Monday, October 23, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher Malware dubbed IOTroop that researchers say is "worse than Mirai" has already infected one million businesses worldwide.
Necurs-Based DDE Attacks Now Spreading Locky Ransomware Researchers have spotted Locky ransomware infections emanating from the Necurs botnet via Word attachments using a DDE technique that Microsoft says is an Office feature and does not merit a security patch.
Lenovo Quietly Patches Massive Bug Impacting Its Android Tablets and Zuk, Vibe Phones Lenovo customers are being told to update their Android tablets and handsets to protect themselves against a handful of critical vulnerabilities impacting tens of millions of vulnerable Lenovo devices.
Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible A flawed Infineon Technology chipset left HP, Lenovo and Microsoft devices open to what is called a 'practical factorization attack,' in which an attacker computes the private part of an RSA key.

Latest News

Latest Sofacy Campaign Targeting Security Researchers

Sofacy has been using a lure document connected to a cyber conflict conference to target researchers and others interested in cybersecurity.

DHS Alert on Dragonfly APT Contains IOCs, Rules Likely to Trigger False Positives

A joint Technical Alert, TA17–293A, describing the activities of a Russian APT may contain signatures and rules likely to trigger false positives in some security systems.

New Magniber Ransomware Targets South Korea, Asia Pacific

Researchers identified a new ransomware family called Magniber that uniquely only targets users in South Korea and the Asia Pacific regions.

Threatpost News Wrap, Oct. 20, 2017

This week's Threatpost News Wrap Podcast recaps the ROCA, KRACK and Boundhook attacks, as well as the release of Google Advanced Protection for Gmail.

Cisco Warns 69 Products Impacted by KRACK

Cisco patched a critical bug in its Cloud Services Platform 2100 hardware and at the same time told customers 96 of its products are vulnerable to KRACK vulnerabilities.

Google Play Bounty Promises $1,000 Rewards for Flaws in Popular Apps

Google announced a public bug bounty for Google Play that brings developers and researchers together to find and patch flaws in popular apps.

Hackers Take Aim at SSH Keys in New Attacks

SSH private keys are being targeted by hackers who have stepped up the scanning of thousands of WordPress website in search of private keys.

Google Advanced Protection Trades Ease-of-Use for Security

Experts applaud a new Google service, Advanced Protection, which beefs up account password protection and limits access to a user’s Gmail and Drive.

FBI Asks Businesses to Share Details About DDoS Attacks

The FBI has made an appeal to organizations victimized by DDoS attacks to share details and characteristics of those incidents.

BoundHook Attack Exploits Intel Skylake MPX Feature

A new attack method takes advantage a feature in Intel’s Skylake microprocessor allowing for post-intrusion application hooking and stealth manipulation of applications.