Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/03/09 8:44 p.m.216 views

Adobe Critical Code-Execution Flaws Plague Windows Users

Adobe has issued patches for a slew of critical security vulnerabilities, which, if exploited, could allow for arbitrary code execution on vulnerable Windows systems. Affected products include Adobe’s Framemaker document processor, designed for writing and editing large or complex documents;...

6.8CVSS2.2AI score0.8621EPSS
Exploits2References11
ThreatPost
ThreatPost
added 2020/08/18 2:14 p.m.216 views

AWS Cryptojacking Worm Spreads Through the Cloud

A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services AWS cloud and collecting credentials. Once the logins are harvested, the malware logs in and deploys the XMRig mining tool to mine Monero cryptocurrency. According to researchers at Cado Security, the...

0.26869EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/25 2:44 p.m.216 views

Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs

Graphics chipmaker Nvidia has fixed two high-severity flaws in its graphics drivers. Attackers can exploit the vulnerabilities to view sensitive data, gain escalated privileges or launch denial-of-service DoS attacks in impacted Windows gaming devices. Nvidia’s graphics driver also known as the G...

4.6CVSS0.8AI score0.0552EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2020/01/07 5:4 p.m.216 views

Sodinokibi Ransomware Behind Travelex Fiasco: Report

The Sodinokibi ransomware strain is apparently behind the New Year’s Eve attack on foreign currency-exchange giant Travelex, which has left its customers and banking partners stranded without its services. The criminals behind the attack are demanding a six-figure sum in return for the decryption...

7.5CVSS0.99999EPSS
Exploits34References18
ThreatPost
ThreatPost
added 2019/09/04 9:24 p.m.216 views

Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn

UPDATE Researchers are warning of a high-severity zero-day vulnerability in Google’s Android operating system, which if exploited could give a local attacker escalated privileges on a target’s device. The specific flaw exists within the v4l2 Video4Linux 2 driver, which is the Android media driver...

10CVSS2.1AI score0.74041EPSS
Exploits9References10
ThreatPost
ThreatPost
added 2019/05/14 3:21 p.m.216 views

Linux Kernel Flaw Allows Remote Code-Execution

Millions of Linux systems could be vulnerable to a high-impact race condition flaw in the Linux kernel. Kernel versions prior to 5.0.8 are affected by the vulnerability CVE-2019-11815, which exists in the rdstcpkillsock in net/rds/tcp.c. “There is a race condition leading to a use-after-free UAF,...

9.3CVSS0.5AI score0.04458EPSS
Exploits1References12
ThreatPost
ThreatPost
added 2019/02/01 9:35 p.m.216 views

Houzz Urges Password Resets After Data Breach

Interior decorating website Houzz on Friday issued a notice that user data – including usernames, passwords and IP addresses – had been accessed by an “unauthorized third party.” Houzz connects consumers to varying home-goods departments or professionals for purchasing furniture. The Palo Alto,...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/04/29 4:17 p.m.215 views

COVID-19 Results for 25% of Wyoming Accidentally Posted Online

The Wyoming Department of Health WDH said on Wednesday it accidentally posted COVID test results of state residents onto their public-facing storage buckets. The WDH said in a public advisory that an employee fumbled the health information of about 164,021 Wyoming residents and of people from oth...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/10/05 9:11 p.m.215 views

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Two high-severity vulnerabilities in Post Grid, a WordPress plugin with more than 60,000 installations, opens the door to site takeovers, according to researchers. To boot, nearly identical bugs are also found in Post Grid’s sister plug-in, Team Showcase, which has 6,000 installations. The issues...

10AI score0.26869EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2022/06/10 11:2 a.m.214 views

Potent Emotet Variant Spreads Via Stolen Email Credentials

Emotet’s resurgence in April seems to be the signal of a full comeback for what was once dubbed “the most dangerous malware in the world,” with researchers spotting various new malicious phishing campaigns using hijacked emails to spread new variants of the malware. The “new and improved” version...

9.3CVSS8.7AI score0.99945EPSS
Exploits33References17
ThreatPost
ThreatPost
added 2021/08/30 5:31 p.m.214 views

Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping

A serious security vulnerability in Microsoft Exchange Server that researchers have dubbed ProxyToken could allow an unauthenticated attacker to access and steal emails from a target’s mailbox. Microsoft Exchange uses two websites; one, the front end, is what users connect to in order to access...

9.8CVSS9.6AI score0.99999EPSS
Exploits68References5
ThreatPost
ThreatPost
added 2021/04/29 1:58 p.m.214 views

Anti-Vaxxer Hijacks QR Codes at COVID-19 Check-In Sites

Quick-response QR codes used by a COVID-19 contact-tracing program were hijacked by a man who simply slapped up scam QR codes on top to redirect users to an anti-vaccination website, according to local police. He now faces two counts of “obstructing operations carried out relative to COVID-19 und...

