
Microsoft's June 2014 Patch Tuesday security updates patched 66 vulnerabilities, including 59 in a critical Internet Explorer cumulative update.
As the uncertainty surrounding the end of TrueCrypt continues, members of the security community are working to preserve a known-good archive of the last version of the open source encryption software released before the developers inserted a warning about potential unfixed bugs in the software and ended development. The team behind the Open Crypto Audit […]
Espionage attacks against aerospace and satellite companies in the U.S. and Europe have been linked to a Chinese People's Liberation Army unit, security company Crowdstrike said.
There’s a reflected cross-site scripting vulnerability in a variety of Cisco security appliances that enables a remote, unauthenticated attacker to execute arbitrary code in the context of the user. The vulnerability affects the Cisco Email Security Appliance, the Cisco Web Security Appliance and the Content Security Management Appliance. Cisco has released updated software to fix […]
A new banking Trojan called Pandemiya is for sale in hacker forums. The malware took a year to write from scratch, RSA Security said, in order to avoid detection and analysis.
A vulnerability in an emerging interactive television standard could open up number of smart TVs to untraceable drive-by attacks.
The RIG Exploit Kit is using malvertising to infect victims with Cryptowall ransomware, including one tiny New Hampshire town that proved backup is king when confronting ransomware.
Researchers at Kaspersky Lab reported the first strain of Android ransomware that encrypts the contents of a device. The malware communicates either over Tor, or via HTTP and SMS.
ICS-CERT has issued an alert warning that a certain software that manages electronic highways signs contains a vulnerability that makes such signs susceptible to hacking.
Apple enthusiasts have been poring over the feature list for iOS 8, due out this fall, geeking out over the tighter integration among all iOS devices, the improved mail app and myriad other bells and whistles. But perhaps the most important change is a subtle one hidden beneath the covers that will help prevent much […]
Vodafone released its first transparency report today revealing that a small number of countries have a direct link to its network in order to collect data.
Several vulnerabilities have been patched in the Linux kernel that could have led to a denial of service or privilege escalation.
WordPress announced on Reset the Net day that it would encrypt all of its wordpress.com subdomains with SSL by the end of 2014.
Dennis Fisher and Mike Mimoso discuss the changes in the year since the first stories broke regarding Edward Snowden and the NSA and the new OpenSSL vulnerability.
A handful of apps purporting to specialize in virus detection and scanning were recently removed from both Google Play and Amazon after being deemed fake.