Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/02/19 9:6 p.m.206 views

Malformed URL Prefix Phishing Attacks Spike 6,000%

Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using “malformed URL prefixes” to evade protections and deliver phishing emails that look legit. They look legit, that is, unless you look closely at the symbols used in the prefix before the URL. “The URL...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/10/10 8:37 p.m.206 views

vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

Hackers have stolen the account details of 250,000 users of Dutch sex-work forum Hookers.nl – including email addresses of both escorts and customers. The website provides a forum for escorts and customers to discuss sex work — including clients discussing their experiences with sex workers. A...

7.5CVSS9.5AI score0.99728EPSS
Exploits27References9
ThreatPost
ThreatPost
added 2021/07/21 5:31 p.m.205 views

Indictments, Attribution Unlikely to Deter Chinese Hacking

The federal government is fighting back against what it says are China-based cyberattacks against U.S. universities and companies with indictments and a “naming-and-shaming” approach — but researchers aren’t convinced the efforts will come to much in terms of deterring future activity. On Monday,...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/05/26 12:0 p.m.205 views

A Peek Inside the Underground Ransomware Economy

Ransomware is not just a type of malware – it’s also at the center of a sophisticated, flourishing underground economy that has all the conventions of legitimate commerce. It’s a community made up of major malware developers, affiliates and channel partners, and those that provide adjacent...

7.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/03/26 4:6 p.m.205 views

Insurance Giant CNA Hit with Novel Ransomware Attack

A novel ransomware attack forced insurance giant CNA to take systems offline and temporarily shutter its website. The attack occurred earlier this week and leveraged a new variant of the Phoenix CryptoLocker malware. The Chicago-based company—the seventh largest commercial insurance provider in t...

1.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/02/11 3:52 p.m.205 views

How Email Attacks are Evolving in 2021

Hundreds of thousands of dollars lost. Financial and emotional ruin. And in some cases, suicide. These are some of the outcomes business email compromise BEC attacks have on victims, said Ronnie Tokazowski, senior threat researcher with Agari. These type of attacks don’t garner the same attention...

Exploits0References27
ThreatPost
ThreatPost
added 2020/08/06 1:2 p.m.205 views

Black Hat 2020: 'Zero-Click' MacOS Exploit Chain Uses Microsoft Office Macros

A new “zero-click” MacOS exploit chain could allow attackers to deliver malware to MacOS users using a Microsoft Office document with macros. The attack bypasses security measures that both Microsoft and Apple have put in place to protect MacOS users from malicious macros. The exploit chain,...

6.8CVSS7.4AI score0.03264EPSS
Exploits0References16
ThreatPost
ThreatPost
added 2020/06/26 8:53 p.m.205 views

DarkCrewFriends Returns with Botnet Strategy

The hackers-for-hire group DarkCrewFriends has resurfaced and is targeting content management systems to build a botnet. The botnet can be marshalled into service to carry out a variety of criminal activities, including distributed denial-of-service DDoS attacks, command execution, information...

0.1AI score0.0552EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2018/09/05 5:48 p.m.205 views

Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild

It was only a matter of time before attacks were seen in the wild, and now it’s happened. A known threat actor has mounted a large cryptomining campaign using the recently disclosed Apache Struts 2 critical remote code-execution vulnerability. It uses a new malware designed for persistence and...

10CVSS9.9AI score0.99999EPSS
Exploits118References10
ThreatPost
ThreatPost
added 2017/10/16 11:46 a.m.205 views

Adobe Patches Flash Zero Day Exploited by Black Oasis APT

Adobe today released an out-of-band Flash Player update addressing a zero-day vulnerability being exploited by a little-known Middle Eastern APT group. The group known as Black Oasis was, as recently as this month, using exploits for the flaw to drop FinSpy as a payload. Sold by the controversial...

10CVSS8.6AI score0.99344EPSS
Exploits20References5
ThreatPost
ThreatPost
added 2021/06/17 1:0 p.m.204 views

Threat Actors Use Google Docs to Host Phishing Attacks

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims’ credentials. Researchers at email and collaboration security firm Avanan discovered the campaign, which is th...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/02/12 3:34 p.m.204 views

Florida Water Plant Hack: Leaked Credentials Found in Breach Database

Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week. Researchers at CyberNews said they found 11 credential pairs linked to the Oldsmar water plant, in a 2017 compilation of stolen breach credentials. Meanwhile, they als...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/01/13 2:0 p.m.204 views

CISOs Prep For COVID-19 Exposure Notification in the Workplace

With the potential of employees going back into the workplace on the horizon, chief information security officers CISOs are mulling applications that utilize exposure notifications in order to track COVID-19’s spread in the office. Steve Moore, chief security strategist with Exabeam, said he is...

