A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan. 29. Check Point security researchers disclosed the AirDroid...

Mike Mimoso and Chris Brook discuss the week in news, including the iPhone encryption debacle, the glibc Linux vulnerability, and the latest ransomware headlines. Download: Threatpost_News_Wrap_February_19_2016.mp3 Music by Chris Gonsalves

Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Security also drags along with it a VNC server that...

More than a quarter million homes protected by SimpliSafe wireless security systems are vulnerable to hackers who can deactivate the alarm anytime, according to IOActive, a Seattle-based security consulting firm. IOActive published a proof of concept report on Wednesday that outlines how it disarmed SimpliSafe’s wireless home security systems. The hack, according IOActive researcher Andrew Zonenberg,...

Now that the Apple-FBI story has gone mainstream with rallies supporting CEO Tim Cook scheduled for Apple stores nationwide, presidential candidates weighing in, and a cute hashtag (#FBiOS) affixed, it appears that Apple can technically comply with the judge’s order if must. Security company Trail of Bits founder Dan Guido wrote a detailed explanation of...

As sales of IoT devices continue to see year-over-year double digit growth, security experts are urging the wearable industry to put security front and center when it comes to designing fitness tracker hardware, firmware and backend systems. In a report released Wednesday by the IEEE Center for Secure Design, researchers spotlighted six security red flags...

Apple CEO Tim Cook late Tuesday defiantly challenged a U.S federal magistrate judge’s order that it help the FBI break into an iPhone 5c belonging to one of the shooters involved in last December’s attack in San Bernardino, Calif. Cook released a letter last night expressing his opposition to the court order and called for...

It’s been months since the U.S. Commerce Department’s Bureau of Industry and Security pulled the U.S. implementation of the Wassenaar Arrangement off the table for an unusual rewrite of the rules governing so-called intrusion software. The overly broad rule drew the ire of security and privacy experts because its vague language would put a serious...

Google’s Safe Browsing API is almost a living organism, constantly evolving and adapting to online threats. On Wednesday, Google announced the latest enhancements to the service, with new features that protect users on the web from deceptive embedded content. “You may have encountered social engineering in a deceptive download button, or an image ad that...

As more devices are connected to the Internet, not only are vulnerabilities introduced into those networked things, but also some glaring holes are exposed in organizations’ ability to receive and triage bug reports. Researchers at Rapid7 today disclosed details on a pair of vulnerabilities in toys and interactive platforms aimed at children. The two vulnerabilities...