Threatpost

Syndikovat obsah Threatpost | The first stop for security news
The First Stop For Security News
Aktualizace: 3 min 10 sek zpět

Vulnerability Found in Two Keyless Entry Locks

9 hodin 1 sek zpět
Researchers are warning of a default-configuration vulnerability in the enterprise-class keyless entry products made by AMAG Technology.
Kategorie: Hacking & Security

Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models

11 Prosinec, 2017 - 18:59
HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger.
Kategorie: Hacking & Security

Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code

8 Prosinec, 2017 - 23:20
An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps.
Kategorie: Hacking & Security

Apple Fixes Flaw Impacting HomeKit Devices

8 Prosinec, 2017 - 16:31
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.
Kategorie: Hacking & Security

Banking Apps Found Vulnerable to MITM Attacks

7 Prosinec, 2017 - 19:51
Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks.
Kategorie: Hacking & Security

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

6 Prosinec, 2017 - 20:48
As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical.
Kategorie: Hacking & Security

TeamViewer Rushes Fix for Permissions Bug

5 Prosinec, 2017 - 22:04
TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission.
Kategorie: Hacking & Security

Developers Targeted in ‘ParseDroid’ PoC Attack

5 Prosinec, 2017 - 18:27
A proof of concept attack developed by researchers target users of the development platforms for Android and Java.
Kategorie: Hacking & Security

Google Cracks Down On Nosy Android Apps

4 Prosinec, 2017 - 21:28
Google beefs up privacy protections on apps distributed via third-party Android marketplaces and Google Play that that collect personal data without user consent.
Kategorie: Hacking & Security

Ursnif Trojan Adopts New Code Injection Technique

4 Prosinec, 2017 - 17:41
Researchers have found a variant of Ursnif Trojan they said is a “v3 build” that targets Australian bank customers with new redirection attack techniques.
Kategorie: Hacking & Security

Flaw Found In Dirty COW Patch

1 Prosinec, 2017 - 17:43
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016.
Kategorie: Hacking & Security

Cisco Patches Critical Playback Bugs in WebEx Players

30 Listopad, 2017 - 20:22
A Cisco Systems security advisory is urging users of its WebEx platform to patch six vulnerabilities that could allow attackers to execute remote code.
Kategorie: Hacking & Security

RAT Distributed Via Google Drive Targets East Asia

30 Listopad, 2017 - 18:02
Researchers say a new remote access Trojan dubbed UBoatRAT is targeting individuals or organizations linked to South Korea or video games industry.
Kategorie: Hacking & Security

Apple Announces Emergency Patch to Fix High Sierra Login Bug

29 Listopad, 2017 - 19:17
Apple said on Wednesday that it will rush an emergency patch to users that fixes an embarrassing login bug in its High Sierra operating system.
Kategorie: Hacking & Security

Critical Apple Login Bug Puts macOS High Sierra Systems at Risk

29 Listopad, 2017 - 02:47
A major bug in Apple’s macOS High Sierra gives anyone with physical access to a system running the latest version of the OS root access simply by putting "root" in the user name field.
Kategorie: Hacking & Security

Leaky AWS Storage Bucket Spills Military Secrets, Again

28 Listopad, 2017 - 23:11
For the second time in ten days, researchers at UpGuard released sensitive data belonging to the United States Defense Department that was stored insecurely online.
Kategorie: Hacking & Security

Google Detects and Boots Tizi Spyware Off Google Play

28 Listopad, 2017 - 18:40
Google discovered a spyware app that uses nearly a dozen old vulnerabilities to root devices and steal sensitive data from social media applications.
Kategorie: Hacking & Security

Imgur Confirms 2014 Breach of 1.7 Million User Accounts

27 Listopad, 2017 - 19:17
Researcher Troy Hunt is credited for tipping image sharing site Imgur off to a 2014 breach of 1.7 million user accounts.
Kategorie: Hacking & Security

Newly Published Exploit Code Used to Spread Mirai Variant

27 Listopad, 2017 - 15:06
Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in activity associated with what it said is a variant of the Mirai botnet.
Kategorie: Hacking & Security

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

24 Listopad, 2017 - 16:39
A proof-of-concept attack demonstrates how adversaries can abuse the Security Assertion Markup Language framework to go unnoticed and assume multiple user identities.
Kategorie: Hacking & Security