API

Yahoo Admits Server Breach But Denies Connection To Shellshock

Yahoo has admitted that hackers have managed to access some of its Sports API servers. The web giant, however, insisted that user data is safe. While the company did admit that there was a server breach, it has denied media reports that its servers have been accessed by hackers looking to exploit the Shellshock vulnerability Read More

VPN Creative Interviews: Lookingglass Cyber Solutions

In this week’s installment of VPN Creative’s newest interview series, we sat down with the Chief Intelligence and Collections Office of Lookingglass Cyber Solutions Jason Lewis to discuss everything from the threat of older worms like Conficker on modern systems, as well as what the future of the cloud looks like as thieves come up Read More

Trend Micro

New BlackPOS Variant Evolves from Open Source Dump

Trend Micro has posted on their blog about the discovery of a fresh variant off the now-notorious BlackPOS tree, one that is capable of masking itself as a legitimate anti-virus vendor and sneaking its way onto the point-of-sale machines of small businesses and retail chains across the country. The reason we’ve seen so many clones Read More

grindr

Anonymous User Reveals ‘Security Flaw’ in Grindr

An anonymous user has exposed a security flaw in Grindr, a popular gay dating app, revealing a way to find the exact geographical position of the users who have enabled their location services. This geo-based app uses the locations of users to show their relative distances to each other. Using the same process as used Read More

Netflix

Netflix Releases Scumblr, Seeks ‘Outside Perspective’

Netflix has announced an open source release of its in-house security tools Scumblr and Sketchy. The Netflix security team has been using these tools internally since February 2014 and determined they are now stable and useful enough to open up to the public developer community. Netflix senior application security engineer Scott Behrens spoke to ThreatPost Read More

nest

Is Your Nest Thermostat Spying On You?

In a convenience turned catastrophe situation, it has been revealed that Google’s newly acquired Nest smart thermostats are very easily hackable, and could turn into spies. These shocking revelations were brought to the general attention by Daniel Buentello, an independent researcher; Yier Jin and Grant Hernandez, both of the University of Central Florida. According to Read More

Bitly Compromised, Users Urged to Change Passwords

URL shortening tool Bitly has been compromised according to the site’s CEO, who is urging everyone to change their passwords ASAP. Bitly also allows users to login via their Facebook and Twitter accounts so users will need to change those passwords too. We have reason to believe that Bitly account credentials have been compromised; specifically, Read More

Tinder Exposed in Massive User Tracking Flaw

First brought to our attention by researchers at Include Security, the vulnerability allows anyone with a basic understanding of the API that Tinder is based on. By querying the service, random hackers could easily discover the coordinates of any user of their choosing, by relying on an old technique known as “trilateration”. Trilateration occurs when Read More

Facebook Releases Conceal for Android Security

App security is hard. Whether it’s permissions, firewall protocols, or making sure the API is sealed up tight, it’s no secret that creating a safe, reliable, and secure application for the Android platform is anything but simple. Thankfully, that’s where companies like Facebook come in, believe it or not. Not widely known in the industry Read More

Snapchat Finally Plugs Security Hole

Nothing big, ya know. Just that massive canyon of a vulnerability first discovered in August by Gibson Security, which allowed hackers to slip in completely unnoticed and walk out the backdoor of the photo app Snapchat with nearly 4.6 million usernames and phone numbers before their security team even know what hit them. In December, we Read More

Older Posts