Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/10/19 5:5 p.m.33 views

Overlay Malware Targets Windows Users with a DLL Hijack Twist

Brazilians are being warned of a new overlay malware targeting Windows users in order to siphon victims’ financial data and drain their bank accounts. Researchers say what the malware, dubbed Vizom, lacks in sophistication it makes up for in its creative abuse of the Windows ecosystem. Trusteer, ...

1.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/10/19 10:0 a.m.33 views

Microsoft is the Most-Imitated Brand for Phishing Emails

Microsoft is top of the heap when it comes to hacker impersonations – with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year. That’s according to Check Point, which found that the computing giant leapt from fifth pla...

1.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/10/14 3:45 p.m.33 views

Intel Adds Memory Encryption, Firmware Security to Ice Lake Chips

Intel’s third-generation Xeon Scalable server processors, code-named Ice Lake, will be rolled out with new security upgrades that the chip giant claims will better protect devices from firmware attacks. The upcoming chips are based on Ice Lake, Intel’s 10nm CPU microarchitecture, which was first...

0.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/10/06 3:0 p.m.33 views

APT Attack Injects Malware into Windows Error Reporting

A campaign that injects malware into the Windows Error Reporting WER service to evade detection is potentially the work of a Vietnamese APT group, researchers said. The attack, discovered on Sept. 17 by researchers at Malwarebytes Threat Intelligence Team, lures its victims with a phishing campai...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/09/17 3:31 p.m.33 views

APT41 Operatives Indicted as Sophisticated Hacking Activity Continues

UPDATE Five alleged members of the APT41 threat group have been indicted by a federal grand jury, in two separate actions that were unsealed this week. Meanwhile, the Department of Treasury also imposed sanctions on individuals and organizations associated with Iran-linked APT39. APT41 a.k.a...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/09/16 1:0 p.m.33 views

Report Looks at COVID-19’s Massive Impact on Cybersecurity

Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the COVID-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to COVID-19. Of course, malicious downloads would be COVID-19 related...

Exploits0References4
ThreatPost
ThreatPost
added 2020/08/04 2:46 p.m.33 views

Twitter Could Face $250M FTC Fine Over Improper Data Use

Twitter may be facing a Federal Trade Commission FTC fine of up to $250 million, after the social media giant last year revealed the improper use of users’ email addresses and phone numbers. In October 2019, Twitter acknowledged that user phone numbers and email addresses gathered for security...

Exploits0References14
ThreatPost
ThreatPost
added 2020/07/02 1:18 p.m.33 views

FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps

Android mobile device users are being targeted in a new SMS phishing campaign that’s spreading the FakeSpy infostealer. The malware, which is disguised as legitimate global postal-service apps, steals SMS messages, financial data and more from the victims’ devices. The campaign was first discover...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/06/26 7:6 p.m.33 views

'Cardplanet' Operator Sentenced to 9 Years for Selling Stolen Credit Cards

A cybercriminal responsible for running a “carding” website on the Dark Web is going to federal prison for nine years for selling stolen consumer payment information. Aleksei Burkov, a Russian national, was the operator of a website called “Cardplanet” that sold hundreds of thousands of debit- an...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/20 5:27 p.m.33 views

Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions

An infamous business email compromise BEC gang has submitted hundreds of fraudulent claims with state-level U.S. unemployment websites and coronavirus relief funds. Researchers who tracked the fraudulent activity said cybercriminals may have made millions so far from the fraudulent activity. Behi...

7.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/11 12:29 p.m.33 views

Necurs Botnet in Crosshairs of Global Takedown Offensive

A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure. The move came after Microsoft and partners across 3...

7.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/05 8:26 p.m.33 views

CamuBot Banking Trojan Returns In Targeted Attacks

The CamuBot malware, known for targeting Brazilian bank customers, has returned in a slew of recent offensives. The latest wave of attacks are highly personalized and, unlike previous campaigns, target victims’ mobile banking apps as an extra step to evade detection when making fraudulent...

1.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/26 8:34 p.m.33 views

Austin Man Indicted for Stealing Unreleased Music from Artists

A 27-year-old man who allegedly impersonated a music producer in an effort to nab unreleased music from various artists has been indicted. If convicted, he faces 27 years in prison on charges of conspiring with others to commit wire fraud, computer intrusion and committing aggravated identity...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/01/03 9:50 p.m.33 views

A Dozen Flaws in Popular Mac Clean-Up Software Allow Local Root Access

A passel of privilege-escalation vulnerabilities in MacPaw’s CleanMyMac X software would allow a local attacker to gain root access to an Apple machine in various ways. CleanMyMac X is a cleanup application for MacOS that optimizes the drives and frees up space by scanning for unused, redundant o...

