Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 16 min 5 sek zpět

Chris Vickery on Amazon S3 Data Leaks

1 hodina 30 min zpět
Mike Mimoso talks to Chris Vickery of Upguard of the recent rash of Amazon S3 data leaks.
Kategorie: Viry a Červi

Adobe Private PGP Key Leak a Blunder, But It Could Have Been Worse

3 hodiny 15 min zpět
Adobe suffered at a minimum a PR black eye on Friday when one of its private PGP keys was inadvertently published to its Product Incident Security Response Team (PSIRT) blog.
Kategorie: Viry a Červi

Verizon Wireless Internal Credentials, Infrastructure Details Exposed in Amazon S3 Bucket

22 Září, 2017 - 21:56
Verizon is the latest company to leak confidential data through an exposed Amazon S3 bucket.
Kategorie: Viry a Červi

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

22 Září, 2017 - 20:02
Banking Trojan Retefe is adopting new WannaCry tricks, adding an EternalBlue module to propagate the malware.
Kategorie: Viry a Červi

2016 SEC Hack May Have Benefited Insider Trading

22 Září, 2017 - 17:47
The U.S. Securities and Exchange Commission said this week that hackers managed to infiltrate one of its systems last year, something that likely facilitated insider trading.
Kategorie: Viry a Červi

Samba Update Patches Two SMB-Related MiTM Bugs

22 Září, 2017 - 17:00
Samba released three security updates, including two related to SMB connections that could be abused by an attacker already on the network to hijack connections and manipulate traffic or data sent from a client.
Kategorie: Viry a Červi

What’s New In Android 8.0 Oreo Security

22 Září, 2017 - 16:00
Google’s Android security team has turned a corner with 8.0 Oreo, reducing the attack surface, compartmentalizing components and beefing up protection against rogue apps.
Kategorie: Viry a Červi

Threatpost News Wrap, September 22, 2017

22 Září, 2017 - 15:00
The Equifax data breach saga so far, a Google HTTPS warnings paper, cryptocurrency mining at the Pirate Bay, and bringing machine learning to passwords are all discussed.
Kategorie: Viry a Červi

Iranian APT33 Targets US Firms with Destructive Malware

21 Září, 2017 - 19:54
APT33 targets petrochemical, aerospace and energy sector firms based in U.S., Saudi Arabia and South Korea with destructive malware linked to StoneDrill.
Kategorie: Viry a Červi

Joomla Patches Eight-Year-Old LDAP Injection Vulnerability

21 Září, 2017 - 18:56
Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials.
Kategorie: Viry a Červi

What Triggers HTTPS Chrome Browser Warnings?

20 Září, 2017 - 20:20
Researchers combed through 2,000 Chrome error reports to better classify HTTPS error warnings.
Kategorie: Viry a Červi

Malware Steals Data From Air-Gapped Network via Security Cameras

20 Září, 2017 - 19:40
Proof-of-concept malware called aIR-Jumper can be used to bypass air-gapped network protections and send data in and out of network.
Kategorie: Viry a Červi

Deep-Learning PassGAN Tool Improves Password Guessing

20 Září, 2017 - 19:00
A deep-learning network known as a GAN has been applied to passwords, and a tool called PassGAN significantly improves the ability to guess user passwords over tools such as Hashcat or John the Ripper.
Kategorie: Viry a Červi

Cloud-Focused Firms Earn High Marks for Software Security in BSIMM8 Report

20 Září, 2017 - 12:05
Businesses that are cloud-focused tend to run the most secure software, while the healthcare sector is struggling the most when it comes to accomplishing the same goal, according to the BSIMM8 Report.
Kategorie: Viry a Červi

iOS 11 Update includes Patches for Eight Vulnerabilities

19 Září, 2017 - 23:21
Apple released a number of patches, including a security update for iOS 11, which is available today.
Kategorie: Viry a Červi

Equifax Suffered Earlier Breach in March

19 Září, 2017 - 19:47
Equifax suffered another breach of its systems, back in March, the company revealed Monday.
Kategorie: Viry a Červi

Risks Limited With Latest Apache Bug, Optionsbleed

19 Září, 2017 - 16:29
The risks surrounding the latest Apache bug, called Optionsbleed, are limited given it can only be attacked under certain conditions. Apache, and many Linux distributions, have patched the flaw.
Kategorie: Viry a Červi

Attackers Use Undocumented MS Office Feature to Leak System Profile Data

18 Září, 2017 - 22:33
An undocumented Microsoft Office feature allows for spying via specially crafted Word documents—no macros, exploits or any other active content needed.
Kategorie: Viry a Červi

Pirate Bay Spotted Hosting Monero Cryptocurrency Miner

18 Září, 2017 - 20:19
A cryptocurrency miner surfaced on The Pirate Bay for a day over the weekend.
Kategorie: Viry a Červi

Rogue WordPress Plugin Allowed Spam Injection

15 Září, 2017 - 21:54
A rogue version of the WordPress plugin called “Display Widget” allowed third-parties to injecting spam advertising content into victims’ sites.
Kategorie: Viry a Červi