This backdoor can be used for espionage and for dropping additional malware.

Researchers believe attacks against wi-fi systems in hotels across Europe and the Middle East track back to Russian-speaking hackers known as APT28.

Researchers have learned that the recently patched Office zero day was used to target victims in Russia with FINSPY spyware.

APT29, a/k/a Cozy Bear, has used Tor and a technique called domain fronting in order to secure backdoor access to targets for nearly two years running.

Researchers recently identified a phishing campaign set up to lure unsuspecting Netflix users into giving up their credentials and credit card data.

A phishing campaign aimed at Apple users in China that relies heavily on typosquatting has resurfaced.

Developers behind the malicious downloader Hancitor have bolstered the malware again, this time with new delivery approaches that make it more difficult to detect.

Attackers behind the Neutrino Exploit Kit didn’t take long to co-op a recently patched Internet Explorer zero-day into its arsenal. Researchers claim the kit has been pushing CVE-2016-0189, a vulnerability that was reportedly used in targeted attacks on South Korean organizations earlier this year. Microsoft fixed the vulnerability, which affects Internet Explorer’s scripting engines, in May....

Mike Mimoso and Chris Brook discuss the news of the week, including zero day vulnerabilities–both in Adobe Flash and Windows, a nasty vulnerability in SAP business applications, Mozilla asking FBI to disclose a Tor exploit, and more. Download: Threatpost_News_Wrap_May_13_2016.mp3 Music by Chris Gonsalves

A five-year-old Android vulnerability disclosed today affects hundreds of different device models going back to Jelly Bean 4.3. Older devices are at the greatest risk; newer devices running Android with SE Android, the OS’ implementation of Security Enhanced Linux, are at a lesser risk. The vulnerability allows attackers to escalate privileges on a device, leading...