Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/07/30 2:56 p.m.197 views

Nation-State Actors Go All-In on Mobile Malware

APTs, including a range of nation-state groups operating in China, North Korea, Pakistan and Russia, are shifting their malware development focus to target mobile users for intelligence gathering, financial gain and disruption of national rivals. That’s according to CrowdStrike’s Mobile Threat...

0.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/27 9:48 p.m.197 views

Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack

UDPATE Cisco Systems issued 24 patches Wednesday tied to vulnerabilities in its IOS XE operating system and warned customers that two small business routers RV320 and RV325 are vulnerable to attack and that no patches are available for either. A total of 19 of the bugs were rated high severity by...

10CVSS2.9AI score0.99876EPSS
Exploits39References10
ThreatPost
ThreatPost
added 2022/03/04 4:56 p.m.196 views

Free HermeticRansom Ransomware Decryptor Released

A free decryptor is out to unlock a ransomware found piggybacking on the HermeticWiper data wiper malware that ESET and Broadcom’s Symantec discovered targeting machines at financial, defense, aviation and IT services outfits in Ukraine, Lithuania and Latvia last week. The fact that there was...

8.8AI score
Exploits0References21
ThreatPost
ThreatPost
added 2021/07/08 8:29 p.m.196 views

Oil & Gas Targeted in Year-Long Espionage Campaign

A sophisticated campaign targeting large international companies in the oil and gas sector has been underway for more than a year, researchers said, spreading common remote access trojans RATs for cyber-espionage purposes. According to Intezer analysis, spear-phishing emails with malicious...

7.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/06/17 5:6 p.m.196 views

Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes

A pair of billing and tech support “vishing” attacks using Geek Squad and Norton Antivirus as cover managed to hit 25,000 mailboxes recently, questing after victims’ credit-card details. Vishing a contraction of “voice phishing” generally involves stealing personal information from victims over t...

6.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/04 5:21 p.m.196 views

National Surveillance Camera Rollout Roils Privacy Activists

While controversy over the potential overreach of neighborhood and law-enforcement video surveillance has focused mainly on Ring, an Atlanta-based startup has quietly rolled out its own network of smart surveillance cameras across the country that is again raising questions of privacy and the ire...

Exploits0References13
ThreatPost
ThreatPost
added 2020/06/30 1:48 p.m.196 views

CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication. The...

9.3CVSS0.8AI score0.0552EPSS
Exploits2References9
ThreatPost
ThreatPost
added 2019/10/17 2:35 p.m.196 views

Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws

Cisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points APs used by mid-size enterprises in their offices or small warehouses. It also issued a slew of additional patches addressin...

10CVSS1.5AI score0.02994EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2021/06/17 4:47 p.m.195 views

CVS Health Records for 1.1 Billion Customers Exposed

More than 1 billion records for CVS Health customers were left in the database of a third-party, unnamed vendor – exposed, unprotected, online. Researchers said the data points revealed could be strung together to create an extremely personal snapshot of someones’s medical situation. The glitch i...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/05 8:45 p.m.195 views

U.S. Weapons Programs Lack 'Key' Cybersecurity Measures

Weapons programs from the U.S. Department of Defense DoD are falling short when it comes to incorporating cybersecurity requirements, according to a new watchdog report. While the DoD has developed a range of policies aimed at hardening the security for its weapon systems, the guidance leaves out...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/05 7:52 p.m.195 views

Sprawling Cyberattack Breaches Several Airlines

A communications and IT vendor for 90 percent of the world’s airlines, SITA, has been breached, compromising passenger data stored on the company’s U.S. servers in what the company is calling a “highly sophisticated attack.” The affected servers are in Atlanta, and belong to the SITA Passenger...

1.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/27 1:23 p.m.195 views

Hackers Sell Data from 26 Million LiveJournal Users on Dark Web

A database containing credentials from more than 26 million LiveJournal accounts has been leaked online and is being sold on the Dark Web and hacker forums. The data contained in the files appears to be from a 2014 incident in which 33 million accounts were hacked, according to a published report...

