Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 15 hours 37 min ago

Side-Channel Android Weakness Likely on Other Platforms

Mon, 08/25/2014 - 11:32
Researchers have discovered a weakness in Android that is likely present in other leading operating systems that can be abused and lead to information leakage.

Mozilla Adding Granular App Permissions to Firefox OS

Mon, 08/25/2014 - 10:06
Mozilla is set to add a feature to its mobile Firefox OS that will give users the ability to revoke any application’s permissions on a granular basis. Firefox OS is the open source operating system that Mozilla built for smartphones. The software runs on a variety of devices from manufacturers such as Alcatel, ZTE and […]

PlayStation Network Back Online Following DDoS

Mon, 08/25/2014 - 09:25
Sony's PlayStation Network is back online following a bizarre series of events over the weekend involving a large-scale DDoS attack and a bomb threat against a commercial airline.

NIST Releases Secure Shell Guidance Document

Fri, 08/22/2014 - 13:08
NIST released Interagency Report 7966 this week, a guidance document for organizations using the Secure Shell network protocol for automated access.

Akeeba Patches Bypass Vulnerability in Joomla

Fri, 08/22/2014 - 12:10
The developers behind Akeeba fixed an outstanding issue this week that could have let anyone download users' site backups, passwords and user lists.

Tor Exec: Intelligence Insiders Disclose Bug Information With Tor Developers

Fri, 08/22/2014 - 12:03
Tor Executive Director Andrew Lewman told the BBC that intelligence agency insiders share bug information with Tor developers under their bosses' noses.

UPS Admits 51 Stores Hit With Malware For Five Months

Thu, 08/21/2014 - 13:04
UPS reported this week that 51 of its stores suffered a “broad-based malware intrusion” earlier this spring.

Amazon CloudFront Turns on Perfect Forward Secrecy

Thu, 08/21/2014 - 12:46
Amazon Web Services announced that it has turned on Perfect Forward Secrecy and other SSL improvements for its CloudFront content delivery platform.

New Facebook Internet Defense Prize Pays Out $50,000 Award

Thu, 08/21/2014 - 11:15
Facebook announced at USENIX its new Internet Defense Prize, a bounty that rewards researchers for defensive technologies that prevent vulnerabilities and mitigate attacks.

Bitcoin Phishing Campaign Targets 400 Organizations

Wed, 08/20/2014 - 13:56
More than 400 organizations were recently targeted by a Bitcoin phishing campaign that intended to con users into giving away their wallet passwords.

A New Spin on Rogue Antivirus

Wed, 08/20/2014 - 12:59
Rogue antivirus malware is on the decline, but a new, simpler version of that threat that simply redirects users to the site of a fake malware protection service has been infecting users around the world.

Heartbleed Exploit Linked to Community Health Data Breach

Wed, 08/20/2014 - 12:37
Hackers involved in the Community Health Systems data breach used a Heartbleed exploit to access the provider's network and steal 4.5 million patient records, said security firm TrustedSec.

Tor Browser Hardening Features Under Scrutiny

Wed, 08/20/2014 - 11:38
An iSEC Partners report examining hardening features of the Tor Browser recommends moving off Firefox to Chrome, but budget and feature constraints make that unlikely.

U.S. Nuclear Regulator Hacked Three Times in Three Years

Tue, 08/19/2014 - 14:01
Hackers hit the U.S. Nuclear Regulatory Commission (NRC) three separate times over the past three years.

Close to All Facebook Outbound Notification Emails Encrypted

Tue, 08/19/2014 - 12:00
Facebook published numbers today that demonstrate the pervasiveness of encryption on the web; the social network said 95 percent of its notification emails are encrypted with Perfect Forward Secrecy, up from 29 percent in May.

APT Gang Branches Out to Medical Espionage in Community Health Breach

Tue, 08/19/2014 - 09:29
The Community Health Systems data breach has been tied to a Chinese APT gang that has branched out to medical espionage, stealing patient data in an effort to target intelligence on medical device development.

Pro-Syrian Malware Increasing in Number, Complexity

Mon, 08/18/2014 - 14:48
Malware deployed against activists in Syria is increasing as the groups deploying these remote access tools become more sophisticated and utilize more complex tactics.

Microsoft Yet to Deliver Fix for Faulty Patch Tuesday Update

Mon, 08/18/2014 - 14:07
Microsoft said it is still working on a fix for a broken patch released last Patch Tuesday that is causing Blue Screens of Death and system crashes.

Siemens Patches DoS Vulnerability in SIMATIC S7 PLC

Mon, 08/18/2014 - 13:15
Siemens released an update for its SIMATIC S7-1500 CPU last week, patching a denial of service vulnerability in the programmable logic controller.

New Attack Binds Malware in Parallel to Software Downloads

Mon, 08/18/2014 - 11:21
Open source software distribution systems that lack security processes and integrity checks are prone to a new attack that binds malware to a download without modifying the original application.