Android OS API-Breaking Flaw Offers Useful WiFi Data to Bad Actors
Armed with the information, adversaries can explore and attack the local WiFi network, or identify and physically track any Android device. Go to Source
Cobalt Group Targets Banks in Eastern Europe with Double-Threat Tactic
The campaign uses double infection points and two command-and-control servers. Go to Source
Critical Flaws in Syringe Pump, Device Gateways Threaten Patient Safety
The Qualcomm Life Capsule Datacaptor Terminal Server and the Becton Dickinson Alaris TIVA Syringe Pump allow remote access without authentication. Go to Source
Travel Breaches Hit Air Canada and Asia-Pac Hotelier
Air Canada said 20,000 mobile app users have had passport information exposed; and millions have been affected by a breach at Asian hotel giant Huazhu. Go to Source
BusyGasper Malware Packs a Simple but Potent Punch
BusyGasper is rudimentary spyware with a bevy of novel twists that is highly effective at collecting and exfiltrating data from Android phones. Go to Source
Yahoo Persists in Scanning Emails for In-Depth Ad-Targeting
The service gleans information from receipts, travel itineraries, trade confirmations for online brokerages, Uber messages, auto-loan confirmations, promotions and much more. Go to Source
High-Severity Flaws Patched in Schneider Electric Products
The Schneider Electric PowerLogic PM5560 and Modicon M221 are both susceptible to attack via an array of high-severity flaws. Go to Source
The 4 Critical Building Blocks for Digital Threat Hunting
Having the right set of broad data is the linchpin to effective threat-hunting. Go to Source
Podcast: Plugging Leaky Data in the Cloud
Threatpost talks to a Google Cloud expert about the top issues users face when securing data in the cloud. Go to Source
Crashing Mobile Apps Capture Screens, Leak Private Data
Several developer tools capture a screen as an app crashes and send it to a third-party server creating a risk of corporate data leakage. Go to Source