A 400 percent surge in tax-related phishing and malware incidents is making this tax season the most treacherous yet for taxpayers. According to an Internal Revenue Service bulletin, this year’s attacks include the tried-and-true email phishing, but also newer forms of attacks that include bogus text messages and attempts to trick people into handing over...

Exploit kits infecting thousands of WordPress websites are setting their sights on the open-source content management system Joomla in a new campaign spotted by a researcher at the SANS Institute’s Internet Storm Center. “The group behind the WordPress ‘admedia’ campaign is now apparently targeting Joomla sites,” said Brad Duncan, security researcher at Rackspace. “We are starting...

Mike Mimoso and Chris Brook discuss the week in news, including the iPhone encryption debacle, the glibc Linux vulnerability, and the latest ransomware headlines. Download: Threatpost_News_Wrap_February_19_2016.mp3 Music by Chris Gonsalves

Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Security also drags along with it a VNC server that...

Xen Project dropped the ball on two important security patches when it released a maintenance update for its popular hypervisor software on Tuesday. On its company blog today, Xen acknowledged what it called an “oversight” and attempted to explain what went wrong. However, absent from its updated blog, is a date that Xen Project expects to...

Not since Stagefright have we had a vulnerability with the scale and reach of the glibc flaw disclosed on Tuesday. “It’s pretty bad; you don’t get bugs of this magnitude too often,” said Dan Kaminsky, researcher, cofounder and chief scientist at White Ops. “The code path is widely exposed and available, and it yields remote...

Glibc, the GNU C library at the core of last year’s GHOST vulnerability, is vulnerable to another critical flaw affecting nearly all Linux machines, as well as API web services and major web frameworks where the code runs. The vulnerability, discovered independently by researchers at Google and Red Hat, has been patched. The flaw, CVE-2015-7547,...

Mike Mimoso and Chris Brook discuss the news of the week, including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain. Download: Threatpost_News_Wrap_February_5_2016.mp3 Music by Chris Gonsalves

Website operators running sites on the WordPress platform need to be aware of a massive string of infections that as of Thursday were poorly detected by security products. Researchers at Heimdal Security said the compromised sites redirect victims to other domains hosting the Nuclear Exploit Kit, a potent collection of exploits for vulnerable Adobe products...

Google’s Safe Browsing API is almost a living organism, constantly evolving and adapting to online threats. On Wednesday, Google announced the latest enhancements to the service, with new features that protect users on the web from deceptive embedded content. “You may have encountered social engineering in a deceptive download button, or an image ad that...