Marc Rogers: Success of Anonymous Bug Submission Program ‘Takes A Village’
Marc Rogers discusses the logistics behind a recently-proposed anonymous bug submission program, meant to encourage ethical hackers to submit high-level bugs anonymously.
Author Archives: Lindsey O'Donnell
Edward Snowden Sued by U.S. Over New Memoir
The U.S. is attempting to seize any assets related to Edward Snowden's new memoir, Permanent Record.
Malware Moves: The Rise of LookBack – And Return of Emotet
The malware landscape is constantly changing; including a rise in a new malware called LookBack, as well as anticipation over the return of the Emotet and Retefe malware families.
Panda Threat Group Mines for Monero With Updated Payload, Targets
Though harboring unsophisticated payloads, the Panda threat group has updated its tactics - from targets to infrastructure - and successfully mined hundreds of thousands of dollars using cryptomining malware.
Google Calendar Settings Gaffes Exposes Users’ Meetings, Company Details
A configuration setting in Google Calendars does not sufficiently warn users that it makes their calendars public to all, a researcher argues.
U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks
Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity.
iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts
Apple will not fix the glitch until the release of iOS 13.1 later in September.
North Korean Spear-Phishing Attack Targets U.S. Firms
Researchers warn that U.S. firms are being targeted with legitimate - but trojanized - documents that are often socially engineered to a tee.
News Wrap: IoT Radio Telnet Backdoor And ‘SimJacker’ Active Exploit
Threatpost editors Tara Seals and Lindsey O'Donnell talk about the top news stories of the week - from leaky databases to SIM card attacks.
1B Mobile Users Vulnerable to Ongoing ‘SimJacker’ Surveillance Attack
More than one billion mobile users are at risk from a SIM card flaw being currently exploited by threat actors, researchers warn.