Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/04/28 2:2 p.m.230 views

Chase Bank Phish Swims Past Exchange Email Protections

Threat actors are impersonating Chase Bank in two phishing attacks that can slip past Microsoft Exchange security protections in an aim to steal credentials from victims — by spoofing real-life customer scenarios. Researchers from Armorblox recently discovered the attacks, one of which claims to...

7.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/11/29 9:22 p.m.229 views

IKEA Hit by Email Reply-Chain Cyberattack

As of Friday – as in, shopping-on-steroids Black Friday – retail titan IKEA was wrestling with a then-ongoing reply-chain email phishing attack in which attackers were malspamming replies to stolen email threads. BleepingComputer got a look at internal emails – one of which is replicated below –...

10CVSS10AI score0.99999EPSS
Exploits78References23
ThreatPost
ThreatPost
added 2021/01/13 9:22 p.m.229 views

High-Severity Cisco Flaw Found in CMX Software For Retailers

A high-severity flaw in Cisco’s smart Wi-Fi solution for retailers could allow a remote attacker to alter the password of any account user on affected systems. The vulnerability is part of a number of patches issued by Cisco addressing 67 high-severity CVEs on Wednesday. This included flaws found...

9.3CVSS1.7AI score0.99512EPSS
Exploits75References10
ThreatPost
ThreatPost
added 2020/08/07 10:11 p.m.229 views

Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

Six serious bugs in Qualcomm’s Snapdragon mobile chipset impact up to 40 percent of Android phones in use, according research released at the DEF CON Safe Mode security conference Friday. The flaws open up handsets made by Google, Samsung, LG, Xiaomi and OnePlus to DoS and escalation-of-privilege...

7.8AI score0.26869EPSS
Exploits6References9
ThreatPost
ThreatPost
added 2019/08/13 8:29 p.m.229 views

Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List

Microsoft’s August Patch Tuesday release contains updates for 93 CVEs, including 29 that are rated critical in severity. The highest priority of these include four critical remote code-execution RCE vulnerabilities in Remote Desktop Services RDS and a critical RCE flaw in Microsoft Word. Also, tw...

10CVSS0.1AI score0.75194EPSS
Exploits2References12
ThreatPost
ThreatPost
added 2019/07/05 7:27 p.m.229 views

WordPress Plugin WP Statistics Patches XSS Flaw

WordPress plugin WP Statistics has patched a cross-site scripting XSS vulnerability that could allow for full website takeover, if the website is operating under certain non-default settings. WP Statistics gives website owners a tool to analyze site statistics, such as the number of visitors on t...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/06/04 8:19 p.m.229 views

Zero-Day No More: Windows Bug Gets a Fix

The local privilege-escalation LPE zero-day bug in Microsoft Task Scheduler, disclosed by SandboxEscaper on Twitter in late May by way of making public a fully functioning exploit, now has a micropatch. The interim fix, from 0patch, was issued Tuesday to address the vulnerability. The bug would...

7.5CVSS0.7AI score0.94928EPSS
Exploits31References10
ThreatPost
ThreatPost
added 2009/10/06 11:47 a.m.229 views

Trove of Hotmail Passwords Posted Online

If you use Microsoft’s free Hotmail service, it may be time to change your password: Microsoft said Monday that several thousand Hotmail account credentials were posted online over the weekend. In a statement posted to its Windows Live Spaces blog, Microsoft said the company has determined that t...

0.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/02/15 6:33 p.m.228 views

Chrome Zero-Day Under Active Attack: Patch ASAP

Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that’s actively being jumped on by attackers in the wild. In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome’s Animation...

