ProtonVPN, NordVPN Flaws Open Door to Privilege Escalation
The flaws disclosed this month are related to a critical bug previously discovered by VerSprite in April 2018. Go to Source
Tor Brings Onion Browser to Android Devices
In parts of the developing world, dissidents and journalists face hostile governments and other threats — and mobile is their only access to the internet. Go to Source
Apple Finally Boots Sneaky Adware Doctor App from Mac App Store
Hours after researchers publicly disclosed an app that was caught stealing and uploading browser history data, Apple removed it from the Mac App Store. Go to Source
Mirai, Gafgyt Botnets Return to Target Infamous Apache Struts, SonicWall Flaws
By implementing the “Equifax bug,” it’s the first known time a Mirai IoT botnet variant has targeted an Apache Struts vulnerability. Go to Source
Top MacOS App Exfiltrates Browser Histories Behind Users’ Backs
A macOS App called Adware Doctor blocks ads, but shares user browser history with a China-based domain. Go to Source
ThreatList: Attacks on Industrial Control Systems on the Rise
The main source of infection on industrial control systems was the internet, researchers at Kaspersky Lab found in a new report. Go to Source
‘Domestic Kitten’ Mobile Spyware Campaign Aims at Iranian Targets
Spreading via fake Android apps, the malware lifts a range of sensitive information from victims’ devices. Go to Source
Open .Git Directories Leave 390K Websites Vulnerable
An exhaustive scan shows hundreds of thousands of websites potentially exposing sensitive data such as database passwords, API keys and so on. Go to Source
British Airways Website, Mobile App Breach Compromises 380k
The airline said information like name, address and bank card details like CVC code were compromised. Go to Source
Threatpost News Wrap Podcast For Sept. 7
The Threatpost team breaks down the biggest news from the week ended Sept. 7. Go to Source