Mike Mimoso, Tom Spring, and Chris Brook preview Black Hat 2016, including Ivan Krstic’s talk on Apple/iOS security, Dan Kaminsky’s keynote, IoT, PAC malware, and more. Download: Threatpost_Black_Hat_2016_Preview.mp3 Music by Chris Gonsalves

For over a year attackers were able to carry out a malvertising campaign that managed to draw between one and five million client hits a day, according to researchers. The scam infected thousands a day using a one-two-punch of filtering and steganography, the art of hiding information inside messages or image. The attackers behind the campaign...

A new Android Trojan called SpyNote has been identified by researchers who warn that attacks are forthcoming. The Trojan, found by Palo Alto Networks’ Unit 42 team, has not been spotted in any active campaigns. But Unit 42 believes because the software is now widely available on the Dark Web, that it will soon be used...

There is no honor among thieves, as the saying goes, and that includes ransomware crooks. In an apparent move to sabotage a ransomware competitor, the authors of the Mischa and Petya ransomware-as-a-service leaked 3,500 decryption keys for its competitor Chimera ransomware. The move appears to be an attempt to push ransomware criminals to ditch Chimera service and...

Amid the connections being made between the Russian government and the attack on the Democratic National Committee (DNC), researchers on Tuesday reminded us of the challenges security experts have in correctly attributing advanced attacks. In a wide-ranging Reddit AMA, members of Kaspersky Lab’s Global Research and Analysis Team shared some insight into their day-to-day investigations...

Knowing where to turn for help when victimized by ransomware isn’t always clear. Should you pay the ransom? Are there alternatives to getting your precious data back? Who can you turn to for help? In an effort to answer those questions and help victims retrieve data encrypted by ransomware a unique public and private sector...

A new variant of the PowerWare ransomware is stealing street creds from the Locky strain of ransomware in an attempt to spoof the malware family. A new sample of PowerWare found by Palo Alto Networks’ Unit 42 reveals the ransomware’s quickly evolving tactics. According to researchers, a new version of the ransomware is using Locky’s “.locky” file extension to...

Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox. That vulnerability is one of 48 bugs fixed in version 52 of Chrome released Wednesday. Four dozen of those flaws are rated as high risks and Google paid out more than $22,000 in rewards to researchers...

Ever wonder how your mild-mannered friend’s Facebook feed suddenly got packed with lewd clickbait? That’s the question Maxime Kjaer was determined to answer when he noticed a friend’s Facebook feed peppered with Likes for sketchy link bait such as “Basic Kissing Tips”. “Intrigued, I decided to go down the rabbit hole and see what this...

New research is challenging what security researchers know about Furtim, a new malware strain that has been compared to Stuxnet because of its believed targeting of industrial controls in energy companies. According to security experts at Damballa, Furtim and the recently discovered SFG malware are one in the same – only varying by a few lines of code...