Feed aggregator

Signal 2.0 Brings Encrypted Messaging to iPhone

Threatpost for B2B - Mon, 03/02/2015 - 16:22
Signal 2.0 is available from Open WhisperSystems, and brings encrypted messaging to the iPhone.

D-Link Routers Haunted by Remote Command Injection Bug

Threatpost for B2B - Mon, 03/02/2015 - 15:02
Some D-Link routers contain a vulnerability that leaves them open to remote attacks that can give an attacker root access, allow DNS hijacking and other attacks. The vulnerability affects affects a number of D-Link’s home routers and the key details of the flaw have been made public by one of the researchers who discovered it. […]

Older Keen Team Use-After-Free IE Exploit Added to Angler Exploit Kit

Threatpost for B2B - Mon, 03/02/2015 - 14:58
Attackers behind one of the more popular exploit kits, Angler, have added a tweaked version of an exploit from last fall, a use after free vulnerability in Microsoft's Internet Explorer browser.

Mozilla Pushes Hot Fix to Remove Superfish Cert From Firefox

Threatpost for B2B - Mon, 03/02/2015 - 10:53
Mozilla has issued a hot fix for Firefox that removes the Superfish root certificate from the browser’s trusted root store. The patch only removes the certificate if the Superfish software has been removed from the machine already, however. The Superfish adware performs SSL interception–essentially running man-in-the-middle attacks on connections to secure sites–in the name of […]

Seagate Business NAS Firmware Vulnerabilities Disclosed

Threatpost for B2B - Mon, 03/02/2015 - 10:43
Remote code execution vulnerabilities in Seagate Business NAS firmware were disclosed after a 100-plus day deadline passed without a fix from the vendor.

Uber Announces Breach of ‘Partner’ Information

Threatpost for B2B - Mon, 03/02/2015 - 10:32
Uber announced that attackers had compromised databases containing current and former driver partner names and license numbers.

Pharming Attack Targets Home Router DNS Settings

Threatpost for B2B - Fri, 02/27/2015 - 15:07
A pharming attack has been detected targeting home routers distributed from Brazil's largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.

Threatpost News Wrap, February 27, 2015

Threatpost for B2B - Fri, 02/27/2015 - 12:30
Mike Mimoso and Dennis Fisher discuss the news of the last week, including the Superfish fiasco, the Gemalto SIM hack controversy and the continuing NSA drama.

Video: Vitaly Kamluk on The Equation Group APT

Threatpost for B2B - Fri, 02/27/2015 - 12:17
Kaspersky Lab researcher Vitaly Kamluk discusses the Equation Group, claiming it is the most sophisticated advanced persistent threat group in the world.

Twitter Changes Abuse Reporting Process to Address Doxing

Threatpost for B2B - Fri, 02/27/2015 - 12:11
Twitter has revised and simplified its rules and process for reporting abusive behavior on the service, and users now have the ability to report people who are posting their personal information. The change essentially gives Twitter users a method to combat doxing, which is the process of dumping a victim’s personal information online. This often […]
Syndicate content