Lucene search
K

83 matches found

ThreatPost
ThreatPost
added 2021/04/21 3:35 p.m.4135 views

Pulse Secure Critical Zero-Day Security Bug Under Active Exploit

A critical zero-day security vulnerability in Pulse Secure VPN devices has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as well as victims in Europe, researchers said. Download “The Evolution of Ransomware” to gain valuable...

7.5CVSS0.4AI score0.99999EPSS
Exploits35References12
ThreatPost
ThreatPost
added 2021/04/15 12:19 p.m.426 views

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Cryptojacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous ProxyLogon exploit, new research has found. Researchers discovered the threat actors using Exchange servers compromised using the highly publicized exploit...

7.5CVSS9.5AI score0.99999EPSS
Exploits66References11
Malwarebytes
Malwarebytes
added 2021/03/16 6:15 p.m.46 views

ProxyLogon PoCs trigger a game of whack-a-mole

As we reported recently, the use of the Microsoft Exchange Server ProxyLogon vulnerabilities has gone from “limited and targeted attacks” to a full-size panic in no time. Criminal activities, ranging in severity from planting crypto-miners to deploying ransomware, and conducted by numerous groups...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/12 4:26 p.m.404 views

Microsoft Exchange Exploits Pave a Ransomware Path

Cybercriminals are now using compromised Microsoft Exchange servers as a foothold to deploy a new ransomware family called DearCry, Microsoft has warned. The ransomware is the latest threat to beleaguer vulnerable Exchange servers, emerging shortly after Microsoft issued emergency patches in earl...

7.5CVSS9.7AI score0.99999EPSS
Exploits66References14
ThreatPost
ThreatPost
added 2021/01/15 9:47 p.m.115 views

Microsoft Implements Windows Zerologon Flaw 'Enforcement Mode'

Microsoft is taking matters into its own hands when it comes to companies that haven’t yet updated their systems to address the critical Zerologon flaw. The tech giant will soon by default block vulnerable connections on devices that could be used to exploit the flaw. Starting Feb. 9, Microsoft...

9.3CVSS8.3AI score0.99512EPSS
Exploits75References13
Malwarebytes
Malwarebytes
added 2021/01/11 4:1 p.m.42 views

A week in security (January 4 – January 10)

Last week on Malwarebytes Labs, we released survey results about VPN usage and found that 36 percent of our respondents use it. We also talked about Adobe Flash Player reaching its end of life—meaning, Adobe wont be supporting the updating and patching of its Flash Player software; covered the...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/01/08 9:31 p.m.63 views

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. Recorded Future just released findings from its regular year-end observations of malicious...

7.6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/12/21 5:10 p.m.32 views

Simplifying Proactive Defense With Threat Playbooks

Security defense strategy can be extremely complex, with security teams grappling with tens of thousands of information points and evolving attacker techniques, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs. Derek Manky FortiGuard Labs has...

7AI score
Exploits0References7
CISA
CISA
added 2020/12/03 12:0 a.m.13 views

NCSC Releases 2020 Annual Review

The United Kingdom UK National Cyber Security Centre NCSC has released its Annual Review 2020, which focuses on its response to evolving and challenging cyber threats. Recognizing cybersecurity as a “team sport,” the publication includes highlights of NCSC’s collaboration with many partners,...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/11/25 4:55 p.m.240 views

Critical MobileIron RCE Flaw Under Active Attack

Advanced persistent threat APT groups are actively exploiting a vulnerability in mobile device management security solutions from MobileIron, a new advisory warns. The issue in question CVE-2020-15505 is a remote code-execution flaw. It ranks 9.8 out of 10 on the CVSS severity scale, making it...

9.3CVSS0.4AI score0.99737EPSS
Exploits79References8
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/10/23 12:30 p.m.81 views

This Week in Security News: Watering Hole Campaign Operation Earth Kitsune Spying on Users’ Systems and Fancy Bear Imposters Are on a Hacking Extortion Spree

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a watering hole campaign Trend Micro dubbed ‘Operation Earth Kitsune’ that is spying on users’ systems through compromised...

6.8CVSS8.1AI score0.04715EPSS
Exploits0
Securelist
Securelist
added 2020/07/28 10:0 a.m.36 views

Lazarus on the hunt for big game

We may only be six months in, but theres little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. By investigating a number of these incidents...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/27 3:30 p.m.25 views

A week in security (July 20 – 26)

Last week on Malwarebytes Labs, our Lock and Code podcast delved into Bluetooth and beacon technology. We also dug into APT groups targeting India and Hong Kong, covered a law enforcement bust, and tried to figure out when, exactly, a Deepfake is a Deepfake. Other cybersecurity news Insecure emai...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/07/09 3:49 p.m.36 views

How bad bots are targeting the healthcare sector

Credential cracking, or password spraying, is one of the most effective ways for cybercriminals to get access to user accounts. It refers to the brute-force automated cracking, or pairing of usernames and passwords by using sophisticated high-speed bots. According to a National Cyber Awareness...

1.2AI score
Exploits0
Securelist
Securelist
added 2020/04/30 11:0 a.m.136 views

APT trends report Q1 2020

For more than two years, the Global Research and Analysis Team GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat APT activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and...

7.6CVSS9AI score0.52729EPSS
Exploits0
Securelist
Securelist
added 2020/04/22 8:0 a.m.44 views

SAS, sweet SAS

As you may already know from our social network posts, we have rescheduled the SAS 2020 conference for November 18-21 due to the COVID-19 pandemic and to ensure your safety. Though we still think that Barcelona is a great place to meet and it will not be a "real" SAS if we cannot hug, shake hands...

7.1AI score
Exploits0
ICS
ICS
added 2020/04/08 12:0 p.m.52 views

COVID-19 Exploited by Malicious Cyber Actors

Summary This is a joint alert from the United States Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA and the United Kingdom’s National Cyber Security Centre NCSC. This alert provides information on exploitation by cybercriminal and advanced persistent...

9.8CVSS9.8AI score0.99999EPSS
Exploits48References73
Talos Blog
Talos Blog
added 2020/03/31 11:9 a.m.29 views

Trickbot: A primer

By Chris Neal Executive Summary Trickbot remains one of the most sophisticated banking trojans in the landscape while constantly evolving.Highly modular, Trickbot can adapt to different environments with the help of its various modules.The group behind Trickbot has expanded their activities beyon...

1.6AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/09 6:1 p.m.176146 views

Microsoft Exchange Server Flaw Exploited in APT Attacks

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges. The vulnerability in question CVE-2020-0688 exists in the control panel of...

9CVSS0.4AI score0.99965EPSS
Exploits31References7
ThreatPost
ThreatPost
added 2020/02/28 1:18 p.m.51 views

Patrick Wardle: Apple Devices Hit With Recycled macOS Malware

SAN FRANCISCO – Advanced persistent threat APT groups are hitting Apple devices with malware that has been reverse engineered and redeployed for malicious acts. This technique is complicating attribution efforts, Patrick Wardle, security researcher with Jamf, said this week during RSA Conference...

6.5AI score
Exploits0
Rows per page
Query Builder