Saturday, October 01, 2016
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Sofacy APT Targeting OS X Machines with Komplex Trojan APT gang Sofacy is targeting Mac OS X users with a Trojan that allows an attacker to execute remote commands on infected systems.
Questions Mount Around Yahoo Breach Crypto company Venafi points out potential holes in Yahoo's processes and policies around cryptography and digital certificates, any of which could have been exploited in the breach to move data off the Yahoo network.
Hancitor Downloader Abusing APIs, PowerShell Commands Developers behind the malicious downloader Hancitor have bolstered the malware again, this time with new delivery approaches that make it more difficult to detect.
Cisco Warns of Command Injection Flaw in Cloud Platform Cisco rolls out a bevy of patches tied to vulnerabilities found in its cloud services platform, IOS software and Prime Home products.

Latest News

Academics Put Another Dent in Online Anonymity

Academics from Stanford and Princeton release an online tool called Footprints that correlates browsing history with Twitter feeds to reveal a users identity.

Report a Grim Reminder of State of Critical Infrastructure Security

Government ICS report reveals access control a major issue for sector along with nagging issues around poor code quality and cryptography.

Threatpost News Wrap, September 30, 2016

The latest on the Yahoo breach, Germany's problem with WhatsApp-Facebook, Facebook's osquery tool for Windows, and Zerodium's $1.5M iOS bounty are all discussed.

Backdoored D-Link Router Should be Trashed, Researcher Says

A researcher who found a slew of vulnerabilities in a popular router says it’s so hopelessly broken that consumers who own them should throw them away.

Zerodium Triples its iOS 10 Bounty to $1.5 Million

Zerodium tripled the bounty it offers for an Apple iOS 10 remote jailbreak, boosting the reward to $1.5 million.

Yahoo Challenged on Claims Breach Was State-Sponsored Attack

Experts challenge Yahoo's assertion that state-sponsored hackers were behind a 2014 breach that resulted in 500 million lost records.

Cisco Warns of Critical Flaw in Email Security Appliances

Cisco released a patch for a critical flaw that allowed a remote attacker to gain control of one of its email security appliances.

Vendetta Brothers Cyber Crooks Adopt Real World Tactics

The Vendetta Brothers have mastered the real-world art of organized crime - outsourcing, partnerships, diversification and insulating liability.

Microsoft Unveils Cloud-Based Fuzz-Testing Service

Microsoft announced a cloud-based fuzz testing service called Project Springfield that identifies software bugs in applications that could turn into vulnerabilities.

ISC Patches Critical Error Condition in BIND

The Internet Systems Consortium patched the BIND domain name system this week, addressing what it calls a critical error condition in the software.