Threatpost News Wrap, June 2, 2017
Mike Mimoso and Chris Brook discuss the news of the week, including the ShadowBrokers crowdfunding attempt, errors in WannaCry, a new Wikileaks dump, last week’s Samba vulnerability, and the OneLogin breach.
Author Archives: Chris Brook
OneLogin Breach Compromised Customer Data, Ability to Decrypt Encrypted Data
A breach at OneLogin appears to have compromised customer data, including the ability to decrypt encrypted data. Continue reading OneLogin Breach Compromised Customer Data, Ability to Decrypt Encrypted Data
Hack Department of Homeland Security Act Would Bring Bug Bounty Program to DHS
Senators introduced a bill last week to establish a bug bounty pilot program within the Department of Homeland Security. Continue reading Hack Department of Homeland Security Act Would Bring Bug Bounty Program to DHS
Cisco, Netgear Readying Patches for Samba Vulnerability
Cisco is prepping fixes for two of its products affected by last week’s Samba vulnerability. Netgear has also pushed out a fix for NAS devices that were affected. Continue reading Cisco, Netgear Readying Patches for Samba Vulnerability
FreeRADIUS Update Resolves Authentication Bypass
Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server. Continue reading FreeRADIUS Update Resolves Authentication Bypass
Mark Dowd on Exploit Mitigation Development
Mark Dowd discusses why certain exploit mitigations have been so successful in driving up the cost of exploit development for attackers. Continue reading Mark Dowd on Exploit Mitigation Development
Threatpost News Wrap, May 26, 2017
Mike Mimoso and Chris Brook recap the news of the week, including the EternalRocks worm, the latest on WannaCry, a subtitle hack, and a Twitter flaw. Continue reading Threatpost News Wrap, May 26, 2017
Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub
A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week. Continue reading Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub
Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub
A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week. Continue reading Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub
Twitter Flaw Could Have Allowed Attacker to Tweet From Any Account
Twitter fixed a flaw in its Twitter Ads service could have allowed an attacker to tweet as any user.
Continue reading Twitter Flaw Could Have Allowed Attacker to Tweet From Any Account