Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 12 hours 33 min ago

RIG Exploit Kit Pushing Cryptowall Ransomware

Mon, 06/09/2014 - 14:04
The RIG Exploit Kit is using malvertising to infect victims with Cryptowall ransomware, including one tiny New Hampshire town that proved backup is king when confronting ransomware.

Android Ransomware First to Encrypt Data on Mobile Devices

Mon, 06/09/2014 - 12:28
Researchers at Kaspersky Lab reported the first strain of Android ransomware that encrypts the contents of a device. The malware communicates either over Tor, or via HTTP and SMS.

ICS-CERT Warns of Easily Hackable Road Signs

Mon, 06/09/2014 - 11:38
ICS-CERT has issued an alert warning that a certain software that manages electronic highways signs contains a vulnerability that makes such signs susceptible to hacking.

iOS 8 Will Randomize MAC Addresses to Help Stop Tracking

Mon, 06/09/2014 - 10:41
Apple enthusiasts have been poring over the feature list for iOS 8, due out this fall, geeking out over the tighter integration among all iOS devices, the improved mail app and myriad other bells and whistles. But perhaps the most important change is a subtle one hidden beneath the covers that will help prevent much […]

Vodafone Transparency Report Sheds Light on Global Surveillance

Fri, 06/06/2014 - 15:18
Vodafone released its first transparency report today revealing that a small number of countries have a direct link to its network in order to collect data.

Debian Urging Users Patch Linux Kernel Flaw

Fri, 06/06/2014 - 13:40
Several vulnerabilities have been patched in the Linux kernel that could have led to a denial of service or privilege escalation.

WordPress Promises SSL on All Domains by End of 2014

Fri, 06/06/2014 - 12:16
WordPress announced on Reset the Net day that it would encrypt all of its wordpress.com subdomains with SSL by the end of 2014.

Threatpost News Wrap, June 6, 2014

Fri, 06/06/2014 - 09:54
Dennis Fisher and Mike Mimoso discuss the changes in the year since the first stories broke regarding Edward Snowden and the NSA and the new OpenSSL vulnerability.​

‘Placebo’ Security Apps Booted From Google Play, Amazon

Thu, 06/05/2014 - 16:09
A handful of apps purporting to specialize in virus detection and scanning were recently removed from both Google Play and Amazon after being deemed fake.

Microsoft Expected to Patch IE 8 Zero Day on Patch Tuesday

Thu, 06/05/2014 - 14:30
Microsoft said it will patch a zero-day vulnerability in Internet Explorer in its June 2014 Patch Tuesday security updates.

On Snowden Anniversary, Microsoft Calls for Surveillance Reform

Thu, 06/05/2014 - 14:25
Microsoft general counsel Brad Smith lays out five areas where the U.S. government needs to make positive strides in reforming surveillance.

Vulnerabilities in IPMI Protocol Have Long Shelf Life

Thu, 06/05/2014 - 14:17
Noted researcher Dan Farmer published a paper on the depth and breadth of IPMI vulnerabilities in server Baseboard Management Controllers, and the news isn't good.

Linksys E4200 Vulnerability Enables Authentication Bypass

Thu, 06/05/2014 - 14:05
Linksys router contains an authentication bypass vulnerability that could give an attacker full administrative privileges on affected devices.

New OpenSSL MITM Flaw Affects All Clients, Some Server Versions

Thu, 06/05/2014 - 09:30
There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers.

COPA-DATA Patches DNP3 SCADA Vulnerability

Wed, 06/04/2014 - 15:19
A SCADA vulnerability could trigger a denial of service condition and go on to compromise the software’s communication connections, resulting in system instability is left unpatched.

DARPA Cyber Grand Challenge Finale Set For DEF CON 2016

Wed, 06/04/2014 - 13:56
DARPA announced that the finale of the Cyber Grand Challenge will be held during DEF CON 2016. More than 30 teams have signed up to build the best automated network defense system.

Google Data Shows Encryption Trending In the Right Direction

Wed, 06/04/2014 - 12:03
The past year has seen a tremendous amount of change and turbulence in the security and privacy communities, much of it related to the NSA surveillance revelations. One of the things that has come out of all of the discussions and debates is a greater focus on the importance of encryption, especially encrypting email and […]

Google Releases End-to-End Encryption Extension

Wed, 06/04/2014 - 07:44
Google has released an early version of a Chrome extension that provides end-to-end encryption for data leaving the browser. The extension will allow users to encrypt emails from their webmail accounts.

NIST Seeks Public Comment on SHA-3 Crypto Algorithm

Tue, 06/03/2014 - 16:17
The National Institute of Standards and Technology is seeking comments from the public on it's latest cryptographic hash function, SHA-3.

WordPress All-In-One SEO Pack Vulnerabilities Patched

Tue, 06/03/2014 - 14:09
A popular WordPress plugin could leave potentially millions of websites vulnerable if left unpatched.