Threatpost for B2B
The First Stop For Security News
Updated: 23 hours 36 min ago
The Miniduke APT campaign is back in business with new tools to steal data from new targets in an assortment of countries from all over the globe.
A fraud ring targeting Brazil's Boleto payment method has pulled off hundreds of thousands of bogus transactions valued at $3.75 billion.
The Cisco Unified Communications Domain Manager contains a default private SSH key that could allow an attacker to run arbitrary code on vulnerable installations. The bug is about as serious as they come, giving remote, unauthenticated attackers access to affected machines with the rights of a root user.
A new piece of Android malware leaks data, steals banking credentials, hijacks bank accounts, and serves as a remote access tool.
Wordpress users that have the MailPoet newsletter plugin installed are being cautioned to upgrade immediately.
Microsoft admits that it made a technical mistake as part of its No-IP.com malware operation takedown, errors that resulted in legitimate customers of the site losing service.
The EFF filed a FOIA lawsuit against the NSA and ODNI looking for more information on the government's use and disclosure of zero-day vulnerabilities.