PINDROP BLOG

Tag: device security

July 19, 2017
Apple Fixes Broadpwn Bug in iOS 10.3.3
In the latest version of iOS Apple has patched dozens of serious security flaws, including the Broadpwn vulnerability in some Broadcom WiFi chips, and a number of remote code execution bugs in various components of the OS. Not many details of the Broadpwn vulnerability are public yet, but it’s considered a fairly serious issue. Google…
Read More →
June 23, 2017
Flaws in MatrixSSL Leave IoT Devices Open to Attack
Researchers have discovered several flaws in the MatrixSSL TLS stack used in IoT devices, two of which could let an attacker execute arbitrary code on a vulnerable device. MatrixSSL is a small TLS/SSL stack that’s designed for use in embedded systems and other constrained environments. The software can run in low-memory environments, which has made…
Read More →
May 3, 2017
IBM Says It Shipped Malware-Infected USB Drives
IBM shipped USB flash drives containing malware to an unknown number of customers. The company said the malware is automatically copied to any machine that the drive is connected to, and is warning customers to destroy the drives. IBM hasn’t released many details on the incident or how the malware got onto the drives. But…
Read More →
April 25, 2017
New BrickerBot Variant Compromising IoT Devices
A new, more aggressive version of the BrickerBot malware that has compromised and destroyed the memory of IoT devices is now making the rounds, using a familiar infection vector and going after devices with intense bursts of activity. BrickerBot is a spiritual descendant of Mirai, the IoT-specific malware that has been attacking a variety of…
Read More →
April 19, 2017
Hajime Malware Joins Mirai in Targeting IoT Devices
Mirai is no longer the only game in town when it comes to IoT malware. A new piece of malware known as Hajime is infecting some of the same kinds of embedded devices that Mirai has been targeting for several months. The malware has infected thousands of IoT devices in recent weeks and researchers say…
Read More →
March 30, 2017
Mirai Botnet Hammers College With Two-Day Attack
A newly discovered variant of the Mirai malware recently was used in a massive, sustained DDoS attack against a college in the United States, an attack that lasted more than two days. The Mirai malware has been involved in several of the larger DDoS attacks ever seen, including one that hit the Dyn DNS provider…
Read More →
March 23, 2017
Android Trojan Spreads Through Fake Cell Towers
Attackers in China are using rogue cell base stations to spread versions of an Android banking Trojan that steals user credentials and has the ability to bypass two-factor authentication. The malware, known as the Swearing Trojan for some impolite language found in the Chinese code, has been in circulation for several months and uses a…
Read More →
February 21, 2017
Netflix Releases Stethoscope Security Tool
Netflix has released a new security application that’s designed to give normal users detailed information about the security state of their various devices and help them remedy any issues, without going to IT or a help desk. Stethoscope is a Web-based tool that the company says is part of its user-focused security ethos, and Netflix has…
Read More →
February 21, 2017
Wyden to Introduce Bill to Prohibit Warrantless Phone Searches at Border
A senator from Oregon who has a long track record of involvement on security and privacy issues says he plans to introduce a bill soon that would prevent border agents from forcing Americans returning to the country to unlock their phones without a warrant. Sen. Ron Wyden said in a letter to the secretary of…
Read More →
February 1, 2017
Mirai, Google, and the Future of DDoS
OAKLAND–When the Mirai botnet burst onto the scene last year, it did so in style, with two of the largest DDoS attacks on record. One of the initial targets of its wrath was the site run by reporter Brian Krebs, and the attack set off a chain reaction that not only took the site offline…
Read More →
Webinar: Call Center Fraud Vectors & Fraudsters Analyzed