Threatpost

Massive Malvertising Campaign Reaches 100M Ads, Manipulates Supply Chain

A sophisticated and growing malvertising attacker is partnering with legitimate ad tech platforms to drop malware at scale.

StrongPity APT Returns with Retooled Spyware

The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks.

LenovoEMC Storage Gear Leaks Sensitive Financial Data

Lenovo patches enterprise and SMB network attached storage devices for a vulnerability that leaked data to the public internet.

The Future is Female: A Key to the Cybersecurity Workforce Challenge

With cybersecurity worldwide facing a major applicant shortage, businesses should be courting women and supporting girls.

WhatsApp, Telegram Coding Blunders Can Expose Personal Media Files

The issue, present on Android versions, is similar to the known man-in-the-disk attack vector.

JetBlue Bomb Scare Set Off with Apple AirDrop

Someone AirDropped a picture of a suicide vest to multiple people on a JetBlue flight, prompting an evacuation.

Privacy Experts: Facebook’s $5B Fine Unlikely to Do Much

The FTC has levied its biggest fine ever against the social network, but it's unlikely to have much effect.

Turla APT Returns with New Malware, Anti-Censorship Angle

A dropper called "Topinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages.

Researcher Bypasses Instagram 2FA to Hack Any Account

An independent researcher earned a $30,000 bug bounty after discovering a weakness in the mobile recovery process.

Why Cities Are a Low-Hanging Fruit For Ransomware

In this first part of a two part series, Shawn Taylor with Forescout talks to Threatpost about lessons learned from helping Atlanta remediate and recover from its massive ransomware attack.

Distributed by aarss.com.