Archives for December, 2016
Joint report “Grizzly Steppe” implicates Russian hacking group Fancy Bear in U.S. election-related hacking.
Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week.
Threatpost writers recap 2016's biggest news stories, including the proliferation of IoT botnets, ransomware, the FBI vs. Apple story, and more.
Microsoft's new service, Secure Data Exchange, can help protect cloud data while in transit and at rest. Expert Rob Shapland looks at the service and how it works for enterprises.
Ransomware, insecure connected devices, bug bounties and governments buying bugs: All four ceased to be novelties in 2016; they’re all new normals for cybersecurity.
A new Android Trojan, Switcher, uses victims' devices to infect WiFi routers and funnel users of the network to malicious sites.
A critical PHPMailer bug tied to the way websites handle email and feedback forms is leaving millions of websites hosted on popular web-publishing platforms such as WordPress, Drupal and Joomla open to attack.
A bug bounty hunter earned $5,000 for a Facebook hack that allowed him to bypass security protection and access any Facebook user's true email address.
Cisco is warning customers of a privilege escalation flaw in Cisco CloudCenter Orchestrator systems that could allow an attacker to gain root privileges on affected systems.
Apple extended the deadline of Dec. 31 for developers adopt App Transport Security standards for applications submitted to the App Store.