7.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/10/18 8:4 p.m.195 views

Microsoft Tackles Election Security with Bug Bounties

As the 2020 presidential election draws closer and primary season looms around the corner, Microsoft has launched a bug-bounty program specifically aimed at its ElectionGuard product, which the software giant has positioned as performing “end-to-end verification of elections.” ElectionGuard is a...

9.3CVSS8.4AI score0.99965EPSS
Exploits105References9
ThreatPost
ThreatPost
added 2012/04/03 9:13 p.m.195 views

Microsoft to Investigate Alleged Xbox Credit Card Hack

Microsoft is looking into a potential security issue affecting its Xbox 360 video game console this week after a group of college students claimed they were able to extract the credit card information of a console’s previous owner from the machine. Ashley Podhradsky, Rob D’Ovidio, and Cindy Casey...

9.3CVSS0.3AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2021/05/03 5:51 p.m.194 views

Deepfake Attacks Are About to Surge, Experts Warn

Artificial intelligence and the rise of deepfake technology is something cybersecurity researchers have cautioned about for years and now it’s officially arrived. Cybercriminals are increasingly sharing, developing and deploying deepfake technologies to bypass biometric security protections, and ...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/07/29 7:54 p.m.194 views

ThreatList: DMARC Adoption Nonexistent at 80% of Orgs

About 80 percent of company web domains don’t have standard email authentication protections in place. That’s according to 250ok’s Global DMARC Adoption 2019 report, which analyzed 25,700 domains in the education, e-commerce, legal, financial services, SaaS and nonprofit sectors, as well as the...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/29 2:11 p.m.194 views

Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep

The nightmare vision of a “mega-worm” global BlueKeep infection could be closer to becoming reality as working exploits are now becoming available to the public, and there’s evidence that adversaries are actively scanning for the vulnerability. Researchers weighed in with Threatpost about how...

10CVSS10AI score0.99999EPSS
Exploits123References15
ThreatPost
ThreatPost
added 2019/06/05 9:23 p.m.194 views

Buggy Phishing Kits Allow Criminals to Cannibalize Their Own

They say it’s a dog-eat-dog world out there, but in cybercrime terms, perhaps it should be called a “phish-eat-phish” situation. Researchers recently discovered that several widely used phishing kits harbor vulnerabilities that can be exploited by other criminals to hijack operations – and...

8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2012/06/21 12:40 p.m.194 views

It's The Stupidity, Stupid: How Absurd Pitches Help Online Scammers Find Their Marks

Do you find e-mail pleas for help from the widow of Democratic Republic of the Congo strongman Mobutu Sese Seko unconvincing or downright silly? That may be the point, according to Microsoft researcher Cormac Herley. The outlandish claims of Nigerian Letter – or “419” – scams serve a critical...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2022/04/19 4:4 p.m.193 views

‘CatalanGate’ Spyware Infections Tied to NSO Group

An unknown zero-click exploit in Apple’s iMessage was used by Israeli-based NSO Group to plant either Pegasus or Candiru malware on iPhones owned by politicians, journalists and activists. Citizen Lab, in collaboration with Catalan-based researchers, released the finding in a report on Monday tha...

9.8CVSS8.7AI score0.39166EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2022/04/08 4:6 p.m.193 views

Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’

Researchers have found the info-stealing Android malware Sharkbot lurking unsuspected in the depths of the Google Play store under the cover of anti-virus AV solutions. While analyzing suspicious applications on the store, the Check Point Research CPR team found what purported to be genuine AV...

8.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/05/20 3:7 p.m.193 views

2021 Attacker Dwell Time Trends and Best Defenses

Cyberattacks have shifted from the usual smash-and-grab type of heists to stealthier campaigns where hackers silently camp out on networks for long periods, stealing anything they can get their hands on. Called attacker dwell time, this is part of an adversarial approach that has become even more...

