Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 8 hours 47 min ago

Hot, Cold Reactions to New Google Play App Permissions

Thu, 06/12/2014 - 14:51
Google Play's new app permissions arrive with some privacy concerns.

Versatility of Zeus Framework Encourages Criminal Innovation

Thu, 06/12/2014 - 14:30
Ever since the Zeus source code leaked in late 2010, criminals have been creating highly customized, difficult-to-detect versions of it that target very specific services.

Facebook Set to Let Users Edit Own Advertising Info

Thu, 06/12/2014 - 13:15
Facebook announced it will soon be rolling out a new feature to give its users more control when it comes to the types of advertisements they see on the site.

A Day To Forget For Teen At Center Of TweetDeck Shutdown

Thu, 06/12/2014 - 12:19
An Austrian teen at the center of yesterday's TweetDeck security incident explains how things went wrong and what the last 24 hours have been like.

VMware Patches ESXi Against OpenSSL Flaw, But Many Other Products Still Vulnerable

Thu, 06/12/2014 - 09:38
While the group of vulnerabilities that the OpenSSL Project patched last week hasn't grown into the kind of mess that the Heartbleed flaw did, the vulnerabilities still affect a huge range of products.

TweetDeck Taken Down in Wake of XSS Attacks

Wed, 06/11/2014 - 13:45
TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today.

Token Abuse Exposes Gmail Addresses

Wed, 06/11/2014 - 13:07
Google patched a vulnerability that a researcher was able to exploit in order to collect every Gmail address.

DDoS Attacks Take Down Feedly, Evernote

Wed, 06/11/2014 - 10:58
News aggregator Feedly and note-taking service Evernote were both knocked offline by distributed denial of service attacks in the last 24 hours.

Mozilla Patches Seven Flaws in Firefox 30

Wed, 06/11/2014 - 10:31
Mozilla has fixed seven security vulnerabilities in Firefox 30, including five critical flaws that could enable remote code execution.

Alleged Oleg Pliss iPhone Hackers Arrested in Russia

Tue, 06/10/2014 - 15:00
The hackers behind last month’s iPhone ransomware campaign – in which many users were asked to pay $100 to unlock their devices – may be behind bars now.

Microsoft Patches IE8 Zero Day, Critical Word Bug

Tue, 06/10/2014 - 14:09
Microsoft's June 2014 Patch Tuesday security updates patched 66 vulnerabilities, including 59 in a critical Internet Explorer cumulative update.

Audit Project Releases Verified Repositories of TrueCrypt 7.1a

Tue, 06/10/2014 - 13:59
As the uncertainty surrounding the end of TrueCrypt continues, members of the security community are working to preserve a known-good archive of the last version of the open source encryption software released before the developers inserted a warning about potential unfixed bugs in the software and ended development. The team behind the Open Crypto Audit […]

Attacks Against Space, Satellite Companies Linked to Second Chinese PLA Unit

Tue, 06/10/2014 - 13:01
Espionage attacks against aerospace and satellite companies in the U.S. and Europe have been linked to a Chinese People's Liberation Army unit, security company Crowdstrike said.

Cisco Patches XSS Flaw in Security Appliances

Tue, 06/10/2014 - 10:47
There’s a reflected cross-site scripting vulnerability in a variety of Cisco security appliances that enables a remote, unauthenticated attacker to execute arbitrary code in the context of the user. The vulnerability affects the Cisco Email Security Appliance, the Cisco Web Security Appliance and the Content Security Management Appliance. Cisco has released updated software to fix […]

New Pandemiya Banking Trojan Written From Scratch

Tue, 06/10/2014 - 09:52
A new banking Trojan called Pandemiya is for sale in hacker forums. The malware took a year to write from scratch, RSA Security said, in order to avoid detection and analysis.

‘Red Button’ Attack Could Compromise Some Smart TVs

Mon, 06/09/2014 - 15:33
A vulnerability in an emerging interactive television standard could open up number of smart TVs to untraceable drive-by attacks.

RIG Exploit Kit Pushing Cryptowall Ransomware

Mon, 06/09/2014 - 14:04
The RIG Exploit Kit is using malvertising to infect victims with Cryptowall ransomware, including one tiny New Hampshire town that proved backup is king when confronting ransomware.

Android Ransomware First to Encrypt Data on Mobile Devices

Mon, 06/09/2014 - 12:28
Researchers at Kaspersky Lab reported the first strain of Android ransomware that encrypts the contents of a device. The malware communicates either over Tor, or via HTTP and SMS.

ICS-CERT Warns of Easily Hackable Road Signs

Mon, 06/09/2014 - 11:38
ICS-CERT has issued an alert warning that a certain software that manages electronic highways signs contains a vulnerability that makes such signs susceptible to hacking.

iOS 8 Will Randomize MAC Addresses to Help Stop Tracking

Mon, 06/09/2014 - 10:41
Apple enthusiasts have been poring over the feature list for iOS 8, due out this fall, geeking out over the tighter integration among all iOS devices, the improved mail app and myriad other bells and whistles. But perhaps the most important change is a subtle one hidden beneath the covers that will help prevent much […]