Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 8 hours 7 min ago

House Amendment Limits Funding for NSA Surveillance

Fri, 06/20/2014 - 13:27
The House of Representatives yesterday passed an amendment that reins in NSA surveillance by cutting Department of Defense funds.

FBI, NYPD Form Financial Cybercrime Task Force

Fri, 06/20/2014 - 10:08
The FBI has formed a new cybercrime task force with the New York Police Department and the Metropolitan Transit Authority whose job will be to go after high-level financial cyber crimes, employing a model of interagency cooperation that the bureau and other federal law enforcement agencies have used with notable success in other areas. The […]

Plaintext Supermicro IPMI Credentials Exposed

Fri, 06/20/2014 - 09:28
Weaknesses in Supermicro IPMI-based baseboard management controllers expose remote passwords in plaintext.

Google, Microsoft to Implement Mobile ‘Kill Switch’

Thu, 06/19/2014 - 13:58
Google and Microsoft will implement 'kill switches' into their mobile offering in response to petitions from elected officials claiming that a similar Apple feature has deterred theft and violent crime.

Research Project Pays People to Download, Run Executables

Thu, 06/19/2014 - 11:57
Incentivized by a minimal amount of cash, computer users who took part in a study were willing to agree to download an executable file to their machines without questioning the potential consequences.

Possible TrueCrypt Fork in the Works

Thu, 06/19/2014 - 11:08
Although the developers behind the TrueCrypt encryption software have given up the ghost and decided to no longer maintain the application, interest in the project has never been higher. But, one of the developers says that a nascent effort to fork TrueCrypt is unlikely to succeed. Matthew Green, a cryptographer and professor at Johns Hopkins […]

Hacker Puts Hosting Service Code Spaces Out of Business

Wed, 06/18/2014 - 17:09
Cloud-based code-hosting service Code Spaces announced today it was going out of business after a hacker deleted most of its machines, customer data and backups.

Hacker Exploits NAS Vulnerabilities to Mine $620K in Dogecoin

Wed, 06/18/2014 - 15:01
A hacker exploiting vulnerabilities in Synology network attached storage boxes was able to mine $620,000 in Dogecoin.

FTC Asking DEF CON to Help Catch Robocallers

Wed, 06/18/2014 - 13:01
The FTC is seeking help from hackers at DEF CON to help lure and identify the perpetrators of illegal robocalling scams, whether they are criminal or corporate.

A Spam Trinity: Email Harvesters, Botmasters, Spammers

Wed, 06/18/2014 - 12:55
Researchers at the University of California Santa Barbara and Aachen University in Germany examined the relationship between spammers, botmasters and email harvesters in order to improve antispam systems.

Flaws Found in USCIS RFID Card Production System

Wed, 06/18/2014 - 11:42
The system that’s used to produce RFID-enabled identification cards–including permanent resident IDs–by the United States Citizenship and Immigration Service has a number of serious security issues, according to a new report from the Office of the Inspector General at DHS. Among the issues the OIG found is that nearly all of the workstations in the system […]

Belkin Patches Directory Traversal Bug in Wireless Router

Wed, 06/18/2014 - 10:42
There’s a serious security vulnerability in the Belkin N150 wireless router that can enable a remote, unauthenticated attacker to read any system file on a vulnerable router. The bug is a directory traversal vulnerability and the CERT/CC advisory says that all versions of the router that are running firmware up to and including firmware version […]

Microsoft Warns of Denial-of-Service Bug in Malware Protection Engine

Tue, 06/17/2014 - 15:05
Microsoft released a security advisory today warning users of a denial of service vulnerability in its Malware Protection Engine which ships with a number of Microsoft security products.

Asprox Malware Borrowing Stealth from APT Campaigns

Tue, 06/17/2014 - 12:01
The Asprox botnet has evolved to include APT characteristics that help it evade detection by security software.

Android Root Access Vulnerability Affecting Most Devices

Tue, 06/17/2014 - 10:47
Geohot's latest Android rooting tool relies on a privilege root access, escalation vulnerability affecting the majority of commercial Android builds.

AT&T Warns Customers of Data Breach

Tue, 06/17/2014 - 10:34
AT&T has notified some of its mobile customers that employees of one of its contractors accessed some customer information, including birth dates and Social Security numbers, in an effort to generate codes that could be used to unlock devices. The company did not specify how many customers were affected by the breach, and it doesn’t appear […]

Ten Years Later, Cabir Worm’s Place in History is Unique

Mon, 06/16/2014 - 15:56
It’s difficult to remember now–and seems quaint even if you can recall it–but there was a time in the not-so-distant past when industry analysts and security experts were worried about the coming mobile malware apocalypse. Self-replicating malware would soon be flooding our phones, deleting our coveted ringtones and preventing us all from playing Snake. Mobile phones […]

Hackers Breach Domino’s France, Demand Ransom Payment

Mon, 06/16/2014 - 11:27
A hacker group is demanding a €30,000 ransom payment after compromising systems belonging to Domino's in France and Belgium and stealing 600,000 customer records.

Dyreza Banker Trojan Seen Bypassing SSL

Mon, 06/16/2014 - 10:52
Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at a newer banker Trojan that has the […]

Scans Quantify Vulnerable OpenSSL Servers

Fri, 06/13/2014 - 14:05
Qualys director of engineering Ivan Ristic published data that indicates about half of servers running OpenSSL are vulnerable to CVE-2014-0224.