Security News

Macro Malware Comes to macOS (Threatpost)
2017-02-08 13:21

Cybercriminals have developed macro malware for the macOS, the first time this technique has been spotted on the Apple platform.

Attackers Capitalizing on Unpatched WordPress Sites (Threatpost)
2017-02-07 21:07

WordPress sites slow to update to the recent 4.7.2 security release run the risk of falling victim to a handful of defacement attacks spotted by Sucuri.

Popular iOS Apps Vulnerable to TLS Interception Attacks (Threatpost)
2017-02-07 19:13

More than 70 iOS apps are vulnerable to man-in-the-middle attacks where TLS connections can be intercepted and sensitive data stolen.

Smart TV Manufacturer Vizio Fined $2.2M for Tracking Customers (Threatpost)
2017-02-07 18:31

Smart TV manufacturer Vizio settled with the FTC on Monday over charges the company collected data on 11 million consumer TVs.

St. Jude Patches Additional Cardiac Device (Threatpost)
2017-02-07 18:15

St. Jude Medical added another Merlin@home Transmitter medical device to its list of equipment vulnerable to a man-in-the-middle attack.

InterContinental Hotels Confirms Credit Card Breach (Threatpost)
2017-02-06 19:46

InterContinental Hotels Group confirmed and released addition details pertaining to a breach that targeted payment card systems used in 12 of its hotels.

ICS, SCADA Security Woes Linger On (Threatpost)
2017-02-06 19:20

A recent batch of vulnerabilities in Honeywell building automation system software epitomize the linger security issues around SCADA and industrial control systems.

Honeywell SCADA Controllers Exposed Passwords in Clear Text (Threatpost)
2017-02-03 20:03

A series of remotely exploitable vulnerabilities - including clear text passwords - exist in a set of Honeywell SCADA systems.

Locky Ransomware, Kovter Click-Fraud Malware Spreading in Same Campaigns (Threatpost)
2017-02-03 19:45

Locky ransomware and Kovter click-fraud malware are being spread in the same email campaign for the first time, with malicious .lnk files being used to infect computers.

Threatpost News Wrap, February 3, 2017 (Threatpost)
2017-02-03 16:20

Mike Mimoso and Chris Brook recap the news of the week, including a Microsoft SMB zero day, the latest Netgear router vulnerability, and a new HTTPS milestone.