7.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/05/06 5:26 p.m.193 views

Ryuk Ransomware Attack Sprung by Frugal Student

A European biomolecular research institute involved in COVID-19 research lost a week’s worth of research data, all thanks to a Ryuk ransomware attack traced back to a student trying to save money by buying unlicensed software. Security researchers at Sophos described the attack in a report...

5.9AI score
Exploits0References17
ThreatPost
ThreatPost
added 2019/12/03 1:26 p.m.193 views

‘StrandHogg’ Vulnerability Allows Malware to Pose as Legitimate Android Apps

Researchers have discovered a new Android vulnerability that could allow malware to pose as popular apps and ask for various permissions, potentially allowing hackers to listen in on users, take photos, read and send SMS messages, and basically take over various functions as if they are the...

0.5AI score0.26869EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/01 8:51 p.m.193 views

Solar, Wind Power Utility Disrupted in Rare Cyberattack

A cyberattack on the U.S. energy grid has just come to light, so to speak, which disrupted plant visibility at Utah-based sPower back in March. sPower, a Utah-based wind and solar provider, began experiencing a series of lost connections between its main control center and remote power-generation...

0.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/05/08 5:35 p.m.193 views

Google Patches Critical Remote Code-Execution Flaws in Android

Google patched four remote code-execution RCE flaws as part of its May Android Security Bulletin. Three of the critical bugs are tied to the System portion of the Android platform architecture, responsible for core apps such as the dialer, email and camera. A fourth critical RCE bug opens the doo...

10CVSS7.1AI score0.01529EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2013/08/14 4:51 p.m.193 views

Faulty Microsoft Exchange Server 2013 Patch Pulled Back

Microsoft announced Wednesday afternoon that it has pulled MS13-061, one of the patches issued yesterday for vulnerabilities in Exchange Server 2013. Microsoft said the patch is causing issues with the content index for mailbox databases. Organizations would still be able to send and receive emai...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/03/30 4:14 p.m.192 views

Google Chrome Bug Actively Exploited as Zero-Day

Google has updated its Stable channel for the desktop version of Chrome, to address a zero-day security vulnerability that’s being actively exploited in the wild. The bug, tracked as CVE-2022-1096, is a type-confusion issue in the V8 JavaScript engine, which is an open-source engine used by Chrom...

9.6CVSS9.6AI score0.71536EPSS
Exploits9References12
ThreatPost
ThreatPost
added 2021/03/16 4:56 p.m.192 views

Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix

As dangerous attacks accelerate against Microsoft Exchange Servers in the wake of the disclosure around the ProxyLogon group of security bugs, a public proof-of-concept PoC whirlwind has started up. It’s all leading to a feeding frenzy of cyber-activity. The good news, however, is that Microsoft...

7.5CVSS9.8AI score0.99999EPSS
Exploits66References26
ThreatPost
ThreatPost
added 2021/02/25 8:6 p.m.192 views

Cyberattacks Launch Against Vietnamese Human-Rights Activists

Human-rights activists are being targeted by cyberattacks as part of a wider effort by the Vietnamese state to censor anyone speaking out against the government, Amnesty International’s Security Lab alleges. Ocean Lotus, a well-known threat actor dating back to 2013, is behind the spyware campaig...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/17 4:31 p.m.192 views

Masslogger Swipes Outlook, Chrome Credentials

Cybercriminals are targeting Windows users with a new variant of the Masslogger trojan, which is spyware designed to swipe victims’ credentials from Microsoft Outlook, Google Chrome and various instant-messenger accounts. Researchers uncovered the campaign targeting users in Italy, Latvia and...

