Amazon Comes Under Fire for Facial Recognition Platform

Privacy advocates say facial recognition can be an agent of authoritarian surveillance; others say it's an invaluable tool to combat kidnapping, locate lost children and track down criminals on the run.

from Threatpost | The first stop for security news https://ift.tt/2LsmIxV
via https://ifttt.com/ IFTTT

Schneider Electric Patches XXE Vulnerability In Software

Schneider Electric on Tuesday issued fixes for a vulnerability its SoMachine Basic software that could result in disclosure and retrieval of arbitrary data.

from Threatpost | The first stop for security news https://ift.tt/2x9ckaY
via https://ifttt.com/ IFTTT

James Comey: FBI Faces Deep Tech-Related Questions

Cloud migration and automated systems, data privacy and encryption all remain central issues for the FBI as it considers its mandate and role in the modern digital age.

from Threatpost | The first stop for security news https://ift.tt/2x7VSI5
via https://ifttt.com/ IFTTT

Ahead of GDPR, Information Governance Comes into Its Own

A full 98 percent of US enterprises have embarked on information governance (IG) projects, dramatically up from just 10 percent last year.

from Threatpost | The first stop for security news https://ift.tt/2Ls2ft1
via https://ifttt.com/ IFTTT

VPNFilter Malware Infects 500k Routers Including Linksys, MikroTik, NETGEAR

Researchers warn of malware infecting 500,000 popular routers in a campaign mostly targeting the Ukraine, but also 54 other countries.

from Threatpost | The first stop for security news https://ift.tt/2IGFAXV
via https://ifttt.com/ IFTTT

Researchers Say More Spectre-Related CPU Flaws On Horizon

Yet another speculative execution side channel flaw has been disclosed in processors - and security experts warn that more may be out there.

from Threatpost | The first stop for security news https://ift.tt/2s0PRIa
via https://ifttt.com/ IFTTT

Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical

A pen-tester has found five vulnerabilities in Dell EMC RecoverPoint devices, including a critical RCE that could allow total system compromise.

from Threatpost | The first stop for security news https://ift.tt/2IHWxRM
via https://ifttt.com/ IFTTT

Comcast Patches Router Bug That Leaked Some Wi-Fi Passwords

A bug in Comcast’s activation website for its Xfinity routers leaked sensitive customer data.

from Threatpost | The first stop for security news https://ift.tt/2KHEprV
via https://ifttt.com/ IFTTT

Intel Responds to Spectre-Like Flaw In CPUs

Intel on Monday acknowledged that its processors are vulnerable to another Spectre-like speculative execution side channel flaw that could allow attackers to access information.

from Threatpost | The first stop for security news https://ift.tt/2IG5xXJ
via https://ifttt.com/ IFTTT

Malicious PHP Script Infects 2,400 Websites in the Past Week

A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites.

from Threatpost | The first stop for security news https://ift.tt/2IGA4o7
via https://ifttt.com/ IFTTT

TeenSafe Tracking App Exposes Thousands of Private Records

Records for a mobile app that parents can use to monitor what their kids are doing online has been exposed in the latest Amazon Web Services cloud misconfiguration.

from Threatpost | The first stop for security news https://ift.tt/2rXxvIi
via https://ifttt.com/ IFTTT

Roaming Mantis Swarms Globally, Spawning iOS Phishing, Cryptomining

Analysis shows that the malware, previously a banking trojan focused on Android devices, has rapidly evolved just in the past month.

from Threatpost | The first stop for security news https://ift.tt/2LlCPgr
via https://ifttt.com/ IFTTT

Wicked Botnet Uses Passel of Exploits to Target IoT

The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers.

from Threatpost | The first stop for security news https://ift.tt/2Li2DtV
via https://ifttt.com/ IFTTT

Hurdles Remain After Senate Votes To Restore Net Neutrality

The U.S. Senate gave the nod to restoring the 2015 Open Internet Order, putting net neutrality on the fast track to a House vote.

from Threatpost | The first stop for security news https://ift.tt/2IuJyqG
via https://ifttt.com/ IFTTT

Latin American ‘Biñeros’ Bond Over Fraudulent Purchase Scheme

A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely as possible.

from Threatpost | The first stop for security news https://ift.tt/2rRW2hA
via https://ifttt.com/ IFTTT

Threatpost News Wrap Podcast for May 18

Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell discuss the week’s information security news.

from Threatpost | The first stop for security news https://ift.tt/2kaOOkG
via https://ifttt.com/ IFTTT

TeleGrab Malware Steals Telegram Desktop Messaging Sessions, Steam Credentials

A recently discovered malware steals cache data and messaging sessions from the desktop version of encrypted messaging service Telegram.

from Threatpost | The first stop for security news https://ift.tt/2GwkwBs
via https://ifttt.com/ IFTTT

Misconfigured Reverse Proxy Servers Spill Credentials

Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs to extract credentials.

from Threatpost | The first stop for security news https://ift.tt/2wSd1pf
via https://ifttt.com/ IFTTT

RedDawn Espionage Campaign Shows Mobile APTs on the Rise

The Sun Team APT, likely linked to North Korea, uses Google Play and Facebook as attack vectors.

from Threatpost | The first stop for security news https://ift.tt/2rVnSsw
via https://ifttt.com/ IFTTT

Fake Fortnite Apps for Android Spread Spyware, Cryptominers

An array of malicious Android apps purporting to be popular game Fortnite are instead harvesting call logs and downloading cryptomining malware.

from Threatpost | The first stop for security news https://ift.tt/2k7MwD1
via https://ifttt.com/ IFTTT