Mike Mimoso and Chris Brook discuss the news of the week, including the Shadow Brokers debacle, the VeraCrypt audit, Pokemon ransomware, and a browser address bar vulnerability. Download: Threatpost_News_Wrap_August_19_2016.mp3 Music by Chris Gonsalves

Cisco has quickly patched two vulnerabilities that were disclosed in the ShadowBrokers’ data dump. The networking giant today released advisories that it had fixed the flaws in its Adaptive Security Appliance (ASA), one of which was rated high severity; both of the vulnerabilities enable remote code execution. The ShadowBrokers are an unknown group of hackers...

Cisco has quickly patched one of two vulnerabilities that was disclosed in the ShadowBrokers’ data dump and issued an advisory on the other, which was patched in 2011, in order to raise awareness among its customers. The networking giant today released advisories saying that it had fixed both flaws in its Adaptive Security Appliance (ASA), the newest of which was...

Cisco has quickly provided a workaround for one of two vulnerabilities that was disclosed in the ShadowBrokers’ data dump and issued an advisory on the other, which was patched in 2011, in order to raise awareness among its customers. The networking giant today released advisories saying that it had acknowledged both flaws in its Adaptive Security Appliance (ASA), the newest of which...

A high-stakes game of attribution started by a group claiming to have a cache of exploits belonging to the Equation Group took a somewhat definitive turn Tuesday afternoon. Researchers at Kaspersky Lab yesterday confirmed a connection between the tools currently up for auction by the ShadowBrokers and Equation Group exploits and malware that researchers at...

A state-sponsored APT platform on par with Equation, Flame and Duqu has been used since 2011 to spy on government agencies and other critical industries. Known as ProjectSauron, or Strider, the platform has all the earmarks of advanced attackers who covet stealth, and rely on a mix of zero-day exploits and refined coding to exfiltrate...

More than 100 malicious Tor Hidden Services Directories (HSDirs) were found to be snooping on the services they host, and in some cases, operators were actively using the data collected to attack the services. While at first blush, the discovery would seem to put another dent in the privacy and anonymity aspects so heavily associated...

Plenty has been speculated since the Snowden documents were made public about the NSA’s interest in building a quantum computer that could break current encryption securing communication worldwide. Quantum computing on a practical scale is a distant goal, but some do exist that leverage some aspects of quantum physics and small numbers of quantum bits....

Warrant canaries aren’t definitive markers that a company has been served with a National Security Letter or some other type of court order mandating that customer information be turned over to a government agency or law enforcement. But oftentimes, they are a strong indicator that something has changed in that arena. Pinterest, for example, in...

Yahoo officially released part two of its once-secret government documents that were part of its 2007 court battle with the Foreign Intelligence Surveillance Court (FISC) that forced it to reveal sensitive customer data requested by the National Security Agency. This second wave of documents brings fresh insight into Yahoo’s fight to protect its customers from...