0.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/18 9:22 p.m.192 views

WordPress, Apache Struts Attract the Most Bug Exploits

WordPress and Apache Struts vulnerabilities were the most-targeted by cybercriminals in web and application frameworks in 2019 – while input-validation bugs edged out cross-site scripting XSS as the most-weaponized weakness type. That’s according to the RiskSense Spotlight Report, which analyzed...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/14 11:43 p.m.192 views

Oracle Ties Previous All-Time Patch High with January Updates

Oracle has patched 334 vulnerabilities across all of its product families in its January 2020 quarterly Critical Patch Update CPU. Out of these, 43 are critical/severe flaws carrying CVSS scores of 9.1 and above. The CPU ties for Oracle’s previous all-time high for number of patches issued, in Ju...

7.5CVSS0.89436EPSS
Exploits14References9
ThreatPost
ThreatPost
added 2019/10/17 2:25 p.m.192 views

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under some Kubernetes configurations, according to researchers. The flaws, CVE-2019-16276 and CVE-2019-11253, have been patched in Kubernetes builds 1.14.8, 1.15.5 and 1.16.2. Exploitation of the first...

7.5CVSS8.1AI score0.86978EPSS
Exploits11References10
ThreatPost
ThreatPost
added 2018/08/23 4:46 p.m.193 views

Apache Struts 2 Flaw Uncovered: ‘More Critical Than Equifax Bug’

A critical remote code-execution vulnerability in Apache Struts 2, the popular open-source framework for developing web applications in the Java programming language, is threatening a wide range of applications, even when no additional plugins have been enabled. Successful exploitation could lead...

9.3CVSS8.9AI score0.99993EPSS
Exploits63References7
ThreatPost
ThreatPost
added 2011/02/25 7:34 p.m.192 views

Microsoft Submits Tracking Protection Proposal to W3C

Microsoft has submitted its proposal for web tracking protection to the W3C for consideration as a standard, hoping to get the organization’s stamp of approval for its browser privacy technology. The proposal is in the earliest stages of the process and has not been approved, a process that can...

9.3CVSS8.4AI score0.99945EPSS
Exploits33References10
ThreatPost
ThreatPost
added 2021/05/19 8:24 p.m.191 views

Can Nanotech Secure IoT Devices From the Inside-Out?

Another day, another incident of internet-of-things IoT gadgets falling flat on their faces and spilling users’ privacy, if not getting hooked into a botnet, used for cryptomining or opening a network backdoor that allows intruders to move laterally through a network. It’s only Wednesday, but...

7.6AI score
Exploits0References15
ThreatPost
ThreatPost
added 2019/09/20 7:48 p.m.191 views

Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica

Facebook said it has suspended tens of thousands of apps as part of its ongoing investigation into how third-party apps on its platform collect, handle and utilize users’ personal data. The results of the investigation, launched in March 2018 in response to Facebook’s infamous Cambridge Analytica...

0.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2012/08/07 3:48 p.m.191 views

Alleged Mariposa Botmaster in Court

One of the men authorities allege to have been behind the massive–and now dead–Mariposa botnet, has gone on trial in Slovenia, more than two years after the initial arrests and takedown of the network. Mariposa was one of the first handful of botnets that authorities and security researchers work...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/03/29 8:33 p.m.190 views

Log4JShell Used to Swarm VMware Servers with Miners, Backdoors

What researchers are calling a “horde” of miner bots and backdoors are using the Log4Shell bug to take over vulnerable VMware Horizon servers, with threat actors still actively waging some attacks. On Tuesday, Sophos reported that the remote code execution RCE Log4j vulnerability in the ubiquitou...

9.8CVSS9.1AI score0.99999EPSS
Exploits45References21
ThreatPost
ThreatPost
added 2021/12/30 4:16 p.m.190 views

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools

Cyber criminals, under the moniker Aquatic Panda, are the latest advanced persistent threat group APT to exploit the Log4Shell vulnerability. Researchers from CrowdStrike Falcon OverWatch recently disrupted the threat actors using Log4Shell exploit tools on a vulnerable VMware installation during...

