Threatpost

Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 3 min 36 sek zpět

First Practical SHA-1 Collision Attack Arrives

2 hodiny 46 min zpět
Researchers unveiled the first-ever practical collision attack the cryptographic hash function SHA-1.
Kategorie: Hacking & Security

Impact of New Linux Kernel DCCP Vulnerability Limited

4 hodiny 52 min zpět
Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks.
Kategorie: Hacking & Security

Java, Python FTP Injection Attacks Bypass Firewalls

6 hodin 45 min zpět
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.
Kategorie: Hacking & Security

Publicly Disclosed Windows Vulnerabilities Await Patches

8 hodin 3 min zpět
Microsoft's delayed release of its February security bulletins leaves users exposed to a pair of already publicly disclosed vulnerabilities.
Kategorie: Hacking & Security

Criminals Monetizing Attacks Against Unpatched WordPress Sites

22 Únor, 2017 - 22:46
Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit.
Kategorie: Hacking & Security

Google Upspin Secure File-Sharing Released to Open Source

22 Únor, 2017 - 19:44
New file-sharing protocols and interfaces called Upspin have been released to open source. Built by Google, Upspin returns access control and data security to the user.
Kategorie: Hacking & Security

Intermediate CA Caching Could Be Used to Fingerprint Firefox Users

22 Únor, 2017 - 19:41
The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.
Kategorie: Hacking & Security

Data Stealing Malware TeamSpy Resurfaces in Spam Campaign

21 Únor, 2017 - 22:08
After a nearly four-year respite, the data-stealing TeamSpy malware has resurfaced in a spam campaign.
Kategorie: Hacking & Security

OpenSSL Update Fixes High-Severity DoS Vulnerability

21 Únor, 2017 - 22:02
US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e.
Kategorie: Hacking & Security

Google Discloses Unpatched Microsoft Vulnerability

21 Únor, 2017 - 19:02
Google Project Zero researchers are warning of an unpatched Microsoft vulnerability in the Windows' GDI library that allows attackers to steal sensitive data from program memory.
Kategorie: Hacking & Security

Rook Security on Online Extortion

21 Únor, 2017 - 17:00
Mat Gangwer, CTO, and Tom Gorup, Security Operations Lead, at Rook Security talk to Mike Mimoso about the aggressive rise in online extortion and how it threatens not only data but physical safety.
Kategorie: Hacking & Security

Windows Botnet Spreading Mirai Variant

21 Únor, 2017 - 16:51
A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said.
Kategorie: Hacking & Security

Squirrels, Not Hackers, Pose Biggest Threat to Electric Grid

17 Únor, 2017 - 18:30
According to Marcus Sachs, CSO with the North American Electric Reliability Corporation, doomsday fears of a cyberattack against the U.S. electric grid are overblown.
Kategorie: Hacking & Security

SMTP Strict Transport Security Coming Soon to Gmail, Other Webmail Providers

17 Únor, 2017 - 16:00
SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference
Kategorie: Hacking & Security

Divide Between Work, Personal Data on Android Breached

16 Únor, 2017 - 19:50
Researchers demonstrate how malicious apps can break into secure Android work containers on EMM managed phones.
Kategorie: Hacking & Security

Cris Thomas on Cyberwar Rhetoric

16 Únor, 2017 - 15:00
Cris Thomas of Tenable Networks, aka Space Rogue of the L0pht, talks to Mike Mimoso during RSA Conference about the rhetoric and hype surrounding cyberwar, as well as a quick trip down memory lane with the L0pht and its famous 1998 testimony before Congress.
Kategorie: Hacking & Security

Setting Expectations Between States on Cyberwar

16 Únor, 2017 - 01:30
A RSA Conference panel tackles the difficulty in defining cyberwar.
Kategorie: Hacking & Security

Turning Tables on Nigerian Business Email Scammers

15 Únor, 2017 - 17:45
Researchers from Dell SecureWorks infiltrated a Nigerian business email spoofing and business email compromise operation, shutting down a number of money mule accounts in the process.
Kategorie: Hacking & Security

Google Touts Progress in Android Security in 2016

15 Únor, 2017 - 16:50
Google's Android security director touts 2016 mobile OS security accomplishments from encryption, improved APIs and new developer testing tools at the RSA Conference.
Kategorie: Hacking & Security

No Firewalls, No Problem for Google

15 Únor, 2017 - 13:00
Google secures its perimeter with explicit trust in what it knows about users and the devices connecting to its corporate services.
Kategorie: Hacking & Security