Profile

Cover photo
Threatpost
768 followers|245,649 views
AboutPostsPhotosYouTube

Stream

Threatpost

Shared publicly  - 
 
Researchers identified a cross-site scripting vulnerability in a page on the LifeLock website that could allow an attacker to create an authentic-looking login page for the service and harvest usernames and passwords from customers.
1
Add a comment...

Threatpost

Shared publicly  - 
 
A class-action lawsuit filed by a government employees’ union against the Office of Personnel Management as a result of the massive data breach at OPM that affects more than 18 million people alleges that not only did the agency know about vulnerabilities in its network long before the attack, but that the agency’s director and CIO both broke federal laws by ignoring directives to fix the weaknesses.
1
Add a comment...

Threatpost

Shared publicly  - 
 
Amazon’s home grown TLS implementation called s2n (signal to noise) was released to open source. s2n is a mere 6,000 lines of code and will be integrated into a number of Amazon Web Services.
2
Add a comment...

Threatpost

Shared publicly  - 
 
Authorities in six different countries worked together last week to take down a cybercrime ring which ultimately infected tens of thousands of computers with Zeus and SpyEye malware and made off with roughly $2.25 M dollars from banks in the process.
2
1
Ed's Computer Solutions's profile photo
Add a comment...

Threatpost

Shared publicly  - 
 
People love to try and get something for nothing, especially on the Internet where there’s all kinds of things available for nothing. But a lot of those free things are illegal and attackers have become very adept at taking advantage of users’ desire for free episodes of Gilmore Girls or bonus Dragon Ball Z content. 
2
1
Ed's Computer Solutions's profile photo
Add a comment...

Threatpost

Shared publicly  - 
 
Samsung said today it will no longer automatically disable Windows updates on PCs and laptops it manufactures and will release a patch “within a few days.”
4
1
Ed's Computer Solutions's profile photo
Add a comment...
Have them in circles
768 people
Colin Scroggins's profile photo
Jean-Noel Meurisse's profile photo
Ian Nicholson's profile photo
Jeremy Creaghan's profile photo
Abhishek Karmakar's profile photo
RyPul Threat Assessments's profile photo
Ólafur Guðmundsson's profile photo
Christian de la Cruz's profile photo
R Secrist's profile photo

Threatpost

Shared publicly  - 
 
Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.
1
Add a comment...

Threatpost

Shared publicly  - 
 
Apple has released new versions of iOS and OS X, both of which include a significant number of security patches, several for bugs that can lead to remote code execution and other serious issues. 
2
Add a comment...

Threatpost

Shared publicly  - 
 
Peiter Zatko, a longtime researcher and hacker better known as Mudge in security circles, announced he’s leaving Google to start an initiative designed to be a cyber version of Underwriters’ Laboratory.
1
1
Nicholas G's profile photo
Add a comment...

Threatpost

Shared publicly  - 
 
Amazon patched three vulnerabilities in its Fire Phone, two of which allow for silent certificate installations.
3
1
Ed's Computer Solutions's profile photo
Add a comment...

Threatpost

Shared publicly  - 
 
Exploits for the recently patched Adobe Flash Player zero-day have appeared in the Magnitude Exploit Kit and are leading to Cryptowall ransomware infections.
2
1
Gabriel Rüeck's profile photoEd's Computer Solutions's profile photo
 
Flasg Player must be phased out completely. Fortunately, most websites do not rely on it any more.
Add a comment...

Threatpost

Shared publicly  - 
 
The IETF, in RFC7568, declared SSLv3 “not sufficiently secure” and prohibited its use. SSLv3 fallbacks were to blame for the POODLE and BEAST attacks.
5
1
Johan Kestens's profile photo
Add a comment...
People
Have them in circles
768 people
Colin Scroggins's profile photo
Jean-Noel Meurisse's profile photo
Ian Nicholson's profile photo
Jeremy Creaghan's profile photo
Abhishek Karmakar's profile photo
RyPul Threat Assessments's profile photo
Ólafur Guðmundsson's profile photo
Christian de la Cruz's profile photo
R Secrist's profile photo
Contact Information
Contact info
Email
Story
Tagline
Up-to-the-minute news and information for IT, security and business professionals.
Introduction

Threatpost is Kaspersky Lab’s Security News Service. Threatpost is dedicated to helping IT security professionals succeed at their work by delivering the most timely and important security news and analysis on the Web.

Each day, our editors and reporters scour the Internet and cover the day’s most relevant security news. We break important original stories and bring you the best, curated news feed from other sources.

Threatpost’s global editorial activities are driven by industry-leading security journalists Dennis Fisher (@dennisf) and Michael Mimoso (@Mike_Mimoso), who bring over 25 years of reporting experience to their mission of delivering insight into the issues that affect the lives of security professionals every day. Fisher and Mimoso are assisted by junior editors Chris Brook (@Brokenfuses) and Brian Donohue (@TheBrianDonohue).

Make Threatpost your first stop for security news and analysis.

Links