6.6CVSS1.3AI score0.00497EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2018/12/24 5:28 p.m.33 views

Critical Bug Patched in Schneider Electric Vehicle Charging Station

Schneider Electric is warning about a critical vulnerability in its EVLink Parking devices – a line of electric vehicle charging stations. The energy management and automation giant said the vulnerability is tied to a hard-coded credential bug that exists within the device that could enable...

10CVSS9.4AI score0.06252EPSS
Exploits3References7
ThreatPost
ThreatPost
added 2018/11/09 4:28 p.m.33 views

ThreatList: Google Play Nine Times Safer Than Third-Party App Stores

Bearing out the conventional wisdom that avoiding third-party app stores is a security best practice, new data from Google shows that Android devices that only download apps from Google Play are nine times less likely to end up with malware. According to Google’s inaugural Android Ecosystem...

1.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/09/20 4:10 p.m.33 views

Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE

UPDATE Cisco Systems has issued a second warning for a critical static credential bug in its IOS XE software, which allows an unauthenticated attacker to gain access to targeted systems. The security bulletin comes more than six months after the company initially reported the bug and provided a...

10CVSS9.1AI score0.04823EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2018/08/24 3:25 p.m.33 views

Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors

Researchers have found a cross-site scripting XSS flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites. The vulnerability CVE-2018-8006 was disclosed today and impacts ActiveMQ versions earlier than...

4.3CVSS0.5AI score0.55895EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2018/08/17 11:0 a.m.33 views

Only ATM Heists Set to Accelerate After $13M Break-In

Mere days after the Feds warned banks about an impending ATM cash heist, hackers managed to siphon $13 million from the Pune, India-based Cosmos Bank – using cloned versions of the bank’s debit cards over the course of two days. It’s unlikely to be the last ATM theft that makes news, given how...

7.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2018/07/19 1:22 p.m.33 views

Critical Authentication Flaws in Cisco Policy Suite Patched

Cisco has patched four critical security vulnerabilities surrounding a lack of authentication requirements in its Policy Suite for mobile carriers. These would allow remote attackers to potentially exfiltrate information, compromise wireless subscriber account information, meddle with databases o...

10CVSS1.2AI score0.0379EPSS
Exploits0References15
ThreatPost
ThreatPost
added 2018/05/22 6:23 p.m.33 views

Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical

A pen-tester has found six vulnerabilities in Dell EMC RecoverPoint devices, including a critical remote code execution flaw that could allow total system compromise. EMC RecoverPoint is a disaster recovery tool that can be used to back up local and remote information storage, across data centers...

10CVSS9.1AI score0.43287EPSS
Exploits12References4
ThreatPost
ThreatPost
added 2018/02/27 12:46 p.m.33 views

Remote Code Execution Bug Patched in Adobe Acrobat Reader DC

Researchers at Cisco Talos are detailing a remote code execution vulnerability found in Adobe Acrobat Reader DC that can be triggered when a malicious file is opened or a victim accesses a rigged webpage. According to Talos, the vulnerability CVE-2018-4901 was disclosed on Dec. 7 and Adobe issued...

6.8CVSS1.4AI score0.16483EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2018/01/24 7:16 p.m.33 views

Skype, Slack and Other Popular Windows Apps Vulnerable to Critical Framework Bug

UPDATE Hundreds of software applications built using the developer framework called Electron may be vulnerable to a remote code execution flaw, according to developers of the framework. Impacted are dozens of popular Windows applications such as Microsoft’s Skype for Windows and Slack. Earlier th...

9.3CVSS9AI score0.84434EPSS
Exploits31References3
ThreatPost
ThreatPost
added 2018/01/18 1:14 p.m.33 views

Google Awards Record $112,500 Bounty for Android Exploit Chain

Prolific bug hunter Guang Gong has earned the highest-ever payout for a vulnerability in the history of Google’s Android Security Rewards program, which began in 2015. He earned a combined $112,500 for the disclosure of an Android exploit chain impacting Google’s Pixel handset that could allow an...

7.2CVSS1.6AI score0.12674EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2017/08/25 6:0 a.m.33 views

Security Lacking in Previous AppleAVEDriver iOS Kernel Extension

An obscure Apple kernel extension patched in July in iOS 10.3.3 was originally built without security measures in place, according to the researcher who privately disclosed the flaws. Today at the Hack in the Box security conference in Singapore, Zimperium zLabs’ Adam Donenfeld was scheduled to...

9.3CVSS0.4AI score0.04666EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2017/08/08 1:40 p.m.33 views

Flash Player Marches Toward End, Patches Two Code Execution Bugs in Latest Update

Adobe today pushed out its first Flash Player update since announcing two weeks ago that it would stop distributing and updating the software in 2020. Flash has been at the center of many targeted attacks and exploit kit activity, and despite numerous improvements to the product including...

