Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 3 hours 1 min ago

Two Cisco Products Vulnerable to POODLE Attack on TLS

Tue, 12/16/2014 - 09:10
Two of Cisco’s products are vulnerable to the POODLE attack via the TLS implementation in those products. The vulnerability affects Cisco’s Adaptive Security Appliance software and its Application Control Engine module. The POODLE attack was disclosed in October by researchers from Google, who discovered that if an attacker can force a vulnerable Web server to fall back from […]

Google Blacklists WordPress Sites Peddling SoakSoak Malware

Mon, 12/15/2014 - 14:08
Up to 100,000 sites hosted on WordPress may be vulnerable to new campaign that's pushing malware and multiple exploit kits to the browser.

Mike Mimoso on the Sony Breach

Mon, 12/15/2014 - 12:25
Dennis Fisher and Mike Mimoso talk about the details of the Sony breach, including the question of attribution, Sony's response to the attack, media outlets publishing the stolen data and the rise of destructive malware attacks.

Google Proposes Marking ‘HTTP’ as Insecure in 2015

Mon, 12/15/2014 - 12:05
Google proposes that browser vendors begin issuing address bar warnings to users that HTTP connections provide no data security protection.

Shellshock Worm Exploiting Unpatched QNAP NAS Devices

Mon, 12/15/2014 - 11:35
A worm exploiting the Bash vulnerability in QNAP network attached storage devices has been discovered. The attack opens a backdoor and for now is carrying out a click-fraud scam against JuiceADV.

Honeywell PoS Software Vulnerable to Stack Buffer Overflows

Mon, 12/15/2014 - 10:13
There are stack buffer overflows in two components of a Honeywell point-of-sale software package that can allow attackers to run arbitrary code on vulnerable systems. The vulnerabilities lie in the HWOPOSScale.ocx and HWOPOSSCANNER.ocx components of Honeywell’s OLE for Retail Point-of-Sale package, which is designed to help integrate PoS hardware with Windows PoS systems. Versions of the Honeywell […]

Android Malware Installs Pirated Assassin’s Creed App

Fri, 12/12/2014 - 10:37
A working, pirated version of the Assassin's Creed application for Android is bundled with malware, targeting users trying to download a free version of that game.

Upatre Downloader Spreading Dyreza Banking Trojan

Fri, 12/12/2014 - 09:52
Microsoft reports it has seen wire transfer spam carrying attachments containing the Upatre downloader which then infects machines with the Dyreza banking Trojan.

Custom Websites Running HD FLV Player Plugin Vulnerable to Attack

Thu, 12/11/2014 - 14:39
CMS providers Joomla and WordPress have patched an arbitrary file download vulnerability in the HD FLV Player plug-in, but custom websites running the plug-in independently remain at risk.

Researcher: ‘Lax’ Crossdomain Policy Puts Yahoo Mail At Risk

Thu, 12/11/2014 - 13:23
A security researcher disclosed a problem with a loose cross-domain policy for Flash requests on Yahoo Mail that puts email content and contacts at risk.

Microsoft Recalls Patch Tuesday Exchange Update

Thu, 12/11/2014 - 12:47
For the second month in a row, Microsoft is recalling a security update published along with its monthly patch Tuesday release.

Black Energy Malware May Be Exploiting Patched WinCC Flaw

Thu, 12/11/2014 - 10:34
Experts at ICS-CERT say that the BlackEnergy malware that has been seen infecting human-machine interface systems may be exploiting a recently patched vulnerability in the Siemens SIMATIC WinCC software in order to compromise some systems.

Mozilla to Support Certificate Transparency in Firefox

Thu, 12/11/2014 - 07:00
Mozilla is planning to add support for Certificate Transparency checks in Firefox in the near future, but the company says that the feature won't be turned on by default at first.

Microsoft Enables Removal of SSL 3.0 Fallback In IE

Wed, 12/10/2014 - 16:40
Microsoft has given Windows admins the option to remove the SSL 3.0 fallback from Internet Explorer. By disabling SSL 3.0, IE is no longer vulnerable to POODLE attacks.

Potential Security Concerns in Comcast Hotspot Class-Action

Wed, 12/10/2014 - 13:53
A class-action suit has been filed against Comcast for using customer routers as public Wi-Fi hotspots. Can attackers exploit router bugs to jump from public to private networks?

Some Recursive DNS Implementations Patch DoS Vulnerability

Wed, 12/10/2014 - 11:59
Some domain name server (DNS) implementations are at risk for denial-of-service attacks after a vulnerability was disclosed and patched in a few popular server packages, including BIND, PowerDNS and NLnetLabs.

Red October Attackers Return With CloudAtlas APT Campaign

Wed, 12/10/2014 - 11:12
The attackers behind the Red October APT campaign that was exposed nearly two years ago have resurfaced with a new campaign that is targeting some of the same victims and using similarly constructed tools and spear phishing emails.

Payment Gateway Provider Breached, Plain Text Data Accessed

Wed, 12/10/2014 - 10:03
Payment gateway and mobile payment app provider CHARGE Anywhere disclosed it had been breached and hackers had access to plain text payment card transaction authorization requests.

Yahoo Plans to Disclose All New Bugs It Finds Within 90 Days

Wed, 12/10/2014 - 08:00
Yahoo officials say that the company will disclose any new vulnerabilities that the company’s security team finds within 90 days of discovery. The new policy is the same one used by Google’s Project Zero, a team of researchers that looks for vulnerabilities in a variety of commonly used software packages and platforms. That team has […]

New Version of Destover Malware Signed by Stolen Sony Certificate

Tue, 12/09/2014 - 14:49
Researchers have discovered a new version of the Destover malware that was used in the recent Sony Pictures Entertainment breaches, and in an ironic twist, the sample is signed by a legitimate certificate stolen from Sony. The new sample is essentially identical to an earlier version of Destover that was not signed. Destover has been used […]