Threatpost for B2B
The First Stop For Security News
Updated: 19 hours 39 min ago
LAS VEGAS–Mobile broadband modems can be a great alternative if you can’t find a WiFi network or don’t trust the ones you can find. But many of the models sold by the major manufacturers contain bugs and functionality that a remote attacker can exploit without much difficulty. Much of the market for these devices is […]
Dan Geer's Black Hat 2014 keynote featured 10 proposals to address shortcomings in security, in the context of government surveillance and eroding privacy.
A security researcher has uncovered a simple method for bypassing the two-factor authentication mechanism that PayPal uses to protect accounts that are tied to eBay accounts. The vulnerability is related to the way that the login flow works when a user is prompted to connect her eBay account to her PayPal account. The eBay and […]
Researchers will discuss a study into the effectiveness of telephone fraud against enterprise call centers, and how these attacks are sometimes combine with hacks or malware attacks.
In this special edition of the Digital Underground Podcast, Dennis Fisher interviews fellow Threatpost editor Mike Mimoso and also Threatpost reporter Brian Donohue about the Black Hat security conference, which begins this week in Las Vegas. Topics of discussion include Chris Valasek and Charlie Miller hacking automobiles, Jeff Forristal's briefing on what promises to be a devastating Android vulnerability, why it's dumb to host Black Hat in Las Vegas in the dead of summer, and more.
It was an absurd scene. Keith Alexander, the director of the NSA and a four-star general in the Army, stood alone on the stage, squinting through the floodlights as members of the standing-room-only crowd shouted insults and accusations. Armed men in dark suits roamed the area in front of the stage, eyeing the restless crowd. […]
A remote code execution vulnerability has been patched in Samba, open source software that enables file and print server interoperability for Windows clients with Linux and UNIX servers.
The IcoScript remote access Trojan evades network detection by communicating via Yahoo Mail.
Twitter officials are pushing the United States government for more freedom to publish specific numbers about national security information requests, and said the company is considering its legal options if the government doesn’t allow more data to be made public. In its latest transparency report, Twitter said that officials had met with the FBI and […]
Mozilla Developer Network members are advised to change their passwords after an accidental password dump to a public server was discovered.