As Apple’s attorneys mull over their legal options for having the FBI explain how it hacked Syed Farook’s iPhone, a separate case playing out involving the security service and the anonymity software Tor may have a hand in predicting the outcome. According to a court filing earlier this week, the FBI is refusing to comply with a judge’s request...

In a conversation from RSA Conference, Mike Mimoso talks to Endgame chief technology officer Jamie Butler about what’s new–if anything–with targeted attacks, the proliferation of ransomware, and what defenders are doing about detecting attacks on their networks. Download: Jamie_Butler_RSA.mp3 Music by Chris Gonsalves

Researchers are encouraging Android users who may have downloaded a popular caller identification application to update, as a previous version of the app inadvertently leaked user information. The app, Truecaller, specializes in phone call management and has been installed at least 100,000,000 times, according to its listing on Google’s Play marketplace. While the app is...

Threatpost Editor in Chief Mike Mimoso talks to crypto pioneer and security expert Bruce Schneier of Resilient Systems about the early days of the RSA Conference, the integration of privacy and security, and the current FBI-Apple debate over encryption and surveillance. [embedded content]

In hopes of eliminating the password, at least on the company’s mobile apps, Yahoo on Friday deployed a stable version of its Account Key mechanism. The feature, essentially two-step authentication—without the first step—allows Yahoo users to log into the company’s Finance, Fantasy, Mail, Messenger, or Sports apps on iOS and Android devices. When users attempt to...

Mike Mimoso and Chris Brook discuss the news of the week including the ongoing FBiOS battle, a judge’s confirmation that the DoD funded research to uncloak Tor users, and news surrounding Operation Blockbuster. They also preview next week’s RSA Conference in San Francisco, Calif. Download: http://traffic.libsyn.com/digitalunderground/Threatpost_News_Wrap_February_26_2016.mp3 Music by Chris Gonsalves

Mike Mimoso and Chris Brook discuss the news of the week, including the latest on the BlackEnergy APT Group, Amazon getting into the SSL certificate game, and government agencies being told to audit their systems for the Juniper backdoor. Download: news_wrap_01-29-16.mp3 Music by Chris Gonsalves

Mike Mimoso talks to privacy and security veteran Jon Callas of Silent Circle about the digital footprint businesses and consumers leave, how to secure our private data, and how a new documentary sponsored by Silent Circle called “Power of Privacy” helps visualize how personal information is shared-and abused-online. Download: Jon_Callas_on_Securing_Private_Data.mp3 Music by Chris Gonsalves

Amazon is getting into the certificate game. The company announced late last week that it launched a certificate manager to expedite the process of securing SSL/TLS certificates for customers looking to add HTTPS to their sites or apps. The move comes less than a year after Amazon applied to Mozilla and the Android Open Source...

It seems little has changed over the last several years when it comes to how health and fitness apps go about securing user information. According to a survey carried out by the firm Arxan last fall, 86 percent of health apps it reviewed at had at least two critical vulnerabilities and 55 percent of users it talked...