LAS VEGAS – Kaspersky Lab today at Black Hat USA 2016 announced the launch of a public bug bounty, one of the few offered by a software vendor in the computer security industry. The bounty begins tomorrow on the HackerOne platform, and the first phase will run for six months. The company said that during...

Mike Mimoso and Chris Brook discuss the news of the week, including a wireless keyboard vulnerability – KeySniffer, NIST’s statement on 2FA, a LastPass remote compromise bug, and a new Tor paper. Download: Threatpost_News_Wrap_July_29_2016.mp3 Music by Chris Gonsalves

LastPass has patched a vulnerability in its Firefox add-on found by Google Project Zero researcher Tavis Ormandy that allows attackers complete remote compromise of the password manager, . The divisive Ormandy submitted a bug report on Tuesday to LastPass after a series of tweets hinting at serious problems in the password manager. Ormandy has been behind...

Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Security also drags along with it a VNC server that...

Google researcher Tavis Ormandy has disclosed that the Chromodo browser installed with Comodo Internet Security disables the same-origin policy by default. The same-origin policy is a fundamental tenet of web security, ensuring that scripts access data from a second webpage only if the two pages have the same origin. “Chromodo is described as ‘highest levels...