7.1AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/02/18 4:34 p.m.214 views

Mac Malware Targets Apple’s New M1 Processor

Three months after Apple launched its new M1 system-on-a-chip SoC, cybercriminals have developed what may be the first malicious macOS application targeting the mobile giant’s first in-house silicon. Click to Register The recently uncovered malicious application, called GoSearch22, natively runs ...

7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/07/12 8:23 p.m.214 views

Heather Mills Gets An Apology and 'Substantial' Settlement in Spyware Case

The 2010-2011 News of the World phone hacking scandal – in which it was revealed that the tabloid dropped malware on celebrity targets’ phones in order to gather dirt for news stories – is still playing out in court. The latest is a settlement for a “substantial” sum paid to Heather Mills and her...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/12 4:9 p.m.214 views

Unusual Linux Ransomware Targets NAS Servers

A rare instance of ransomware targeting Linux-based file storage systems network-attached storage servers, specifically has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2017/05/05 2:11 p.m.214 views

Supply Chain Update Software Unknowingly Used in Attacks

Microsoft said a recent attack it calls Operation WilySupply utilized the update mechanism of an unnamed software editing tool to infect targets in the finance and payment industries with in-memory malware. The unnamed editing tool was used to send unsigned malicious updates to users in targeted...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/02/23 9:29 p.m.213 views

Samsung Screwed Up Encryption on 100M Phones

Samsung shipped an estimated 100 million smartphones with botched encryption, including models ranging from the 2017 Galaxy S8 on up to last year’s Galaxy S21. Researchers at Tel Aviv University found what they called “severe” cryptographic design flaws that could have let attackers siphon the...

6CVSS8.4AI score0.00757EPSS
Exploits0References13
ThreatPost
ThreatPost
added 2021/06/10 1:14 p.m.213 views

JBS Paid $11M to REvil Gang Even After Restoring Operations

JBS Foods paid the equivalent of $11 million in ransom after a cyber-attack that forced the company to shut down some operations in the United States and Australia over the Memorial Day weekend. The company made the payment to cybercriminals to ensure the protection of its data and mitigate any...

7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/02/11 3:3 p.m.213 views

Various Malware Lurks in Discord App to Target Gamers

A rise in online gaming, tied to pandemic-mandated social distancing, has led to a spike in criminals targeting the demographic. The latest effort to exploit the trend is malicious files planted inside the Discord platform designed to trick users into downloading malware-laced files. Researchers...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/10 7:7 p.m.213 views

Hybrid, Older Users Most-Targeted by Gmail Attackers

Users whose personal details have been exposed by a third-party breach, Australians, older folks and those who use both desktops and mobile devices are at the highest risk of becoming the victim of a malicious email attack, according to Google and researchers from Stanford, who teamed up to...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/10/21 6:57 p.m.213 views

Cisco Warns of Severe DoS Flaws in Network Security Software

Cisco has stomped out a slew of high-severity vulnerabilities across its lineup of network-security products. The most severe flaws can be exploited by an unauthenticated, remote attacker to launch a passel of malicious attacks — from denial of service DoS to cross-site request forgery CSRF. The...

8.3CVSS1.7AI score0.11685EPSS
Exploits0References16
ThreatPost
ThreatPost
added 2019/06/21 9:13 p.m.213 views

MobOk Malware Hides in Photo Editors on Google Play, Siphons Cash

A powerful money-siphoning malware known as MobOk has been found hiding in seemingly legitimate photo editing apps available on the Google Play store. The Pink Camera and Pink Camera 2 apps, now removed, had been installed around 10,000 times, according to researchers at Kaspersky. They included...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/04/30 9:24 p.m.213 views

Fake Jason Statham Bilks a Fan Out of Serious Money

English actor Jason Statham – a.k.a. “the Transporter” – is cozying up to people who like his Facebook page – or at least, someone purporting to be him is. A fraudster managed to bilk a vulnerable and unsuspecting Statham fan out of a “significant amount” of money after approaching her while she...

9CVSS0.2AI score0.99965EPSS
Exploits30References6
ThreatPost
ThreatPost
added 2019/01/24 4:41 p.m.213 views

ThreatList: Credential-Sniffing Phishing Attacks Erupted in 2018

Phishing attacks have continued to grow over the past year – but now, it appears that more bad actors are launching these tricky attacks in hopes of scooping up credentials, rather than a previously-popular goal of infecting victims’ devices with malware. The new trend was outlined by Proofpoint...

0.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2012/05/09 3:15 a.m.218 views

Carrier IQ Hires a Chief Privacy Officer

Carrier IQ, a startup heavily bruised last fall by harsh criticism of its handset diagnostic software, today announced it’s hired a high-profile lawyer as its Chief Privacy Officer. According to a news release, Magnolia Mansourkia Mobley, a CIPP and former Verizon executive, will be tasked with...