9.6CVSS9.8AI score0.70435EPSS
Exploits16References23
ThreatPost
ThreatPost
added 2021/08/12 8:30 p.m.228 views

Black Hat: Novel DNS Hack Spills Confidential Corp Data

LAS VEGAS – Amazon and Google patched a domain name service DNS bug that allowed attackers to snoop on the confidential networking settings of companies – revealing computer and employee names along with office locations and exposed web resources. The vulnerability, outlined in a Black Hat USA 20...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/01/13 3:37 p.m.228 views

'Cable Haunt' Bug Plagues Millions of Home Modems

UPDATED Multiple cable modems used by ISPs to provide broadband into homes have a critical vulnerability in their underlying reference architecture that would allow an attacker full remote control of the device. The footprint for the affected devices numbers in the hundreds of millions worldwide...

9.3CVSS9.8AI score0.26869EPSS
Exploits3References8
ThreatPost
ThreatPost
added 2019/03/22 9:28 p.m.228 views

Firefox and Edge Fall to Hackers on Day Two of Pwn2Own

Hackers took down the Mozilla Firefox and Microsoft Edge browsers on Thursday at Pwn2Own, the annual hacking conference held in tandem with CanSecWest, as the competition continued for a second day. The dynamic hacking duo of Amat Cama and Richard Zhu, which make up team Fluoroacetate, had anothe...

1.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/12/14 10:21 p.m.227 views

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot and more in the form of fake applications. The patch came as part of the computing giant’s December Patch Tuesday update, which included a total of 67 fixes for security vulnerabilities. Th...

10CVSS9.4AI score0.50628EPSS
Exploits6References23
ThreatPost
ThreatPost
added 2021/02/12 7:3 p.m.227 views

Annoyingly Believable Tax Refund Scam Targets Mobile

A text message-based tax scam is making the rounds in the U.K., in a probable harbinger of things to come as the U.S. tax season gets underway in earnest. SMS messages are going out to unsuspecting U.K. citizens claiming to be from Her Majesty’s Revenue and Customs HMRC, the country’s...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/02 4:47 p.m.227 views

Virus Bulletin 2019: Japanese Attacks Highlight Savvy APT Strategy

LONDON — Three separate, multi-year APT campaigns targeting region-specific software showcase a savvy technique of leveraging zero-day vulnerabilities in niche software in order to infect victims with malware. According to researchers at JPCERT in Japan, speaking at Virus Bulletin 2019, both the...

10CVSS0.2AI score0.86863EPSS
Exploits18References3
ThreatPost
ThreatPost
added 2019/06/17 3:2 p.m.227 views

Microsoft Pushes Azure Users to Patch Linux Systems

Microsoft is warning customers that some Azure installations are vulnerable to a recently-disclosed critical Linux Exim mail server flaw that is under active attack. The warning comes after a widespread worm campaign was disclosed on Friday, targeting a flaw in the Exim mail transport agent MTA,...

7.5CVSS0.99961EPSS
Exploits27References5
ThreatPost
ThreatPost
added 2022/08/03 3:23 p.m.226 views

VMWare Urges Users to Patch Critical Authentication Bypass Bug

VMware and experts alike are urging users to patch multiple products affected by a critical authentication bypass vulnerability that can allow an attacker to gain administrative access to a system as well as exploit other flaws. The bug—tracked as CVE-2022-31656—earned a rating of 9.8 on the CVSS...

9.8CVSS9.2AI score0.18285EPSS
Exploits6References13
ThreatPost
ThreatPost
added 2022/03/23 3:28 p.m.226 views

Microsoft: Lapsus$ Used Employee Account to Steal Source Code

In a new blog post published last night, Microsoft confirmed that the Lapsus$ extortion group hacked one of its employee’s accounts to get “limited access” to project source code repositories. “No customer code or data was involved in the observed activities. Our investigation has found a single...

9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2022/01/13 5:35 p.m.226 views

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

U.S. Cyber Command has confirmed that MuddyWater – an advanced persistent threat APT cyberespionage actor aka Mercury, Static Kitten, TEMP.Zagros or Seedworm that’s historically targeted government victims in the Middle East – is an Iranian intelligence outfit. The link has been suspected, and no...

