What You Should Know About the Thunderstrike Mac Bootkit
A researcher has developed a nasty bootkit capable of taking complete control of Mac OS X devices. Here is what you need to know.
“We are what we pretend to be, so we must be careful about what we pretend to be.” ― Kurt Vonnegut
166 articles
A researcher has developed a nasty bootkit capable of taking complete control of Mac OS X devices. Here is what you need to know.
For the second time in three years, Sony is the main character in a massive and humiliating cyberattack.
A new variant of the Zeus banking trojan has emerged, targeting consumer accounts at 150 banks in 15 countries.
Kaspersky Lab experts analyze the security and privacy trends that emerged in 2014, including anonymous Tor browsing, ransomware, APT attacks and more.
Kaspersky Lab experts make predictions about what trends will emerge in the security industry in 2015.
In this Talk Security podcast, Threatpost’s Chris Brook and Brian Donohue discuss the move to encrypt the Web, the Regin APT campaign and more.
A new APT campaign called Regin targets the usual victims plus a prestigious cryptographer and the GSM standard on which most cellular communications occur.
The Electronic Frontier Foundation recently graded a slew of mobile and Internet messaging services based on security and privacy. Here we list the low scorers.
The Electronic Frontier Foundation recently graded a slew of mobile and Internet messaging services based on security and privacy. Here we detail the top scorers.
In this episode of the Talk Security podcast, Threatpost’s Chris Brook and Brian Donohue discuss the Dark Hotel cyberespionage campaign and the WireLurker Apple malware.
Yesterday, researchers disclosed a powerful iOS vulnerability that is responsible for the WireLurker Apple malware.
Apple malware targets iOS by infecting OS X machines and then swapping legitimate apps for malicious ones as soon as an iOS device connects via USB.
Drupal warns customers that they should assume their sites are compromised unless they installed an update from mid-October within hours of the release.
Brian Donohue and Dennis Fisher talk about a new attack on the SSL protocol, which is now known as POODLE.
Twitter debuts a grand but simple plan to replace passwords where your phone number is your username and an SMS-generated code is your password.
Google’s mobile operating system joins Apple’s iOS in offering full disk encryption by default to all users in its newest version — Android 5.0 aka Lollipop.
New research shows that studying and mnemonic devices could help us to better remember our passwords.
A massive provider of insurance for bond investments misconfigured one of its servers and accidentally made a variety of sensitive payment information indexable.
September’s security news was dominated by three stories: the Home Depot data breach, the Apple celebrity nude photo leak scandal and the Shellshock vulnerability in Bash.
Virus Bulletin is a traditionally enterprise-focused event, but each year topics of consumer interest, like Apple malware, hackable devices and Bitcoin are presented.
The Bash vulnerability affecting Unix, Linux and OS X systems is the latest Internet-wide bug to emerge, and a number of experts are saying it’s more dangerous than OpenSSL Heartbleed.