Source code for the potent Android malware GM Bot has been leaked to underground forums, according to IBM security experts. The impact, IBM X-Force threat intelligence says, will be an uptick in GM Bot variants and the number of attacks targeting financial applications on Android-based devices. Limor Kessem, a cybersecurity analyst with IBM Trusteer, said...

Attackers managed to hijack the website of the Linux Mint operating system to push a backdoored ISO image of the software to users over the weekend. The developers behind the software, one of, if not the most popular Linux distribution, are unsure what the hackers are aiming to achieve by the move but acknowledge that...

Exploit kits infecting thousands of WordPress websites are setting their sights on the open-source content management system Joomla in a new campaign spotted by a researcher at the SANS Institute’s Internet Storm Center. “The group behind the WordPress ‘admedia’ campaign is now apparently targeting Joomla sites,” said Brad Duncan, security researcher at Rackspace. “We are starting...

Threatpost editor Mike Mimoso talks with Christopher Ahlberg, CEO, Recorded Future about tracking cybercriminals through patterns on hacker forums. [embedded content]

A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan. 29. Check Point security researchers disclosed the AirDroid...

Mike Mimoso and Chris Brook discuss the week in news, including the iPhone encryption debacle, the glibc Linux vulnerability, and the latest ransomware headlines. Download: Threatpost_News_Wrap_February_19_2016.mp3 Music by Chris Gonsalves

Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Security also drags along with it a VNC server that...

More than a quarter million homes protected by SimpliSafe wireless security systems are vulnerable to hackers who can deactivate the alarm anytime, according to IOActive, a Seattle-based security consulting firm. IOActive published a proof of concept report on Wednesday that outlines how it disarmed SimpliSafe’s wireless home security systems. The hack, according IOActive researcher Andrew Zonenberg,...

After being knocked offline for nearly two weeks, officials at a California hospital that was hit with ransomware elected on Wednesday to pay attackers. The Hollywood Presbyterian Medical Center (HPMC) shut down computers on its network on Feb. 5, after attackers allegedly asked for 9,000 Bitcoin, or just over $3 million USD, to unlock medical...

Now that the Apple-FBI story has gone mainstream with rallies supporting CEO Tim Cook scheduled for Apple stores nationwide, presidential candidates weighing in, and a cute hashtag (#FBiOS) affixed, it appears that Apple can technically comply with the judge’s order if must. Security company Trail of Bits founder Dan Guido wrote a detailed explanation of...