6.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/10/26 5:12 p.m.204 views

Containerd Bug Exposes Cloud Account Credentials

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host’s registry or users’ cloud-account credentials. Containerd bills itself as a runtime tool that “manages the complete container lifecycle of its host system, from image transfer and storage to...

7.5CVSS7.2AI score0.26869EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2019/05/14 8:31 p.m.204 views

Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More

Apple has rolled out 173 patches across in various products across its hardware portfolio, including for dangerous bugs in macOS for laptops and desktops, iPhone, Apple TV and Apple Watch. The update also includes a patch for the side-channel vulnerabilities in Intel chips disclosed on Tuesday,...

9.3CVSS1.2AI score0.47537EPSS
Exploits12References12
ThreatPost
ThreatPost
added 2011/02/01 8:37 p.m.204 views

Fake AVG: Scam Software Cops Name and Logo of Real AV

We’ve noted for a while that the practices of rogue antivirus software have started to mimic those of legitimate antivirus software vendors. But a new version of FakeXPA scareware take things a bit further: posing as a legitimate commercial AV package, AVG Antivirus 2011. Microsoft’s Malware...

9.3CVSS2AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2019/06/12 10:52 p.m.203 views

Fishwrap Campaign Sways Social Media Users with Old News

An influence operation that recycles old news about terror incidents and re-publishes them as if they were new is making the rounds on social media, according to Recorded Future analysis. The technique, which the researchers have dubbed Fishwrap since it repurposes old news, is also using a speci...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/08/04 2:44 p.m.202 views

Phishing Campaign Dangles SharePoint File-Shares

Attackers are using spoofed sender addresses and Microsoft SharePoint lures in a new phishing campaign that is “sneakier than usual” and can slip through the usual security protections in its aim to fool people into giving up their credentials, Microsoft researchers discovered. Microsoft Security...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/02/26 9:26 p.m.202 views

Stalkerware Volumes Remain Concerningly High, Despite Bans

Tens of thousands of mobile users were infected by the class of software known generically as stalkerware last year. According to just-published research by Kaspersky, 2020 lockdowns related to the global COVID-19 pandemic put a damper on installations, but the scourge of privacy-busting software...

Exploits0References10
ThreatPost
ThreatPost
added 2020/04/24 5:11 p.m.202 views

News Wrap: Nintendo Account Hacks, Apple Zero Days, NFL Security

For the week ended April 24, Threatpost editors discuss the hottest cybersecurity news stories, including: Apple zero days disclosed in the iPhone iOS that researchers say have been exploited for years. Meanwhile, Apple has pushed back and said there’s no evidence to support such activity. Ninten...

9.9AI score0.26869EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2020/03/10 9:19 p.m.202 views

Microsoft Patches 26 Critical Bugs in Big March Update

Microsoft tackled 115 bug fixes as part of its March Patch Tuesday update – 26 rated critical and 88 rated medium severity. The bugs patched span its product catalog, from Azure DevOps to Windows 10. This month’s haul is notable in its quantity and that there are only a few stand-out bugs causing...

7.5CVSS0.99999EPSS
Exploits48References4
ThreatPost
ThreatPost
added 2020/01/24 7:27 p.m.202 views

Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings

UPDATE Cisco Systems has fixed a high-severity vulnerability in its popular Webex video conferencing platform, which could let strangers barge in on password-protected meetings – no authentication necessary. A remote attacker would not need to be authenticated to exploit the flaw, according to...

10CVSS0.8AI score0.92835EPSS
Exploits18References10
ThreatPost
ThreatPost
added 2019/07/29 1:23 p.m.202 views

‘WannaCry Hero’ Avoids Jail Time in Kronos Malware Charges

Marcus Hutchins, the researcher hailed for squashing the WannaCry ransomware outbreak in May 2017, has been spared jail time over the creation of the infamous Kronos banking malware. The 25-year-old British researcher was sentenced on Friday to time served and one year of supervised release over...

7.5CVSS0.6AI score0.9981EPSS
Exploits125References12
ThreatPost
ThreatPost
added 2010/09/17 5:48 p.m.202 views

Demo of ASP.NET Padding Oracle Attack

In this video, researchers Juliano Rizzo and Thai Duong demonstrate the technique they developed for stealing cryptographic keys for ASP.NET Web applications, enabling them to compromise virtually any app built on ASP.NET. You can read the full story of their attack in this article, “Padding Orac...

9.3CVSS4.6AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/02/23 5:20 p.m.201 views

Sextortion Rears Its Ugly Head Again

A new French-language sextortion campaign is making the rounds, researchers warn. As noted by Sophos researchers in a Monday report, sextortion is one of the oldest tricks in the book, but its popularity has waned in recent years due to effective cybersecurity, law enforcement crackdowns and the...

8.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/11/03 6:16 p.m.201 views

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted...

