In This Section

PINDROP BLOG

Category: Device Security

December 12, 2016
Some Netgear Routers Open to Remote Code Execution
Two models of Netgear home routers contain a vulnerability that can allow a remote attacker to execute arbitrary code. The bug can be exploited with a simple URL and there’s a publicly available exploit for the flaw. The issue affects the Netgear R7000 and R6400 routers and right now there’s no fix available for the…
Read More →
December 8, 2016
Prosecutor: Some Encryption a ‘Threat to Our Ability to Protect’ Americans
The deployment of default strong encryption on mobile devices and U.S. companies storing user data in foreign countries is hampering the ability of law enforcement to protect Americans from cyber crime and other threats, a top U.S. prosecutor said. In a speech Wednesday, Assistant Attorney General Leslie Caldwell said prosecutors and law enforcement agencies across the country are…
Read More →
December 8, 2016
Zeus Offspring Floki Bot Infecting PoS Systems
Malware gangs, like sad wedding bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is…
Read More →
December 7, 2016
New Mirai Variant Infecting Home Routers
A new variant of the Mirai malware that has been wreaking havoc on IoT devices is now being used to infect home routers installed by TalkTalk in the U.K. The malware is exploiting a vulnerability to install itself on the router and then attackers are using the infected devices in DDoS attacks. Researchers at Imperva…
Read More →
December 7, 2016
Flash Bugs Dominate Exploit Kit Landscape
Vulnerabilities in Flash and Internet Explorer dominated the exploit kit landscape in the last year, with a high-profile bug in Flash being found in seven separate kits, new research shows. Exploit kits have long been a key tool in the arsenal of many attackers, from low-level gangs to highly organized cybercrime crews. Their attraction stems from…
Read More →
December 6, 2016
December Android Update Fixes Dirty Cow Flaw
Google has released a fix for the so-called Dirty Cow vulnerability for Android, a Linux kernel bug disclosed in October. The patch comes in the December Android security update, which also includes fixes for more than two dozen other vulnerabilities. The Dirty Cow bug is a privilege escalation vulnerability in the Linux kernel that has…
Read More →
December 6, 2016
Researchers Find Backdoors in Sony IP Cameras
A long list of IP-enabled security cameras made by Sony contain backdoors in their firmware that can allow an attacker to run arbitrary code remotely on the devices and potentially opening them up for use in a botnet. The cameras affected by the vulnerabilities are surveillance cameras, mainly used in enterprises and retail settings and…
Read More →
December 2, 2016
Bugs in AirDroid App Allow Traffic Interception, Malicious Updates
AirDroid, a popular Android app used for remote management, has a number of security vulnerabilities that could allow an attacker to intercept and decrypt secure traffic and even inject a malicious app update to gain remote code execution on a target device. The main issue with the app is the use of a hard-coded encryption…
Read More →
December 1, 2016
Lieu Asks Congress to Examine Ransomware Problem
In the wake of the attack on San Francisco’s Muni transportation over the Thanksgiving weekend, a legislator from California is asking Congress to hold hearings on the ransomware problem and determine whether there are ways that the government can help address the issue in both government agencies and private businesses. Rep. Ted Lieu (D-Calif.) sent a…
Read More →
November 30, 2016
More Than a Million Android Devices Rooted by Gooligan Malware
A new version of an existing piece of malware has emerged in some third-party Android app stores and researchers say it has infected more than a million devices around the world, giving the attackers full access to victims’ Google accounts in the process. The malware campaign is known as Gooligan, and it’s a variant of…
Read More →
2019 Voice Intelligence Webinar Series – where voice, not touch is the main interface for customers.