Juniper Networks on Friday acknowledged that exploits contained in the ShadowBrokers data dump do indeed target its products. “As part of our analysis of these files, we identified an attack against NetScreen devices running ScreenOS,” said Derrick Scholl, director of security incident response at Juniper. “We are examining the extent of the attack, but initial analysis...

Clothing store Eddie Bauer has become the latest retail chain to acknowledge that malware has led to a breach of its point of sale systems. In a press release (.PDF) late last week Eddie Bauer confirmed that any customers who used a payment card at a store over the past seven months, from January 2 to July...

Microsoft’s PowerShell utility is being used as part of a new banking Trojan targeting Brazilians. Researchers made the discovery earlier this week and say the high quality of the Trojan is indicative of Brazilian malware that is growing more sophisticated. The banking Trojan is identified as “Trojan-Proxy.PowerShell.Agent.a” and is one of the most technically advanced...

Researchers have identified a router so fraught with vulnerabilities and so “utterly broken” that it can be exploited to do pretty much anything. An attacker could bypass its authentication, peruse sensitive information stored in the router’s system logs and even use the device to execute OS commands with root privileges via a hardcoded root password. Tao Sauvage,...

Mike Mimoso and Chris Brook discuss the news of the week, including the Shadow Brokers debacle, the VeraCrypt audit, Pokemon ransomware, and a browser address bar vulnerability. Download: Threatpost_News_Wrap_August_19_2016.mp3 Music by Chris Gonsalves

The Electronic Frontier Foundation is blasting Microsoft for its “malicious” and “annoying” tactics when it comes to prodding Windows users to update their operating system to Windows 10. The digital watchdog group says Microsoft’s strategy of pushing the Windows 10 upgrade application onto users systems was unwelcome by many and the company crossed the line...

Vulnerabilities exist in systems that belong to the Centers for Medicare & Medicaid Services, a federal agency that’s part of the United States’ Department of Health and Human Services. If exploited the bugs could result in the disclosure of personally identifiable information and the “disruption of critical operations,” a government watchdog warned this week. The...

New versions of Libgcrypt and Gnu Privacy Guard (GnuPG or GPG) released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator. The flaws were privately disclosed by Felix Dörre and Vladimir Klebanov of Karlsruhe Institute of Technology in Germany, and according to an advisory from the...

A massive Locky ransomware campaign spotted this month targets primarily the healthcare sector and is delivered in phishing campaigns. The payload, researchers at FireEye said, is dropped via .DOCM attachments, which are macro-enabled Office 2007 Word documents. Especially hard hit are hospitals in the United States followed by Japan, Korea and Thailand, according to research published Wednesday by...

DNSSEC is not invincible. Researchers this week described how a DNSSEC-based flood attack could easily knock a website offline and allow for the insertion of malware or exfiltration of sensitive data. The intent of Domain Name System Security Extensions, or DNSSEC, is to bolster DNS through a series of complex digital signatures. But if it...