Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 12 hours 34 min ago

​Jeremy Rowley on the Facebook Tor Cert Decision and the Future of PKI

Fri, 11/07/2014 - 15:05
Dennis Fisher and DigiCert's Jeremy Rowley discuss the company's certificate issuance for Facebook's .onion site, the challenge of key protection in today's environment and what the near future holds for PKI.

Serious Root Access Bug in Belkin N750 Router

Fri, 11/07/2014 - 14:32
A serious vulnerability in a popular Belkin router could be exploited by a local, unauthenticated attacker to gain full control over affected devices.

Securing an Internet Made From ‘Duck Tape and Baling Wire’

Fri, 11/07/2014 - 13:35
LAS VEGAS–The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it’s a frighteningly fragile construction. Attackers know this as well as anyone, and […]

Windows Version of WireLurker Out of Commission Too

Fri, 11/07/2014 - 12:50
A Windows version of the WireLurker malware has been discovered, and like the Mac OS X version, it too is believed to have been shut down.

Home Depot Breached Via Vendor Credentials; 53 Million Email Addresses Also Stolen

Fri, 11/07/2014 - 07:03
Home Depot revealed that hackers used credentials stolen from a third-party vendor to steal 53 million email addresses in addition to 56 million payment card numbers.

DigiCert Considering Certs for Hidden Services Beyond Facebook

Thu, 11/06/2014 - 15:05
DigiCert explains why it issued a signed certificate to Facebook's .Onion Tor domain, noting it may offer more hidden services certs in the future.

Microsoft Ready with 16 Patch Tuesday Bulletins; 5 Critical

Thu, 11/06/2014 - 14:34
Microsoft is expected to release 16 bulletins next week, including five rated critical, as part of its November 2014 Patch Tuesday updates.

WireLurker Mac OS X Malware Shut Down

Thu, 11/06/2014 - 12:13
Researchers at Palo Alto Networks discovered a new family of Mac OS X malware that was capable of also infecting iOS devices. The command infrastructure supporting WireLurker has been shut down.

Chertoff Reminds Enterprises There is Hope in Security

Thu, 11/06/2014 - 09:00
Former DHS secretary Michael Chertoff laid out a game plan for enterprise network security, one heavy on risk management and prioritization in the context of current threats and vulnerabilities, and potential consequences.

Be Ready: Next Internet Bug Won’t Be The Last

Wed, 11/05/2014 - 15:12
Panelists at the Advanced Cyber Security Center annual conference discuss how readiness for the next Internet-scale bug is no longer a luxury.

Samsung Fires Back at NIST, Says Find My Mobile Service Safe

Wed, 11/05/2014 - 14:00
Samsung this week fired back at NIST who warned last month that the company's Find My Mobile service could be exploited.

Government Requests for Facebook User Data Increasing

Wed, 11/05/2014 - 13:16
Facebook’s latest transparency report shows that U.S law enforcement agencies requested more user information from the social network in the first six months of this year than ever before.

NSA Director Says Agency Shares Vast Majority of Bugs it Finds

Wed, 11/05/2014 - 11:01
When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it’s typically deployed, before deciding whether to share the new bug. The agency shares most of the bugs […]

New Variant of Backoff Malware Tougher to Detect

Tue, 11/04/2014 - 16:15
The new Backoff variant ROM has tweaks that help the malware better evade detection and hinder the analysis process.

AirHopper Program Decodes Radio Signals to Steal from Air-Gapped Computers

Tue, 11/04/2014 - 13:51
Researchers have developed malware called AirHopper that decodes radio frequencies emitted from a computer monitor, video card or cable, in order to steal data from an air-gapped machine.

Hacking Team Defends Spyware, Attacks Researchers’ Methods

Tue, 11/04/2014 - 13:30
Hacking Team joins the choir of critics, including GCHQ and the FBI, rallying against anti-surveillance and privacy advocates, who, they say, aid criminals and terrorists.

Linksys Patches (Most) Routers Running SMART Wi-Fi Firmware

Tue, 11/04/2014 - 10:53
Linksys released updates for routers running its SMART Wi-Fi firmware, patching vulnerabilities leading to credential theft and information disclosure. Two popular models, however, remain unpatched.

Google Releases Nogotofail Tool to Test Network Security

Tue, 11/04/2014 - 10:02
The last year has produced a rogues’ gallery of vulnerabilities in transport layer security implementations and new attacks on the key protocols, from Heartbleed to the Apple gotofail flaw to the recent POODLE attack. To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing a […]

Smartphone Owners Lack Motivation to Adequately Lock Devices

Tue, 11/04/2014 - 09:55
A new study examines how many device owners choose to leave their phones locked versus unlocked – and why.

American Express Brings Tokenization to Payment Cards

Mon, 11/03/2014 - 16:27
American Express announced its new American Express Token Service which brings tokenization to payment card transactions.