9.3CVSS0.1AI score0.22311EPSS
Exploits3References5
ThreatPost
ThreatPost
added 2017/06/29 1:59 p.m.33 views

Ubuntu Fixes Linux Systemd Bug

Developers with Canonical pushed out a handful of patches for the Linux-based operating system Ubuntu this week, including one that resolves a bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload. Chris Coulson, a software and electronics...

5CVSS0.9AI score0.55116EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2017/05/02 12:40 p.m.33 views

Google Patches Six Critical Mediaserver Bugs in Android

Google pushed out its monthly Android patches Monday, addressing 17 critical vulnerabilities, six of which are tied to its problematic Mediaserver component. An additional four critical vulnerabilities related to Qualcomm components in Android handsets including Google’s own Nexus 6P, Pixel XL an...

9.3CVSS1.5AI score0.00579EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2017/01/28 9:15 a.m.33 views

Cisco Warns of Critical Flaw in Teleconferencing Gear

Cisco Systems is warning customers of a critical vulnerability affecting three of its TelePresence MCU platform models. The flaw could give attackers the ability to remotely execute code on impacted systems or create conditions favorable to a denial-of-service DoS attack. According to an advisory...

10CVSS1.2AI score0.06836EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/06/21 10:8 a.m.33 views

Apple Patches AirPort Remote Code Execution Flaw

Apple is keeping typically tight-lipped about a remote code execution vulnerability it patched in its AirPort router firmware. Last night, Apple released an advisory warning users of the AirPort Express, AirPort Extreme and AirPort Time Capsule base stations that a new firmware was...

10CVSS1.5AI score0.03926EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2016/05/12 11:58 a.m.33 views

5 Vulnerabilities Fixed In Chrome Browser, Google Pays $20K to Bug Hunters

Google is urging Windows, Mac and Linux users to update their Chrome browser to fix five security holes – two which rate as high severity. Google warned users of the vulnerabilities Wednesday as it released a new version, 50.0.2661.102, of the browser. The Chrome security holes were found by four...

9.3CVSS0.7AI score0.04227EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2016/05/10 1:56 p.m.33 views

Adobe Patches 95 Vulnerabilities in Acrobat, Reader, Warns of Flash Zero Day

Adobe rolled out security updates for three of its products on Tuesday, including 95 fixes it pushed for Acrobat, Reader, and ColdFusion. Users will have to wait until later this week, however, to patch a critical vulnerability that exists in Flash Player. It may only be a matter of time until th...

10CVSS10AI score0.94354EPSS
Exploits6References5
ThreatPost
ThreatPost
added 2016/04/13 11:30 a.m.34 views

Broken IBM Java Patch Disclosure

Update For the second time in two weeks, researchers have discovered a three-year-old broken patch for a vulnerability in IBM’s Java SDK implementation. The flaw allows for an attacker to execute code outside the Java sandbox, and still affects current versions of IBM SDK, 7 and 8, released in...

9.3CVSS2.6AI score0.06028EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/04/07 9:8 p.m.33 views

Latest Flash Zero Day Being Used to Push Ransomware

Exploits for a zero-day vulnerability in Adobe Flash Player are being aggressively distributed in two exploit kits. The zero day, meanwhile, was patched by Adobe in an emergency update released Thursday night. Attackers are using the previously unpatched flaw in the maligned Flash Player to infec...

10CVSS0.2AI score0.22487EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2016/03/09 2:7 p.m.33 views

Caution Urged over Patched Windows USB Driver Flaw

USB-related vulnerabilities make people nervous; you need look no further than Stuxnet and BadUSB to see the dangers associated with infected portable storage devices and peripherals. Yesterday, Microsoft patched a flaw in the Windows USB Mass Storage Class Driver that could put some people on...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2016/02/17 4:1 p.m.33 views

Magnitude of glibc Vulnerability Coming to Light

Not since Stagefright have we had a vulnerability with the scale and reach of the glibc flaw disclosed on Tuesday. “It’s pretty bad; you don’t get bugs of this magnitude too often,” said Dan Kaminsky, researcher, cofounder and chief scientist at White Ops. “The code path is widely exposed and...

6.8CVSS8.1AI score0.89557EPSS
Exploits17References3
ThreatPost
ThreatPost
added 2016/01/27 11:0 a.m.33 views

Cisco MiniUPnP Stack Smashing Protection Attack

The Internet of Things security challenge is twofold: finding bugs, and more urgent—fixing them. Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year. The...

6.8CVSS9.4AI score0.04783EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2015/12/02 11:18 a.m.33 views

Google Plans to End Chrome for 32-bit Linux, Releases Chrome 47

Google announced this week it will end Chrome support for older, 32-bit Linux distributions early next year and will maintain the browser on more popular distributions of the software. Specifically Google plans to stop pushing updates and security fixes to those running Chrome on 32-bit Linux,...

