Feed aggregator

Uber Announces Breach of ‘Partner’ Information

Threatpost for B2B - Mon, 03/02/2015 - 10:32
Uber announced that attackers had compromised databases containing current and former driver partner names and license numbers.

Pharming Attack Targets Home Router DNS Settings

Threatpost for B2B - Fri, 02/27/2015 - 15:07
A pharming attack has been detected targeting home routers distributed from Brazil's largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.

Threatpost News Wrap, February 27, 2015

Threatpost for B2B - Fri, 02/27/2015 - 12:30
Mike Mimoso and Dennis Fisher discuss the news of the last week, including the Superfish fiasco, the Gemalto SIM hack controversy and the continuing NSA drama.

Video: Vitaly Kamluk on The Equation Group APT

Threatpost for B2B - Fri, 02/27/2015 - 12:17
Kaspersky Lab researcher Vitaly Kamluk discusses the Equation Group, claiming it is the most sophisticated advanced persistent threat group in the world.

Twitter Changes Abuse Reporting Process to Address Doxing

Threatpost for B2B - Fri, 02/27/2015 - 12:11
Twitter has revised and simplified its rules and process for reporting abusive behavior on the service, and users now have the ability to report people who are posting their personal information. The change essentially gives Twitter users a method to combat doxing, which is the process of dumping a victim’s personal information online. This often […]

Komodia Certificate Manipulation Likely Led To Man-In-The-Middle Attacks

Threatpost for B2B - Thu, 02/26/2015 - 17:02
The EFF's Decentralized SSL Observatory turned up 1,600 certificates that should have been rejected but instead passed browser checks because they were manipulated by Komodia's SSL Digester interception module.

Up to 18.8 Million Non-Anthem Customers Affected in Breach

Threatpost for B2B - Thu, 02/26/2015 - 13:40
In addition to roughly 80 million Anthem customers, nearly 20 million more individuals who aren’t customers of the health insurer could ultimately wind up implicated in this month’s massive data breach.

DDoS Exploit Targets Open Source Rejetto HFS

Threatpost for B2B - Thu, 02/26/2015 - 11:01
An automated attack targeting users of the open source Rejetto webserver and file-sharing application tried to inject the IptabLes DDoS tool.

Firefox 36 Arrives With Patches For Three Critical Flaws

Threatpost for B2B - Thu, 02/26/2015 - 10:41
Mozilla has patched 16 security vulnerabilities in Firefox, including three critical flaws in the browser. One of the critical vulnerabilities patched with the release of Firefox 36 is a buffer overflow in the libstagefright library that can be exploitable under some circumstances. “Security researcher Pantrombka reported a buffer overflow in the libstagefright library during video […]

Ransomware Looming As Major Long-Term Threat

Threatpost for B2B - Thu, 02/26/2015 - 09:00
On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet, […]
Syndicate content