Threatpost | The first stop for security news

The First Stop For Security News

12/11/2017 05:59 PM
Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models
HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger.

12/08/2017 10:20 PM
Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code
An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps.

12/08/2017 03:31 PM
Apple Fixes Flaw Impacting HomeKit Devices
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.

12/07/2017 06:51 PM
Banking Apps Found Vulnerable to MITM Attacks
Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks.

12/06/2017 07:48 PM
Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones
As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical.

12/05/2017 09:04 PM
TeamViewer Rushes Fix for Permissions Bug
TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission.

12/05/2017 05:27 PM
Developers Targeted in ‘ParseDroid’ PoC Attack
A proof of concept attack developed by researchers target users of the development platforms for Android and Java.

12/04/2017 08:28 PM
Google Cracks Down On Nosy Android Apps
Google beefs up privacy protections on apps distributed via third-party Android marketplaces and Google Play that that collect personal data without user consent.

12/04/2017 04:41 PM
Ursnif Trojan Adopts New Code Injection Technique
Researchers have found a variant of Ursnif Trojan they said is a “v3 build” that targets Australian bank customers with new redirection attack techniques.

12/01/2017 04:43 PM
Flaw Found In Dirty COW Patch
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016.