10CVSS10AI score0.99999EPSS
Exploits353References9
ThreatPost
ThreatPost
added 2020/12/29 9:27 p.m.190 views

Lawsuit Claims Flawed Facial Recognition Led to Man’s Wrongful Arrest

Racial bias against non-white skin in facial recognition landed Nijeer Parks ten days in jail in 2019 after the technology falsely identified him as a shoplifting suspect, a new lawsuit says. It didn’t matter that he hadn’t been to the location of the crime, a Hampton Inn hotel in Woodbridge, New...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/12/10 11:0 a.m.190 views

Critical Steam Flaws Could Let Gamers Crash Opponents’ Computers

Game developer Valve has fixed critical four bugs in its popular Steam online game platform. If exploited, the flaws could allow a remote attacker to crash an opponent’s game client, take over the computer – and hijack all computers connected to a third-party game server. Steam is utilized by mor...

10CVSS9.5AI score0.65907EPSS
Exploits4References7
ThreatPost
ThreatPost
added 2022/02/07 5:32 p.m.189 views

Roaming Mantis Expands Android Backdoor to Europe

The Roaming Mantis Android malware campaign has buzzed into Europe, quickly infesting France in particular, where there have been 66,789 downloads of the group’s specific remote access trojan RAT as of January. The campaign pushes the Android RAT known as Wroba aka Moqhao or XLoader onto victim...

10CVSS9.5AI score0.99999EPSS
Exploits351References3
ThreatPost
ThreatPost
added 2020/10/13 5:46 p.m.189 views

Critical Flash Player Flaw Opens Adobe Users to RCE

Adobe is warning of a critical vulnerability in its Flash Player application for users on Windows, macOS, Linux and ChromeOS operating systems. The vulnerability is the only flaw released this month as part of Adobe’s regularly scheduled patches markedly less than the 18 flaws addressed during it...

0.5AI score0.0552EPSS
Exploits1References18
ThreatPost
ThreatPost
added 2020/07/02 4:14 p.m.189 views

Apache Guacamole Opens Door for Total Control of Remote Footprint

Apache Guacamole, a popular infrastructure for enabling remote working, is vulnerable to a slew of security bugs related to the Remote Desktop Protocol RDP, researchers have warned. Admins should update their systems to avoid attacks bent on stealing information or remote code-execution. “Once in...

6.2CVSS0.1AI score0.00795EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2020/04/09 1:0 p.m.189 views

Cisco ‘Critical Update’ Phishing Attack Steals Webex Credentials

An ongoing phishing campaign is reeling in victims with a recycled Cisco security advisory that warns of a critical vulnerability. The campaign urges victims to “update,” only to steal their credentials for Cisco’s Webex web conferencing platform instead. The campaign is looking to leverage the...

10CVSS9.4AI score0.02927EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2019/10/04 4:20 p.m.189 views

Google Warns of Android Zero-Day Bug Under Active Attack

Google is warning of an Android zero-day flaw actively being exploited in the wild, which gives an attacker full control over 18 phone models including its flagship Pixel handset and devices made by Samsung, Huawei and Xiaomi. Google’s Project Zero warned late Thursday that it suspected the...

4.6CVSS6.9AI score0.72105EPSS
Exploits27References10
ThreatPost
ThreatPost
added 2019/01/25 7:21 p.m.189 views

Threatpost News Wrap Podcast For Jan. 25

Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the biggest news from this week. That includes a rare “emergency directive” issued by the Department of Homeland Security on Tuesday, which warned that multiple government domains have been targeted by DNS hijacking attacks...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2022/02/11 9:51 p.m.188 views

Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution RCE as SYSTEM on any unpatched MXview server, researchers warned this week. The five bugs, affecting versions 3.x to 3.2.2, score a collective 10 out of...

10CVSS10AI score0.15789EPSS
Exploits0References6
Total number of security vulnerabilities5000