Russian law enforcement has made 50 arrests in connection with a five-year operation to steal three billion rubles (just shy of $45 million USD) from the country’s largest bank, Sberbank. The hackers are alleged to have exploited websites, including popular news sites, to infect victims with the Lurk Trojan, a downloader that grabs more malware...

Civil liberties and privacy groups are petitioning the U.S. government for more time to fight the FBI’s request to exempt itself from lawsuits related to its warehouse of an estimated 100 million biometric records if it’s found in violation of the federal Privacy Act of 1974. At issue is the government’s massive Next Generation Identification...

Yahoo today disclosed the contents of three National Security Letters it has received since 2013, the first time a company has made such a disclosure since the passage of the USA FREEDOM Act. Under the law, the FBI is now required to periodically review whether non-disclosure around National Security Letters remains appropriate. “We believe this...

Businesses were hit hardest by inbox-based scams in 2015 that robbed U.S. companies of $263 million. The numbers come from the FBI’s recently released 2015 Internet Crime Report that tallies the types of cybercrimes hitting U.S. business and individuals the hardest. According to the FBI, its Internet Crime Complaint Center (IC3) received 288,012 complaints last...

The FBI’s refusal to share details about a network investigative technique it used to gather evidence against a Vancouver teacher charged with possession of child pornography has forced a federal judge’s hand to exclude the evidence from trial. The NIT used by the FBI to hack the Playpen website is believed to have de-anonymized users...

Warrant canaries aren’t definitive markers that a company has been served with a National Security Letter or some other type of court order mandating that customer information be turned over to a government agency or law enforcement. But oftentimes, they are a strong indicator that something has changed in that arena. Pinterest, for example, in...

Mike Mimoso and Chris Brook discuss the news of the week, including zero day vulnerabilities–both in Adobe Flash and Windows, a nasty vulnerability in SAP business applications, Mozilla asking FBI to disclose a Tor exploit, and more. Download: Threatpost_News_Wrap_May_13_2016.mp3 Music by Chris Gonsalves

Mozilla on Wednesday filed a motion with the U.S. District Court in Tacoma, Wa., asking the government to disclose a vulnerability it exploited in the Tor Browser and Firefox. The FBI used the zero-day to hack a child pornography site and de-anonymize users visiting the site using the Tor Browser. Mozilla’s motion asks that the...

The glowing lack of public, real-world Stagefright exploits didn’t stop the U.S. government from using last summer’s blockbuster Android vulnerability as an illustration of the dangers facing mobile device users. Under the context of Stagefright exposing up to 1 billion devices to attack, the Federal Trade Commission and the Federal Communications Commission yesterday said they...

Yahoo officially released part two of its once-secret government documents that were part of its 2007 court battle with the Foreign Intelligence Surveillance Court (FISC) that forced it to reveal sensitive customer data requested by the National Security Agency. This second wave of documents brings fresh insight into Yahoo’s fight to protect its customers from...