9CVSS8.9AI score0.99965EPSS
Exploits30References20
ThreatPost
ThreatPost
added 2021/06/30 4:8 p.m.226 views

Zero-Day Used to Wipe My Book Live Devices

Western Digital will start providing free data-recovery services in July for people whose data was wiped off their network-attached storage NAS devices last week, the company said in an update on Tuesday. The company is also planning to offer a trade-in program to get customers onto the cloud –...

10CVSS9.8AI score0.30284EPSS
Exploits1References18
ThreatPost
ThreatPost
added 2021/02/05 3:47 p.m.226 views

Google Chrome Zero-Day Afflicts Windows, Mac Users

Google is warning of a zero-day vulnerability in its V8 open-source web engine that’s being actively exploited by attackers. A patch has been issued in version 88 of Google’s Chrome browser — specifically, version 88.0.4324.150 for Windows, Mac and Linux. This update will roll out over the coming...

6.8CVSS9.9AI score0.19815EPSS
Exploits0References16
ThreatPost
ThreatPost
added 2022/02/16 10:34 p.m.225 views

TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands

Cyberattackers are targeting 60 different high-profile companies with the TrickBot malware, researchers have warned, with many of those in the U.S. The goal is to attack those companies’ customers, according to Check Point Research CPR, which are being cherry-picked for victimization. According t...

8.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/08/06 8:41 p.m.225 views

Golang Cryptomining Worm Offers 15% Speed Boost

A freshly discovered variant of the Golang crypto-worm was recently spotted dropping Monero-mining malware on victim machines; in a switch-up of tactics, the payload binaries are capable of speeding up the mining process by 15 percent, researchers said. According to research from Uptycs, the worm...

10CVSS9.9AI score0.99997EPSS
Exploits49References10
ThreatPost
ThreatPost
added 2021/02/12 8:17 p.m.225 views

Yandex Data Breach Exposes 4K+ Email Accounts

Yandex – one of Europe’s largest internet companies – is warning of a data breach that compromised 4,887 email accounts. The breach stems from an insider threat. Yandex is the most-used search engine in Russia – and the fifth most-popular search engine worldwide. Beyond its search engine, Yandex’...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/08/19 8:46 p.m.225 views

FritzFrog Botnet Attacks Millions of SSH Servers

A peer-to-peer P2 botnet called FritzFrog has hopped onto the scene, and researchers said it has been actively breaching SSH servers since January. SSH servers are pieces of software found in routers and IoT devices, among other machines, and they use the secure shell protocol to accept connectio...

9.6AI score0.26869EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/06 7:18 p.m.225 views

China's APT3 Pilfers Cyberweapons from the NSA

The advanced persistent threat APT group known as APT3, which researchers across the board link to the Chinese government, has built a full in-house battery of exploits and cybertools collectively dubbed “UPSynergy.” An analysis of the toolkit has uncovered a geopolitical cat-and-mouse spy game: ...

9.3CVSS7.9AI score0.93307EPSS
Exploits47References8
ThreatPost
ThreatPost
added 2012/10/19 7:1 p.m.225 views

Microsoft Settles With Kelihos Botnet Defendant, Says He Didn't Run the Network

Microsoft on Friday said it has reached a settlement with a Russian programmer it named as a defendant in a lawsuit related to the operation of the notorious Kelihos botnet. The company said that it no longer believes Andrey N. Sabelnikov was the operator of the botnet, but was instead responsibl...

9.3CVSS1.1AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2010/12/03 4:48 p.m.225 views

Inside Patch Tuesday at the Microsoft Security Response Center

In this video, Dustin Childs of the Microsoft Security Response Center gives an inside look at what it’s like in Redmond on Patch Tuesday and what goes into the efforts that Microsoft makes to get fixes out every month. View the video at Microsoft’s Security TechCenter...

9.3CVSS1.9AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/03/03 5:18 p.m.224 views

Phishing Campaign Targeted Those Aiding Ukraine Refugees

Cyberattackers used a compromised Ukrainian military email address to phish EU government employees who’ve been involved in managing the logistics of refugees fleeing Ukraine, according to a new report. Ukraine has been at the center of an unprecedented wave of cyberattacks in recent weeks and...

