Sunday, June 26, 2016
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Threatpost News Wrap, June 17, 2016 Mike Mimoso and Chris Brook discuss the news of the week, including a password issue at Github, the xDedic marketplace, and another Flash zero day.
Breached Credentials Used to Access Github Repositories Password reuse strikes GitHub users, some of whom will have to reset their credentials after unauthorized attempts were made to access a large number of GitHub accounts.
Anti-Surveillance Measure Quashed: Orlando Massacre Cited as Reason The House voted Thursday to block passage of an amendment aimed to reign in U.S. domestic mass surveillance by the NSA and protect strong encryption standards citing Sunday's Orlando tragedy.
Patched BadTunnel Windows Bug Has ‘Extensive’ Impact Microsoft patched a NetBios Name Spoofing vulnerability on Patch Tuesday that impacts every version of Windows.

Latest News

Medical Study Blasts Hospitals’ Security Practices

An academic study sheds light on how medical professionals are often forced to find analog workarounds to combat unwieldy security solutions, putting patient care at risk.

Selfrando Technique Mitigates Attacks Unmasking Tor Users

A team of academics and researchers has developed a technique called selfrando that it says can defend against attacks that unmask users of the Tor Network.

Voter Database Leak Exposes 154 Million Sensitive Records

A voter database found by a white hat hacker included gun ownership, preferences on gay marriage and linked to individual social media accounts.

Threatpost News Wrap, June 24, 2016

Mike Mimoso and Chris Brook recap the news of the week, including a Bitcoin phishing campaign, the Kaspersky Lab ransomware report, misconfigured email servers, and a decline in Angler exploit kit traffic.

Popular Anime Site Infected, Redirecting to Exploit Kit, Ransomware

Jkanime, a popular site that streams anime videos, has been infected with malware that redirects to the Neutrino Exploit Kit and CryptXXX ransomware infections.

Necurs Botnet is Back, Updated With Smarter Locky Variant

After a mysterious three weeks off the grid, Necurs has returned to spewing massive volumes of email containing improved versions of the potent Locky ransomware and Dridex banking Trojan.

Mobile Advertising Firm Found Tracking Users To Pay $950K

A mobile advertising company that settled charges with the Federal Trade Commission this week will pay nearly $1M after it was determined the company tracked customers – including children – without their consent.

Carbonite Triggers Password Reset for 1.5M Customers After Reuse Attack

Online backup firm Carbonite is forcing all of its 1.5 million users to change their passwords after reporting it was targeted in a password reuse attack.

Unpatched Remote Code Execution Flaw Exists in Swagger

Researchers at Rapid7 found a vulnerability in the Swagger Code Generator that could execute arbitrary code embedded in a Swagger document.

WordPress Security Update Patches Two Dozen Flaws

WordPress updated to version 4.5.3, a security release for all versions.