10CVSS0.6AI score0.04692EPSS
Exploits4References2
ThreatPost
ThreatPost
added 2015/08/21 9:34 a.m.33 views

August 2015 Apple QuickTime Security Patches

Apple on Thursday pushed out a new version of QuickTime for Windows that patched nine vulnerabilities, including a handful reported Aug. 13 by Cisco Talos and Fortinet researchers. All five flaws, if exploited, could lead to a crash of the media player or code execution in some cases, Apple said ...

6.8CVSS0.9AI score0.0364EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2015/08/20 1:32 p.m.33 views

Details Surface on Patched Sandbox Violation Vulnerability in iOS

Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app. The issue, which was present in versions of iOS prior to 8.4.1, stems from a vulnerability with...

4.3CVSS7.2AI score0.01362EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2015/05/12 12:43 p.m.33 views

May 2015 Adobe Flash, Reader, Acrobat Security Updates

Adobe today released sizable updates for Flash Player, Reader and Acrobat, patching 18 and 34 vulnerabilities respectively in the software. None of the vulnerabilities in any of the three products, Adobe said, are being publicly exploited. The Flash Update for Windows, Mac OS X, and Linux patches...

5CVSS2.1AI score0.17456EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2015/03/19 10:0 a.m.33 views

OpenSSL Patches High Severity DOS Vulnerability

Hold the logo and the dedicated website; the anticipated high-severity OpenSSL vulnerability is serious, but it’s no Heartbleed or POODLE. As it turns out, the bug is a denial-of-service condition that affects only version 1.0.2 of the ubiquitous crypto library. A dozen other vulnerabilities nine...

5CVSS0.4AI score0.08055EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2015/01/22 11:43 a.m.33 views

Adobe Patches One Zero Day in Flash, Still Investigating Separate Vulnerability

UPDATE–Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The...

10CVSS1.5AI score0.8582EPSS
Exploits5References2
ThreatPost
ThreatPost
added 2014/11/19 2:54 p.m.33 views

Citadel Variant Targets Password Managers

The Citadel Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products. Researchers from IBM Trusteer today said they’ve notified makers of the nexus Personal Security Client, Password Safe and KeePa...

10CVSS0.1AI score0.81943EPSS
Exploits5
ThreatPost
ThreatPost
added 2014/07/29 2:51 p.m.33 views

Leahy Introduces Bill to End Bulk Call Record Collection

Sen. Patrick Leahy has introduced an updated, tougher version of the USA FREEDOM Act that would end the bulk collection of data under Section 215 of FISA and also would require the appointment of a panel of special legal advocates who would represent the interests of individual privacy and civil...

6.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/07/07 10:10 a.m.33 views

July 2014 Microsoft Patch Tuesday Security Bulletins Updates

Tomorrow’s regularly scheduled patch update from Microsoft includes – go figure – another cumulative rollup for Internet Explorer and a critical fix for a Windows remote code execution bug. More of the same for sure, but there’s another bug being patched that may merit moving up a rung on your li...

9.3CVSS0.8AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2014/01/10 1:23 p.m.33 views

Former NSA Officials Detail Failures of Agency Programs in Letter to Obama

In the weeks and months leading up to 9/11, the National Security Agency had been working on a new information-gathering and analysis system known as THINTHREAD, a system that was built in-house and was meant to replace the uncountable number of stand-alone collection systems and attendant...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2013/10/01 1:47 p.m.33 views

Metasploit Exploit Module for IE Zero-Day Vulnerability

It’s been 14 days since Microsoft issued an advisory and temporary mitigation for a zero-day vulnerability in Internet Explorer, one being actively exploited in the wild and called by some experts as severe a browser bug as you can have. Yet users have since had little more to shield them from...

9.3CVSS0.3AI score0.99945EPSS
Exploits51References7
ThreatPost
ThreatPost
added 2013/02/27 2:53 a.m.33 views

Researchers Find Stuxnet Older Than Previously Believed

Researchers on Tuesday said they have proof the Stuxnet worm used to cripple Iran’s nuclear program has been in the wild two years longer than first believed. There’s also now evidence the military-grade malware’s origins date back to 2005, and possibly earlier. According to an 18-page report,...

0.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/02/14 5:5 p.m.33 views

Adobe Recommends Protected View as Temporary Zero Day Mitigation

Adobe released an advisory yesterday suggesting a manual mitigation for zero-day vulnerabilities in its Reader and Acrobat products that are being actively exploited in the wild. The exploit is the first sandbox escape in Adobe Reader X and above. FireEye, which reported the vulnerability to Adob...

9.3CVSS8.4AI score0.86979EPSS
Exploits4References4
Total number of security vulnerabilities5000