10CVSS9.2AI score0.99999EPSS
Exploits18References23
ThreatPost
ThreatPost
added 2021/07/26 10:9 p.m.201 views

IoT Piranhas Are Swarming Industrial Controls

Full transparency: Curtis Simpson, CISO at Armis, the enterprise IoT security company, was fundamentally a black hat at the age of 12, before he even knew what a black hat was. One day he got flooded over IRC and was fascinated: What just happened? And how did it happen? He’s since spent the vast...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/25 9:28 p.m.201 views

Fleeceware Apps Bank $400M in Revenue

About 204 different “fleeceware” applications with a combined billion+ downloads have raked in more than $400 million in revenue so far, via the Apple App Store and Google Play, analysis has revealed. Fleeceware apps generally offer users a free trial to “test” the app, before commencing automati...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/03/19 8:52 p.m.201 views

Critical F5 BIG-IP Flaw Now Under Active Attack

Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw CVE-2021-22986 exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full contro...

10CVSS10AI score0.99999EPSS
Exploits79References13
ThreatPost
ThreatPost
added 2021/02/16 4:50 p.m.201 views

Misconfigured Baby Cams Allow Unauthorized Viewing

A vulnerability affecting multiple baby monitors could allow someone to drop in and view a camera’s video stream, according to researchers. Potentially hundreds of thousands of live devices are impacted, they said. The issue exists in the manufacturers’ implementation of the Real-Time Streaming...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2017/06/07 2:36 p.m.201 views

Zusy Malware Installs Via Mouseover – No Clicking Required

Researchers are warning of several recent spam campaigns delivering PowerPoint files that when opened contain a mouseover link that installs a variant of the Zusy malware. The malware is novel because it does not rely on macros, JavaScript or VBA macros to be enabled for the dropper file to...

9.3CVSS8.4AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2017/04/20 12:15 p.m.201 views

Stuxnet LNK Exploits Still Widely Circulated

One of the alleged mandates around the development of the Stuxnet worm was that malware’s numerous components—which included a handful of zero days—should never escape the Natanz uranium enrichment facility in Iran. Eight years later, evidence continues to mount as to how that mandate was...

9.3CVSS0.5AI score0.99966EPSS
Exploits25References7
ThreatPost
ThreatPost
added 2022/02/07 10:13 p.m.200 views

Medusa Malware Joins Flubot’s Android Distribution Network

Flubot, the Android spyware that’s been spreading virally since last year, has hitched its infrastructure wagon up to another mobile threat known as Medusa. That’s according to ThreatFabric, which found that Medusa is now being distributed through the same SMS-phishing infrastructure as Flubot,...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/03/04 4:1 p.m.200 views

COVID-19 Vaccine Spear-Phishing Attacks Jump 26 Percent

As Moderna, Pfizer and Johnson & Johnson roll out COVID-19 vaccines cybercriminals are preying on the those hungry to get in line for immunization. Between October and January the average number of COVID-19 vaccine-related spear-phishing attacks grew 26 percent, said Barracuda Networks researcher...

0.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/09/21 7:29 p.m.200 views

DHS Issues Dire Patch Warning for ‘Zerologon’

Federal agencies that haven’t patched their Windows Servers against the ‘Zerologon’ vulnerability by Monday Sept. 21 at 11:59 pm EDT are in violation of a rare emergency directive issued by the Secretary of Homeland Security. With only hours until the deadline for the directive, issued on Friday,...

9.3CVSS1.6AI score0.99512EPSS
Exploits75References11
ThreatPost
ThreatPost
added 2019/12/03 5:18 p.m.200 views

Critical Android Flaw Leads to 'Permanent DoS’

Google has released an update stomping out three critical-severity vulnerabilities in its Android operating system — one of which could result in “permanent denial of service” on affected mobile devices if exploited. The vulnerabilities are part of Google’s December 2019 Android Security Bulletin...

10CVSS1.3AI score0.06342EPSS
Exploits2References8
ThreatPost
ThreatPost
added 2019/01/25 6:43 p.m.200 views

Phishing Campaign Delivers Nasty Ransomware, Credential-Theft Two-Punch

An array of phishing emails harboring Word attachments with embedded macros have been infecting systems with a deadly malware and ransomware duo. The campaign, spotted by researchers at Carbon Black, has hit infected systems with a lethal attack combination that harvests credentials, gathers syst...

2.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/07/18 1:26 p.m.200 views

Researchers Crack Furtim, SFG Malware Connection

New research is challenging what security researchers know about Furtim, a new malware strain that has been compared to Stuxnet because of its believed targeting of industrial controls in energy companies. According to security experts at Damballa, Furtim and the recently discovered SFG malware a...

