Browsing Category: Web Security

Twitter Gains Team From Password Management Company Mitro

Twitter has announced that a cloud-based password management company called Mitro has joined the Twitter team, and all of Mitro’s code is now free and open source. Mitro’s offering a secure password manager that’s meant to help distributed teams share passwords for accounts and services. The passwords are stored in encrypted form on Mitro’s servers,[...]

Read more...

New Backoff PoS Malware Identified in Several Attacks

A new breed of point-of-sale malware has been found in several recent attacks, and experts say that the tool, known as Backoff, has extensive data stealing and exfiltration capabilities, including keylogging, memory scraping and injection into running processes.

Read more...

Crouching Yeti APT Campaign Stretches Back Four Years

Categories: Hacks, Malware, Web Security

A new analysis of a long-term APT campaign targeting manufacturers, industrial, pharmaceutical, construction and IT companies in several countries has uncovered fresh details of the attack, including identification of nearly 3,000 victims and the unmasking of the command-and-control infrastructure.

Read more...

ICS-CERT Warns of Flaw in Innominate mGuard Secure Cloud Product

The ICS-CERT is warning users about a vulnerability in a secure public cloud product from Innominate that enables an attacker to gain valuable configuration data about a target system, information that could be used in future attacks. The vulnerability is an information disclosure bug in the Innominate mGuard product, which is meant to connect operators to[...]

Read more...

Trio of Flaws Fixed in Facebook Android App

Facebook has fixed a vulnerability in its Android app could allow an attacker to cause a denial-of-service condition on a device or run up the victim’s mobile bill by transferring large amounts of data to and from the device. The flaw lies in the way that the Facebook app handles HTTP requests. The app include an HTTP server[...]

Read more...

Harnessing the Power of an Android Cluster for Security Research

When the topic of mobile security comes up, users and researchers often discuss Android as if it’s one monolithic operating system like iOS is. But the fact is that there are nearly as many versions of Android as there are Android devices, which has led to plenty of confusion when it’s time to fix a security[...]

Read more...