7.5CVSS1.7AI score0.99998EPSS
Exploits42References1
ThreatPost
ThreatPost
added 2021/02/11 4:3 p.m.212 views

Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims

A posse of alleged SIM-swapping cybercriminals has been rounded up across Europe by law-enforcement after the crooks finagled more than $100 million from U.S. celebrities and their families. Eight people in the U.K. were arrested in connection with the crime ring, in addition to individuals in...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/11/05 3:16 p.m.212 views

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux versions of its AnyConnect Secure Mobility Client Software. While Cisco said it is not aware of any exploits in the wild for the vulnerability, it said Proof-of-Concept PoC exploit...

0.8AI score0.07935EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2019/06/12 1:0 p.m.212 views

New FormBook Dropper Harbors Obfuscation, Persistence

Researchers are warning that a future data-theft attack may be brewing after discovering a new sample of the FormBook malware, with a never-before-seen dropper — i.e. a malicious file that is used in the initial infection stage and installs malware on the system. FormBook, a browser form-stealer...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/03/29 3:42 p.m.211 views

PHP Infiltrated with Backdoor Malware

The PHP project on Sunday announced that attackers were able to gain access to its main Git server, uploading two malicious commits, including a backdoor. They were discovered before they went into production. PHP is a widely used open-source scripting language often used for web development. It...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/01/05 10:28 p.m.211 views

RCE 'Bug' Found and Disputed in Popular PHP Scripting Framework

Versions of the popular developer tool Zend Framework and its successor Laminas Project can be abused by an attacker to execute remote code on PHP-based websites, if they are running web-based applications that are vulnerable to attack. However, those that maintain Zend Framework emphasize that t...

9.8AI score0.75313EPSS
Exploits3References10
ThreatPost
ThreatPost
added 2020/12/02 8:17 p.m.211 views

Xerox DocuShare Bugs Allow Data Leaks

Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data. On Wednesday, the Cybersecurity and Infrastructure Security Agency...

7.5CVSS0.6AI score0.9927EPSS
Exploits9References9
ThreatPost
ThreatPost
added 2020/02/05 4:0 p.m.211 views

Critical Cisco 'CDPwn' Protocol Flaws Explained: Podcast

Researchers on Wednesday disclosed five critical vulnerabilities in Cisco Discovery Protocol CDP, the Cisco Proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco equipment. Researchers say that the vulnerabilities, which they collectively call CDPw...

8.3CVSS0.2AI score0.26869EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2019/12/18 7:14 p.m.211 views

Microsoft Issues Out-of-Band Update for SharePoint Bug

UPDATE Microsoft has added a fresh CVE to its security portal, linking it to the existing November security updates the patch itself was already included in the updates, but not specifically named. The CVE describes a vulnerability in SharePoint Server. According to a Microsoft Security Advisory,...

7.2CVSS0.74438EPSS
Exploits10References4
ThreatPost
ThreatPost
added 2019/01/22 3:21 p.m.211 views

Adobe Issues Unscheduled Updates for Experience Manager Platform

Adobe has issued unscheduled patches for vulnerabilities rated “important” across its Experience Manager platform, which allows developers to create mobile apps, social campaigns and landing pages. Overall, Adobe issued three fixes, including an “important” flaw CVE-2018-19726 and a “moderate” fl...

10CVSS7.9AI score0.08414EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2022/02/25 9:32 p.m.210 views

TrickBot Takes a Break, Leaving Researchers Scratching Their Heads

The group behind the TrickBot malware is back after an unusually long lull between campaigns, according to researchers — but it’s now operating with diminished activity. They concluded that the pause could be due to the TrickBot gang making a large operational shift to focus on partner malware,...

8.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/23 11:58 a.m.209 views

Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE

An unpatched stored cross-site-scripting XSS security vulnerability affecting Linux marketplaces could allow unchecked, wormable supply-chain attacks, researchers have found. The bug was found to affect Pling-based markets by researchers at Positive Security, including AppImage Hub, Gnome-Look, K...

6.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/11 9:9 p.m.209 views

Bugs Lurking in Cisco UC Provisioning Platform

The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...

10CVSS7.8AI score0.03023EPSS
Exploits3References5
ThreatPost
ThreatPost
added 2020/12/09 7:53 p.m.209 views

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

The SideWinder advanced persistent threat APT group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan...

9.3CVSS8.4AI score0.99945EPSS
Exploits60References6
ThreatPost
ThreatPost
added 2020/05/11 3:38 p.m.209 views

Millions of Thunderbolt-Equipped Devices Open to 'ThunderSpy' Attack

A new attack enables bad actors to steal data from Windows or Linux devices equipped with Thunderbolt ports – if they can get their hands on the device for just five minutes. The attack, called “Thunderspy,” specifically targets Thunderbolt technology, which is a hardware interface developed by...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/04/10 5:19 p.m.209 views

Critical VMware Bug Opens Up Corporate Treasure to Hackers

A critical information-disclosure bug in VMware’s Directory Service vmdir could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers. The vmdir is part of VMware’s vCenter Server product, which provides centralized management of virtualized hosts and...

