Sunday, November 19, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Debugging Tool Left on OnePlus Phones, Enables Root Access Phone maker OnePlus is being blasted for leaving a developer debugging app on its handsets allowing phones to be rooted by an attacker with physical access to the device.
Adobe Patches Flash Player, 56 Bugs in Reader and Acrobat Adobe released a monster update for Acrobat and Reader patching dozens of remote code execution vulnerabilities, along with a Flash Player update addressing a handful of critical flaws.
AutoIt Scripting Used By Overlay Malware to Bypass AV Detection IBM’s X-Force Research team reports hackers attacking Brazilian banks are using the Windows scripting tool called AutoIt to reduces the likelihood of antivirus software detection.
Microsoft Provides Guidance on Mitigating DDE Attacks Microsoft published guidance for Windows admins on how to safely disable Dynamic Data Exchange (DDE) fields in Office that are being used to spread malware in email-based attacks.

Latest News

Threatpost News Wrap Podcast for Nov. 10

Threatpost editors Mike Mimoso and Tom Spring discuss the week's information security news.

Eavesdropper Vulnerability Exposes Mobile Call, Text Data

Developers using the Twilio platform to build enterprise mobile communications apps have put call and text data at risk for exposure.

Hundreds of Millions in Digital Currency Remains Frozen

Between $150 million and $300 million in digital currency called ether remains inaccessible today after a user said he “accidentally” triggered a vulnerability that froze the funds in the popular Parity wallet.

Privacy Clouds Form Over Mantistek Gaming Keyboard

Questions brew over whether Mantistek GK2 Mechanical Gaming Keyboard is snooping on users as they type.

Texas Shooter’s Phone Encrypted

The FBI cannot access a cellphone belonging to the dead suspect in Sunday’s Texas shooting, a situation that could reignite the government’s debate over encryption.

Assessing Weaknesses in Public Key Infrastructure

Academic researchers size up weaknesses in the the code-signing Public Key Infrastructure and highlight three types of flaws.

Brother Printers Susceptible to Remote Denial of Service Attacks

Trustwave discloses an unpatched vulnerability in Brother printers with the Debut embedded webserver after numerous attempts to contact the vendor failed.

US-CERT Warns of Crypto Bugs in IEEE Standard

Weak cryptography in the IEEE P1735 electronics standard allow attackers to recover valuable intellectual property in plaintext from SoCs and integrated circuits.

Cisco Patches DoS Flaw in BGP over Ethernet VPN Implementation

Cisco has updated its IOS XE software to address a denial of service vulnerability in its implementation of BGP over an Ethernet VPN.

Data Pours from Cloud—And ‘The Enemy is Us’

Enterprises are grappling with widespread incidents of misconfigured servers leaking sensitive data to the public internet.