Threatpost for B2B
The First Stop For Security News
Updated: 12 hours 47 min ago
Researchers have discovered a new version of the Destover malware that was used in the recent Sony Pictures Entertainment breaches, and in an ironic twist, the sample is signed by a legitimate certificate stolen from Sony. The new sample is essentially identical to an earlier version of Destover that was not signed. Destover has been used […]
Microsoft released seven security bulletins, three of them rated critical, as part of its December 2014 Patch Tuesday updates. It also re-released November updates for IE and SChannel
Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical privacy vulnerability in the iOS version of its app.
Adobe released security updates for Flash Player, Reader, Acrobat and ColdFusion. The Flash vulnerability is being exploited in the wild, Adobe said.
Researchers at Kaspersky Lab have found two Linux modules connected to the Turla APT campaigns.
The POODLE attack against SSLv3 that researchers from Google revealed earlier this year also affects some implementations of TLS and vendors now are scrambling to release patches for gear affected by the vulnerability. Soon after the POODLE attack was disclosed in October, researchers began looking into whether it might affect protocols other than SSLv3. It quickly […]
VMware released patches late last week to fix several vulnerabilities, including a cross-site scripting issue, in one of its server virtualization platforms.
The secret Foreign Intelligence Surveillance Court has authorized a 90-day extension to the Section 215 bulk telephone collection program used by the National Security Agency, giving the agency through the end of February to run the program in the absence of legislation establishing a new authority.
A group of security researchers in Poland say they have discovered a long list of vulnerabilities in the Google App Engine, some of which enable an attacker to escape the Java sandbox.