The earthquake that hit Nepal late last month has caused untold damage in the region and kicked off a massive relief and aid effort. Attackers are loathe to let a chance like that go by, and they have concocted a number of schemes to deprive victims of their money and hope for relief funds. Aid organizations […]
Attackers have recently taken to the job searching website CareerBuilder to spread Microsoft Word documents that masquerade as job hopefuls’ resumes, but in reality, are laden with malware.
The Mozilla Foundation announced yesterday that it is in the process making HTTP connections incompatible with its popular Firefox Web browser.
A security researcher has developed a method–actually two methods–for defeating the new Chrome Password Alert extension that Google released earlier this week. The Password Alert extension is designed to warn users when they’re about to enter their Google passwords into a fraudulent site. The extension is meant as a defense against phishing attacks, which remain […]
Dennis Fisher and Mike Mimoso discuss the post-RSA news, including the MySQL bug, the progress of the OpenSSL overhaul and the wildly entertaining House hearing on crypto backdoors.
Researchers at Seculert have found a new version of the Dyre banking malware, one that is adept at avoiding sandbox detection.
A critical vulnerability in popular household routers such as D-Link and Trendnet could be exploited by attackers to run arbitrary code on devices.
The SANS Institute reports a new strain of CTB-Locker ransomware moving this week via spam messages.
Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker to strip SSL/TLS connections of their security wrapping transparently. The vulnerability is the result of the way that an option in MySQL handles requests for secure connections. Researchers at Duo Security discovered the bug after noticing some […]
A Congressional hearing on encryption and “frontdoors” produced a generous amount of the usual “crazy” from lawmakers and law enforcement.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
