If you’re sick and sitting in a drab hospital room hooked-up to a dialysis pump, the last thing you want to worry about is hackers. But according to IT healthcare security experts, there is a chance that life-saving dialysis machine is infected with malware, could even be processing fraudulent credit card transactions, or is part...

We live in an increasingly connected world, but even in an age when DDoS attacks can take entire airlines offline, many critically sensitive industrial control systems (ICS) are still connected to the internet. A pair of reports released today by Kaspersky Lab reveal how dire the situation really is. In a scan, it found nearly...

Plenty has been speculated since the Snowden documents were made public about the NSA’s interest in building a quantum computer that could break current encryption securing communication worldwide. Quantum computing on a practical scale is a distant goal, but some do exist that leverage some aspects of quantum physics and small numbers of quantum bits....

Facebook today began a test program rolling out opt-in end-to-end encryption for its Messenger service called Secret Conversations. The end-to-end encryption is based on the Signal protocol developed by Open Whisper Systems, the same protocol that stands up the crypto in the Signal and WhatsApp messaging applications. The Facebook version of the encryption service is...

Facebook today began a test program rolling out opt-in end-to-end encryption for its Messenger service called Secret Conversations. The end-to-end encryption is based on the Signal protocol developed by Open Whisper Systems, the same protocol that stands up the crypto in the Signal and WhatsApp messaging applications. The Facebook version of the encryption service is...

Don’t judge an APT by its exploits alone. That’s the takeaway from a report that details a unique advanced persistent threat that leverages a kludge of unsophisticated, outdated and rudimentary attack tools to conduct cyber espionage. The target of the attacks are government and diplomatic agencies in Asia with close ties to China. Researchers discovered the...

Mike Mimoso, Tom Spring and Chris Brook discuss the news of the week, including all things Android: the crypto weakness, the full disk encryption bypass, and new malware, Hummingbad, which impacts the mobile operating system. The three also discuss the TP-Link router fiasco. Download: Threatpost_News_Wrap_July_8_2016.mp3 Music by Chris Gonsalves

Researchers have spotted several types of ransomware, including CryptXXX and a fairly new strain, Cryptobit, being pushed through the same shady series of domains. The campaign, called Realstatistics, has tainted thousands of sites built on both Joomla! and WordPress content management systems. Researchers with security company Sucuri observed the campaign injecting bogus analytics code, including the url...

For the second time since June 1, the handlers of CryptXXX ransomware have changed their ransom note and Tor payment site. More importantly to those developing detection signatures and administrators, this update no longer makes changes to the file extensions of encrypted files. “To make it more difficult for administrators, this release no longer uses...

A software component that exposed D-Link Wi-Fi cameras to remote attacks is also used in more than 120 other products sold by the company. Researchers at Senrio, who found the original vulnerability, disclosed today additional details of product vulnerabilities related to the component after collaborating with D-Link. Senrio said the flaw also puts D-Link Connected Home...