9.3CVSS8.9AI score0.90384EPSS
Exploits20References8
ThreatPost
ThreatPost
added 2020/02/10 9:7 p.m.209 views

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver

The operators behind the RobbinHood ransomware are using a vulnerable, legacy driver from Taiwan-based motherboard manufacturer Gigabyte in order to get around antivirus protections. The “bring-your-own-bug” tactic is likely to crop up in other attacks going forward, according to security analyst...

7.2CVSS1.1AI score0.07799EPSS
Exploits18References5
ThreatPost
ThreatPost
added 2019/05/15 4:48 p.m.209 views

Intel ZombieLoad Side-Channel Attack: 10 Takeaways

Intel on Tuesday revealed a new class of speculative execution vulnerabilities, dubbed Microarchitectural Data Sampling MDS, which impact all its modern CPUs. The flaws all ultimately depend on different ways of executing side channel attacks to siphon data from impacted systems – and result in...

4.7CVSS0.1AI score0.01553EPSS
Exploits0References25
ThreatPost
ThreatPost
added 2019/04/17 5:32 p.m.209 views

State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally

A newly-discovered state-sponsored campaign is targeting national security organizations across the Middle East and North Africa MENA – and elsewhere – with domain name system DNS hijacking attacks, used to scoop up credentials. The campaign, dubbed “Sea Turtle” by the Cisco Talos researchers who...

9CVSS0.3AI score0.99993EPSS
Exploits114References9
ThreatPost
ThreatPost
added 2019/02/12 6:16 p.m.208 views

Xiaomi M365 Electric Scooter Hacked and Remotely Controlled

A serious design flaw in a popular electric scooter has allowed researchers to hack into it when they were up to 100 meters away – and ultimately force it to brake or speed up. Researchers at Zimperium on Tuesday released a proof-of-concept PoC for the attack, which impacts Xiaomi M365 scooters...

1.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/02/10 11:16 p.m.207 views

Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares

The shackles have been broken for victims of Maze/Egregor/Sekhmet ransomware: On Wednesday, decryption keys were released for all three ransomware strains in a forum post. The liberator, using the handle “Topleak,” described themselves as the developer of the three ransomwares. It’s been lovely,...

8.6AI score
Exploits0References21
ThreatPost
ThreatPost
added 2021/03/11 6:1 p.m.207 views

Microsoft Exchange Servers Face APT Attack Tsunami

Recently patched Microsoft Exchange vulnerabilities are under fire from at least 10 different advanced persistent threat APT groups, all bent on compromising email servers around the world. Overall exploitation activity is snowballing, according to researchers. Microsoft said in early March that ...

7.5CVSS9.9AI score0.99999EPSS
Exploits66References19
ThreatPost
ThreatPost
added 2021/03/03 9:49 p.m.207 views

Unpatched Bug in WiFi Mouse App Opens PCs to Attack

The mobile application called WiFi Mouse, which allows users to control mouse movements on a PC or Mac with a smartphone or tablet, has an unpatched bug allowing adversaries to hijack desktop computers, according to researcher Christopher Le Roux who found the flaw. Impacted is the Android app’s...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/11/10 9:12 p.m.207 views

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

Microsoft’s November Patch Tuesday roundup of security fixes tackled an unusually large crop of remote code execution RCE bugs. Twelve of Microsoft’s 17 critical patches were tied to RCE bugs. In all, 112 vulnerabilities were patched by Microsoft, with 93 rated important, and two rated low in...

4.3CVSS0.5AI score0.5063EPSS
Exploits3References11
ThreatPost
ThreatPost
added 2021/10/27 7:13 p.m.206 views

Adobe’s Surprise Security Bulletin Dominated by Critical Patches

Adobe has dropped a mammoth out-of-band security update this week, addressing 92 vulnerabilities across 14 products. The majority of the disclosed bugs are critical-severity problems, and most allow arbitrary code execution ACE. Privilege escalation, denial-of-service and memory leaks/information...

9.3CVSS8AI score0.05468EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/05/21 5:30 p.m.206 views

WP Statistics Bug Lets Attackers Lift Sites’ Data

WP Statistics, a plugin installed on more than 600,000 WordPress websites, has an SQL-injection security vulnerability that could let site visitors make off with all kinds of sensitive information from web databases, including emails, credit-card data, passwords and more. WP Statistics, as its na...

7.5CVSS7.9AI score0.29776EPSS
Exploits3References6
Total number of security vulnerabilities5000