8.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/12/17 10:27 p.m.224 views

5M WordPress Sites Running 'Contact Form 7' Plugin Open to Attack

A patch for the popular WordPress plugin called Contact Form 7 was released Thursday. It fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version...

9.6AI score0.89626EPSS
Exploits4References11
ThreatPost
ThreatPost
added 2014/02/11 12:21 p.m.224 views

NTP Amplification Blamed for 400 Gbps DDoS Attack

For those of you who thought the infamous Spamhaus distributed denial-of-service attack set an ugly bar for the volume of spurious traffic sent at a target, gird yourself for worse. A massive DDoS attack, reaching at its peak 400 Gbps of bad traffic, was detected late yesterday against a number o...

5CVSS6.7AI score0.97549EPSS
Exploits23References6
ThreatPost
ThreatPost
added 2022/08/10 12:48 p.m.223 views

Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being exploited in the wild. The bug CVE-2022-34713 is tied to a Microsoft Windows Support Diagnostic Tool and allows a remote attacker to execute code on a vulnerable system. “The volume of fixes released...

9.8CVSS9.2AI score0.99374EPSS
Exploits62References10
ThreatPost
ThreatPost
added 2021/05/07 1:56 p.m.223 views

80% of Net Neutrality Comments to FCC Were Fudged

Broadband providers and a 19-year-old college student were among those who successfully hijacked public comments during a crucial decision-making process in 2017 to overturn net neutrality by flooding the Federal Communications Commission FCC with fraudulent comments indicating their position on...

5.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/07/12 1:50 p.m.223 views

Hacked Hair Straighteners Can Threaten Homes

Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners. Pen Test Partners decided to put the Glamoriser hair straightener through its securi...

7.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/02 9:23 p.m.223 views

Security Camera Firm Arlo Zaps High-Severity Bugs

Two high-severity vulnerabilities in Arlo Technologies’ wireless home security camera gear have been patched. The flaws, which indirectly impact Arlo’s popular fleet of wireless home security cameras, are limited to adversaries with local network and physical access to Arlo Base Stations. Both...

10CVSS0.01741EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/06/04 10:0 a.m.223 views

Infosecurity Europe: Cryptojacking is Making a Comeback

LONDON, UK – With cryptocurrency prices skyrocketing, the threat of cryptomining malware, used to mine various types of cryptocurrencies, is continuing to worry the security industry. Case in point: Recently researchers uncovered the Nansh0u campaign, a cryptojacking campaign that mines an...

7.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/05/26 12:1 p.m.222 views

‘Privateer’ Threat Actors Emerge from Cybercrime Swamp

A new type of cybercriminal is emerging in a cyber-threat landscape that’s historically been dominated by either state-sponsored threat actors or financially-motivated criminals that are hunted and prosecuted by law enforcement. Dubbed “privateers” by researchers at Cisco Talos Intelligence, thes...

7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/06/11 6:16 p.m.221 views

REvil Hits US Nuclear Weapons Contractor: Report

Sol Oriens, a subcontractor for the U.S. Department of Energy DOE that works on nuclear weapons with the National Nuclear Security Administration NNSA, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service RaaS gang. The Albuquerque, N.M...

7.2AI score
Exploits0References20
ThreatPost
ThreatPost
added 2020/05/04 7:23 p.m.221 views

Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack

Hackers targeted the publishing platform Ghost over the weekend, launching a cryptojacking attack against its servers that led to widespread outages. The attack stemmed from the exploit of critical vulnerabilities in SaltStack, used in Ghost’s server management infrastructure. Ghost is a free,...

7.5CVSS9.3AI score0.96405EPSS
Exploits25References12
ThreatPost
ThreatPost
added 2021/04/29 11:51 a.m.220 views

DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down

The ransomware gang identified as DoppelPaymer has leaked a substantial collection of files from the Illinois Office of the Attorney General OAG on a server controlled by the cybercriminal group. The move came after ransom negotiations between the two parties broke down following a ransomware...