7.2CVSS8.5AI score0.87042EPSS
Exploits60References4
ThreatPost
ThreatPost
added 2021/06/23 4:53 p.m.199 views

Pandemic-Bored Attackers Pummeled Gaming Industry

Attacks on the gaming industry skyrocketed during the year of the pandemic, with attacks on web applications shooting up 340 percent in 2020. According to Akamai Technologies’ latest State of the Internet and Security report, Gaming in a Pandemic PDF, cyberattack traffic targeting the video game...

7.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/04/20 8:40 p.m.199 views

Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock

The Mozilla Foundation fixed a flaw in its Firefox browser that allowed spoofing of the HTTPS secure communications icon, displayed as a padlock in the browser address window. Successful exploitation of the flaw could have allowed a rogue website to intercept browser communications. The patch was...

8.5AI score0.01214EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/04/06 9:5 p.m.199 views

A Brisk Private Trade in Zero-Days Widens Their Use

There were more zero-days exploited in 2019 than any of the previous three years, according to telemetry from FireEye Mandiant. The firm said that’s likely due to more zero-days coming up for sale by cyber-weapons dealers like NSO Group; a growing commercial market has made such tools much more...

7.5CVSS8.8AI score0.72105EPSS
Exploits29References18
ThreatPost
ThreatPost
added 2020/02/18 11:0 a.m.199 views

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

Fresh firmware vulnerabilities in Wi-Fi adapters, USB hubs, trackpads and cameras are putting millions of peripheral devices in danger of a range of cyberattacks, according to research from Eclypsium. TouchPad and TrackPoint firmware in Lenovo Laptops, HP Wide Vision FHD camera firmware in HP...

9.9AI score0.26869EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/16 6:58 p.m.199 views

Marketing Analytics Company Leaks Deep Profiles of Entire Ecuador Population

The entire population of Ecuador has been impacted by an open database on an unsecured server, housing a massive amount of personal information collected from public-sector sources by a marketing analytics company. The leaked database, which was found by vpnMentor’s research team, includes record...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/04/26 5:47 p.m.199 views

GoDaddy Shutters 15,000 Subdomains Tied to 'Snake Oil' Scams

Researchers at the security firm Palo Alto Networks worked with domain registrar and web hosting firm GoDaddy to shut down 15,000 subdomains pitching ‘snake oil’ products and other scams. The takedowns are linked to affiliate marketing campaigns peddling everything from weight-loss solutions and...

9CVSS9.5AI score0.99965EPSS
Exploits85References7
ThreatPost
ThreatPost
added 2019/04/29 8:31 p.m.198 views

Malware Infests Popular Pirate Streaming Hardware

You get what you pay for when you pirate content. That’s the takeaway from the latest report by Digital Citizens Alliance. It found that pirating hardware, which enables free streaming copyright-protected content, comes packed with malicious malware. The devices give criminals easy access to rout...

9CVSS8.7AI score0.99965EPSS
Exploits30References8
ThreatPost
ThreatPost
added 2015/06/03 7:37 a.m.198 views

Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug

An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the Debian OpenSSL bug disclosed seven years ago. The public SSH keys that users associate with their GitH...

0.4AI score0.99993EPSS
Exploits41References2
ThreatPost
ThreatPost
added 2012/09/14 5:25 p.m.198 views

Tool Scans for RTF Files Spreading Malware in Targeted Attacks

Exploits embedded inside Microsoft Office documents such as Word, PDFs and Excel spreadsheets have been at the core of many targeted attacks during the past 24 months. Detection of these attack methods is improving and nimble hackers are recognizing the need for new avenues into enterprise...

9.3CVSS7.3AI score0.99966EPSS
Exploits12References6
ThreatPost
ThreatPost
added 2022/02/25 6:49 p.m.197 views

6 Cyber-Defense Steps to Take Now to Protect Your Company

The headlines feel like Groundhog Day, if each of Bill Murray’s repeated days grew increasingly threatening: Ransomware attacks rise again. Ransomware attacks up over last quarter. Ransomware attacks tower over previous year. You get the idea. And yet again, a new report from Ivanti sends a clear...

9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/04/24 12:15 p.m.197 views

Apple Pushes Back Against Zero-Day Exploit Claims

Apple has pushed back against claims that two zero-day bugs in its iPhone iOS have been exploited for years, saying it’s found no evidence to support such activity. Apple officials made the statement in response to a widely disseminated report published Wednesday by ZecOps, which claimed that two...

Exploits0References6
ThreatPost
ThreatPost
added 2019/10/02 7:58 p.m.197 views

Why This New Cybergang is Heralding a New Age For BEC

A newly-uncovered business email compromise BEC cybergang, dubbed Silent Starling, has found success using a tricky technique to swindle funds from more than 500 organizations worldwide. The West African cybergang has been using a method that researchers with Agari – who discovered them in late...

7.1AI score
Exploits0References10
Total number of security vulnerabilities5000