Threatpost for B2B
The First Stop For Security News
Updated: 1 hour 24 min ago
The developers of the TAILS operating system say that users can mitigate the severity of the critical vulnerability researchers discovered in the I2P software that's bundled with TAILS with a couple of workarounds, but there is no patch for the bug yet.
New ransomware has been dubbed Onion by researchers at Kaspersky Lab as its creators use command and control servers hidden in the Tor Network (a/k/a The Onion Router) to obscure their malicious activity.
The newest version of Mozilla Firefox includes an improved defense against malware downloaded through the browser, which could prevent many kinds of infections.
Phony Googlebots are being used with greater frequency to launch and carry out application-layer denial-of-service attacks.
Researchers at Citizen Lab have taken a close look at the extent of Internet filtering in Iraq, as well as the security of a popular offline chat app used there, and found an increase in the number of services blocked by the government and identified serious privacy and security problems with the chat app. As tensions […]
The problems that come from doing security research on modern Web applications and other software aren’t just challenging for researchers, but also for the companies on the receiving end of their advisories. Companies unaccustomed to dealing with researchers can find themselves in a difficult position, trying to figure out the clearest path forward. To help […]
A glut of Wordpress sites have fallen victim to both malware infections and a series of brute force attacks that have making the rounds over the past several days, researchers claim.
The critical vulnerability in the TAILS operating system discovered by researchers at Exodus Intelligence lies in the I2P software that's bundled with the OS and the company has released some details and a video demonstrating an exploit against the bug.
Mozilla has released a new version of Firefox, which includes patches for 11 security vulnerabilities. Three of the bugs fixed in Firefox 31 are critical, including a use-after-free vulnerability and a handful of memory safety issues.
There are several security issues that aren't patched in the new release of the OS Tails that have been identified by researchers at Exodus Intelligence.
Researchers have identified several remotely exploitable vulnerabilities in a wireless remote monitoring product from OleumTech that is used in energy, water and other critical infrastructure sectors.
Privacy Badger is one of a new generation of tools designed to help users block much of the silent, pervasive tracking that's done on the Web today, a lot of which is accomplished through social media channels.
Third-party software libraries introduce efficiency and risk into enterprise applications. Two researchers will identify some of the most vulnerable libraries during a talk at the upcoming Black Hat conference.
IBM recently patched a handful of vulnerabilities in some of its KVM switches that if exploited, could have given an attacker free reign over any system attached to it.
There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users' personal data.
The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HOPE X conference over the weekend, is […]
Retailers and hospitality vendors are falling victim to point-of-sale hacks, and little is being done to stem the tide. At the upcoming Black Hat conference, a researcher hopes to spur a call to action.
The rise of sophisticated new online tracking mechanisms, including one known as ‘canvas fingerprinting’ that’s been infiltrating the Internet, could soon raise the ire of privacy conscious users.
Despite FBI claims that CryptoLocker was neutralized in the GameOver Zeus botnet takedown, a researcher says that the ransomware is alive and evolving new variants.
OpenSSL vulnerabilities discovered in a number of Siemens industrial control systems are being exploited in the wild. The company has updates available for some, but not all, of the affected products.