0.3AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/03/12 9:42 p.m.220 views

Critical Security Bug Can Knock Smart Meters Offline

Critical security vulnerabilities in Schneider Electric smart meters could allow an attacker a path to remote code execution RCE, or to reboot the meter causing a denial-of-service DoS condition on the device. Schneider Electric’s PowerLogic ION/PM smart meter product line, like other smart meter...

0.4AI score0.02428EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2018/12/20 8:41 p.m.220 views

Huawei Router Flaw Leaks Default Credential Status

A vulnerability in some Huawei routers used for carrier ISP services allows cybercriminals to identify whether the devices have default credentials or not – without ever connecting to them. CVE-2018-7900 exists in the router panel and allows credentials information to leak – so attackers can simp...

10CVSS1.4AI score0.99975EPSS
Exploits29References4
ThreatPost
ThreatPost
added 2022/03/22 10:14 p.m.219 views

Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta

Both Microsoft and Okta are investigating claims by the new, precocious data extortion group Lapsus$ that the gang has breached their systems. Lapsus$ claimed to have gotten itself “superuser/admin” access to internal systems at authentication firm Okta. It also posted 40GB worth of files to its...

8.8AI score
Exploits0References28
ThreatPost
ThreatPost
added 2010/02/13 5:47 p.m.219 views

Former Researcher Iceman Sentenced to 13 Years

A former security researcher turned criminal hacker has been sentenced to 13 years in federal prison for hacking into financial institutions and stealing credit card account numbers. Max Ray Butler, who used the hacker pseudonym Iceman, was sentenced Friday morning in U.S. District Court in...

1.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2022/03/18 6:53 p.m.218 views

DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

An advanced persistent threat APT group has been targeting luxury hotels in Macao, China with a spear-phishing campaign aimed at breaching their networks and stealing the sensitive data of high-profile guests staying at resorts, including the Grand Coloane Resort and Wynn Palace. A threat researc...

8.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/11/19 2:56 p.m.218 views

Macy's Suffers Data Breach by Magecart Cybercriminals

The department store Macy’s is warning that web skimmer malware was discovered on Macys.com collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card...

8.3AI score0.0552EPSS
Exploits1References19
ThreatPost
ThreatPost
added 2013/11/06 11:21 a.m.218 views

Attacks on New Microsoft Zero Day Using Multi-Stage Malware

Attackers exploiting the Microsoft Windows and Office zero day revealed yesterday are using an exploit that includes a malicious RAR file as well as a fake Office document as the lure, and are installing a wide variety of malicious components on newly infected systems. The attacks seen thus far a...

9.3CVSS1.3AI score0.88246EPSS
Exploits19References4
ThreatPost
ThreatPost
added 2022/03/30 4:29 p.m.217 views

Lapsus$ ‘Back from Vacation’

The Lapsus$ data extortionists are back from a week-long “vacation,” they announced on Telegram, posting 70GB worth of data purportedly stolen from software development giant Globant. “We are officially back from a vacation,” the gang wrote on their Telegram channel, posting images of exfiltrated...

8.8AI score
Exploits0References21
ThreatPost
ThreatPost
added 2022/03/21 2:22 p.m.217 views

Bridgestone Hit as Ransomware Torches Toyota Supply Chain

On Friday, Bridgestone Corp. admitted that a subsidiary experienced a ransomware attack in February, prompting it to shut down the computer network and production at its factories in North and Middle America for about a week, said Reuters. Among other things, Bridgestone is a major supplier of...

8.6AI score
Exploits0References16
ThreatPost
ThreatPost
added 2022/03/22 3:42 p.m.216 views

FIDO: Here’s Another Knife to Help Murder Passwords

We all hate passwords, but none of us want to make logging into our accounts a hassle with extra time, steps and devices. That’s why the Fast Identity Online Alliance FIDO published a white paper PDF on Thursday, outlining different use cases for the adoption of their FIDO2 set of specifications...

8.7AI score
Exploits0References19
Total number of security vulnerabilities5000