Ransomware has emerged as major threat to consumers and businesses in recent years, and law enforcement agencies and security researchers have taken note. Authorities last year disrupted the Cryp...
https://threatpost.com/dutch-police-arrest-alleged-coinvault-ransomware-authors/114707/
A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address spac...
https://threatpost.com/scan-of-ipv4-space-for-implanted-cisco-routers-finds-fewer-than-100/114687/
There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed ap...
https://threatpost.com/bug-in-ios-and-osx-allows-writing-of-arbitrary-files-via-airdrop/114681/
Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks re...
https://threatpost.com/attackers-replacing-firmware-on-cisco-routers/114665/
The maintainers of Debian have released new packages to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application. Among the pat...
https://threatpost.com/new-debian-releases-fix-php-virtualbox-bugs/114655/
The Tor Project recently started a program to help libraries install Tor relays as a way to protect the privacy of patrons and other Internet users. The program didn’t get too far, however, as ...
https://threatpost.com/installation-of-tor-relays-in-library-attracts-dhs-attention/114652/
There is a series of stack buffer overflows in nearly 20 ICS products manufactured by Japanese vendor Yokogawa that can lead to remote code execution. The bugs affect a long list of the compan...
https://threatpost.com/series-of-buffer-overflows-plague-many-yokogawa-ics-products/114639/
Dennis Fisher talks to Gary McGraw about the challenges of scaling software security programs, the FTC’s security programs, and the current push for better security in medical devices.
https://threatpost.com/gary-mcgraw-on-scalable-software-security-and-medical-device-security/114640/
A pair of modules included in the Drupal content management system have been updated to fix access bypass vulnerabilities that could allow an attacker to take actions on the behalf of some users....
https://threatpost.com/pair-of-drupal-modules-patch-access-bypass-flaws/114617/
Excellus BlueCross BlueShield, a large health care provider in New York state, says it was hit by an attack that began in 2013 and wasn’t discovered until last month, resulting in the compromis...
https://threatpost.com/ny-health-provider-excellus-discloses-data-breach-dating-to-2013/114615/