Vulnerability Found in Two Keyless Entry Locks

Researchers are warning of a default-configuration vulnerability in the enterprise-class keyless entry products made by AMAG Technology. Source: Threadpost

Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models

HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger. Source: Threadpost

Android Flaw Poisons Signed Apps with Malicious Code

An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps. Source: Threadpost

Apple Fixes Flaw Impacting HomeKit Devices

Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers. Source:...

Banking Apps Found Vulnerable to MITM Attacks

Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks. Source: Threadpost

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical. Source: Threadpost

Cybercriminals vs financial institutions in 2018: what to expect

ul li {margin-bottom:2.4rem;} Introduction – key events in 2017 2017 was a year of great changes in the world of cyber threats for financial organizations. Firstly in 2017, we witnessed a continuation of cyber-attacks...

TeamViewer Rushes Fix for Permissions Bug

TeamViewer says it has issued a hotfix to address a bug that allows users sharing a desktop session to gain control of the other’s computer without permission. Source: Threadpost

Developers Targeted in ‘ParseDroid’ PoC Attack

A proof of concept attack developed by researchers target users of the development platforms for Android and Java. Source: Threadpost

Kaspersky Security Bulletin: Review of the Year 2017

ul li {margin-bottom:2.4rem;}  Download the Kaspersky Security Bulletin: Review of the Year 2017 Introduction The end of the year is a good time to take stock of the main cyberthreat incidents that took place...
- Advertisement -


Dewan Chowdhury on Hacking Power Grids

Threatpost editor Mike Mimoso talks with Dewan Chowdhury, the founder and CEO of MalCrawler, about hacking power grids and describes a honeypot they built...

Wake up! You’ve been p0wned