A never-before-seen malware family known as RIPPER is being blamed for a rash of ATM heists in Thailand last week. The malware, found by researchers at FireEye, is responsible for the theft of 12 million baht ($378,000) from ATMs at banks across Thailand. The discovery of the malware coincided with news reports from the Bangkok...

A never-before-seen malware family known as RIPPER is being blamed for a rash of ATM heists in Thailand last week. The malware, found by researchers at FireEye, is responsible for the theft of 12 million baht ($378,000) from ATMs at banks across Thailand. The discovery of the malware coincided with news reports from the Bangkok...

Online storage service Dropbox began notifying users over the weekend that if they haven’t updated their password since 2012, they’ll be prompted to update it the next time they log into their account. The company claims the move is “purely a preventative measure” and stressed that there’s no proof users’ accounts have been improperly accessed....

Pacemakers, defibrillators and other medical devices made by a leading medical equipment maker are vulnerable to potentially “catastrophic” cyberattacks. With relatively little effort tens of thousands of cardiac devices made by St. Jude Medical are vulnerable to attack, according a report released by private equity firm Muddy Waters Capital with help from medical researchers at...

Mike Mimoso and Chris Brook discuss the news of the week, including the latest on ShadowBrokers and Cisco, the Sweet32 collision attack, decryptors for the Wildfire ransomware, and this week’s gaming forum breaches. Download: Threatpost_News_Wrap_August_26_2016.mp3 Music by Chris Gonsalves

Apple rushed an emergency iOS update today after the discovery of three zero-day vulnerabilities used by governments to spy on the activities of human rights activists and journalists. The zero days, called Trident, allow an attacker to take complete control of an iPhone or iPad with just one click. Trident’s three separate zero-days create an attack chain that can...

The United States is months removed from this spring’s Apple vs. FBI debacle, but the debate around encryption is just beginning to play out in Europe. A joint press conference held Tuesday in Paris between Germany’s Interior Minister Thomas de Maizière and France’s Interior Minister Bernard Cazeneuve marked perhaps the most public declaration by a government figure that there...

A group of academic researchers have figured out how to use off-the-shelf computer equipment and a standard Wi-Fi connection to sniff out keystrokes coming from someone typing on a keyboard nearby. The keystroke recognition technology, called WiKey, isn’t perfect, but is impressive with a reported 97.5 percent accuracy under a controlled environment. WiKey is similar...

VMware this week patched a single vulnerability that pops up in two of its products that allows an attacker to elevate privileges on a compromised machine. The virtualization company patched CVE-2016-5335 in its Identity Manager and vRealize Automation software. “Exploitation of this issue may lead to an attacker with access to a low-privileged account to...

The Tor Project on Wednesday updated its software package to version 0.2.8.7 and fixed a number of issues, including a bug it calls “important” in the ReachableAddresses option. ReachableAddresses is a list of IP addresses and ports that are permitted by a firewall; admins can set IP ranges and reject addresses through this feature. The...