57 matches found
Raccoon Malware Scavenges 100,000+ Devices to Steal Data
A new information stealer, dubbed Raccoon, is rapidly gaining popularity with cybercriminals. In just a few months, researchers say the malware has already infected hundreds of thousands of devices across the world to rove through victims’ credit card data, email credentials and more. The malware...
Ubiquiti Networks UniFi Controller Trust Management Issue Vulnerability
Ubiquiti Networks UniFi Controller is a suite of software from Ubiquiti Networks, Inc. for managing multiple wireless access point devices in a single platform. A trust management issue vulnerability exists in Ubiquiti Networks UniFi Controller version 5.10.21 and prior versions, which can be...
CVE-2017-8411
CVE-2017-8411 affects D-Link DCS-1130 devices. A command-injection path exists via a POST parameter that can be processed by a vulnerable system API, enabling execution of arbitrary commands. Investigations point to libmailutils.so, where a vulnerable function sub_1FC4 receives POST data; the val...
Separ Malware Plucks Hundreds of Companies' Credentials in Ongoing Phish
An ongoing phishing campaign is using malicious PDF documents to spread Separ malware and ultimately steal victims’ browser and email credentials. Since the attack started at the end of January, it has affected around 200 companies and over 1,000 individuals, located mainly in Southeast Asia, the...
Phishing Biggest Threat to Google Account Security
Last year may have been mostly about ransomware, but it’s difficult to forget the billion or so passwords that were spilled in high-profile breaches and credential leaks. Google and researchers from the University of California Berkeley attempted to ease some of that pain, and teamed up to analyz...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of protection for email account credentials, allowing attackers to access confidential information.
The vulnerability of Advantech WebAccess remote monitoring software lies in the lack of protection for email account credentials stored in unencrypted form. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...
On the Onliner Spambot, WireX, and Sarahah
Mike Mimoso and Chris Brook discuss the news of the week, including the Onliner spambot, Google’s forthcoming Not Secure warnings for Chrome, the WireX botnet, Sarahah privacy and more. Download: ThreatpostNewsWrapSeptember12017.mp3 Music by Chris Gonsalves Show notes: Google Reminding Admins HTT...
Spambot Contains 'Mind-Boggling' Amount of Email, SMTP Credentials
Researchers have managed to penetrate a spam bot and uncover a massive list of 711 million records that includes email addresses, email and password combinations some in cleartext, and SMTP credentials and configuration files. Troy Hunt who runs the Have I Been Pwned service called it a...
Phishers unleash simple but effective social engineering techniques using PDF attachments
The Gmail phishing attack is reportedly so effective that it tricks even technical users, but it may be just the tip of the iceberg. We’re seeing similarly simple but clever social engineering tactics using PDF attachments. These deceitful PDF attachments are being used in email phishing attacks...
Experts Warn of Novel PDF-based Phishing Scam
The SANS Internet Storm Center published a warning on Wednesday about an active phishing campaign that utilizes PDF attachments in a novel ploy to harvest email credentials from victims. According to the SANS bulletin, the email has the subject line “Assessment document” and the body contains a...
New Emomet Variant Targets Banking, Email Credentials
Security researchers are tracking a new version of the Emomet malware that is targeting users’ banking credentials and also has the ability to steal email usernames and passwords, which are then used to send spam from compromised accounts. The new variant of Emomet has mostly been seen targeting...
Cybercrime Group Preys on Wall Street Insider Information
A criminal hacking group with an innate understanding of how Wall Street moves and what influences stock prices has found a soft spot in more than 100 publicly traded companies and is stealing, among other data, mergers and acquisitions intelligence. The group is homed in on healthcare and...
Citadel Variant Targets Password Managers
The Citadel Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products. Researchers from IBM Trusteer today said they’ve notified makers of the nexus Personal Security Client, Password Safe and KeePa...
New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market
Researchers at Trusteer spotted a new banking malware program on the underground Russian cybercrime market, that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed 'i2Ninja', malware has most of the features found in other...
Open redirect
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other users in...
BlackBerry Refutes Claim Private Email Passwords Sent to RIM
BlackBerry is refuting a claim made by a German researcher that private email credentials are sent by the new BlackBerry 10 mobile devices to the company without consent, possibly in the clear, and that they’re also stored without permission. Frank Rieger said that when users enter their POP/IMAP...
Ice IX: Not Cool At All
My colleague Jorge Mieres recently found a C&C server of a botnet based on a malicious program called Ice IX. As announced on several user forums, Ice IX is a bot created using the source code of ZeuS 2.0.8.9, which became publicly available in May. The author of the new bot says the program...