Google this week shared with developers security enhancements it has added to the new Nougat version of Android and additional security features for webmasters via Safe Browsing to help pinpoint harmful content on websites. Under the banner of its nine-year-long Safe Browsing initiative, Google introduced new features that protect against threats such as deceptive sites and...

Researchers on Wednesday confirmed that an OS X variant of a recently discovered family of cross-platform backdoors exists. Stefan Ortloff, a researcher with Kaspersky Lab’s Global Research and Analysis Team, identified the family of backdoors called Mokes in January, but it wasn’t until Tuesday that an OS X variant was discovered. Ortloff wrote a technical breakdown of the...

Ransomware purporting to come from a phony government agency, something called the Central Security Treatment Organization, has been making the rounds, researchers say. The ransomware, which is already known by a number of names including Cry, CSTO ransomware, or Central Security Treatment Organization ransomware, uses the User Datagram Protocol (UDP) to communicate and the photo sharing service Imgur and Google...

Mike Mimoso, Tom Spring, and Chris Brook discuss the news of the week, including the MedSec/Muddy Waters story, how the Angler exploit kit was traced back to the Lurk Gang, Fairware hitting Linux servers, and the Bashlite IoT malware. Download: Threatpost_News_Wrap_September_2_2016.mp3 Music by Chris Gonsalves

A global malvertising campaign exposing potentially one million users to the risk of being infected with CrypMIC ransomware delivered via the Neutrino Exploit Kit has been shut down, according to researchers. Cisco’s Talos Security Intelligence and Research Group, which discovered the criminal activity, said the malvertising campaign stretched across North America, EU, Asia-Pac and the...

A recent run of attacks against Linux servers called Fairware has been traced to insecure internet-facing Redis installations that hackers have abused to delete web folders and, in some cases, install malicious code. Redis is an open source tool used by web application developers for the purpose of quickly caching data. The tool’s developers configured Redis...

Linux server admins are reporting attacks resulting in the disappearance of the server’s web folder and websites being down indefinitely. Posts to the forums on the BleepingComputer website corroborate a number of such attacks, most likely intrusions powered by brute-force attacks against SSH, according to one of the victims. In each instance, the web folder...

More than one million consumer web-connected video cameras and DVRs are compromised by bot herders who use the devices for DDoS attacks, researchers say. According to Level 3 Threat Research Labs, a small malware family that goes by the names Lizkebab, BASHLITE, Torlus and Gafgyt is behind a web of botnets carrying out the attacks. “This research shocked us,”...

The June arrest of a Russian cybercrime gang responsible for the Lurk Trojan also put to rest the infamous Angler Exploit Kit. Researchers at Kaspersky Lab today published a detailed report on the Lurk takedown, confirming at the same time the connection between the Lurk gang and Angler. Activity around Angler all but disappeared once...

Mike Mimoso and Chris Brook discuss the news of the week, including the latest on ShadowBrokers and Cisco, the Sweet32 collision attack, decryptors for the Wildfire ransomware, and this week’s gaming forum breaches. Download: Threatpost_News_Wrap_August_26_2016.mp3 Music by Chris Gonsalves