Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/12/20 10:11 p.m.149 views

Conti Ransomware Gang Has Full Log4Shell Attack Chain

The Conti ransomware gang, which last week became the first professional crimeware outfit to adopt and weaponize the Log4Shell vulnerability, has now built up a holistic attack chain. The sophisticated Russia-based Conti group – which Palo Alto Networks has called “one of the most ruthless” of...

10CVSS10AI score0.99999EPSS
Exploits351References25
ThreatPost
ThreatPost
added 2021/04/27 4:49 p.m.149 views

Smishing: Put Text-Based Phishing on the CISO Radar

Anyone who uses a smartphone has likely been the target of at least one smishing attack. Smishing is much like email phishing scams, but instead sends deceptive or malicious links through text messages. Like phishing, smishing tries to trick users into giving up valuable information, such as...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/27 5:33 p.m.149 views

TurkeyBombing Puts New Twist on Zoom Abuse

Millions of family and friends, forced to spend Thanksgiving socially distant, are being targeted by cybercriminals as they turn to video platforms like Zoom to virtually be together. In this ongoing attack, cybersecurity experts warn, victims are targeted with a Zoom-related and...

Exploits0References12
ThreatPost
ThreatPost
added 2019/12/12 9:55 p.m.149 views

Critical Remote Code-Execution Bugs Threaten Global Power Plants

Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used fo...

7.5CVSS1AI score0.26869EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/09/26 4:26 p.m.149 views

Cisco Patches 13 High-Severity Router and Switch Bugs

Cisco Systems released patches for 29 bugs Wednesday that addressed flaws in a wide range of its products including routers and switches running the IOS XE networking software. Thirteen of the vulnerabilities revealed are rated high severity. The bulk of the high-severity vulnerabilities are tied...

10CVSS1.9AI score0.8378EPSS
Exploits8References11
ThreatPost
ThreatPost
added 2019/06/13 3:4 p.m.149 views

Telegram CEO Fingers China State Actors for DDoS Attack

The chief executive of secure messaging app Telegram is pointing the finger squarely at China as the culprit responsible for the distributed denial of service DDoS attack that it suffered on Wednesday. The company announced the attack on Twitter, warning that users may be experiencing connection...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/06/05 8:39 p.m.149 views

440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups

Over 440 million Android phones have been exposed to an obnoxious advertising plugin hidden within hundreds of popular applications available via Google Play, which ultimately can render phones almost unusable. Lookout Research discovered the plugin being bundled with 238 unique applications that...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/04/29 8:4 p.m.149 views

MuddyWater APT Hones an Arsenal of Custom Tools

An array of customized attack tools are helping the MuddyWater advanced persistent threat APT group to successfully exfiltrate data from its governmental and telco targets in the Middle East; an analysis of this toolset reveals a moderately sophisticated threat actor at work – with the potential ...

9CVSS0.3AI score0.99965EPSS
Exploits30References3
ThreatPost
ThreatPost
added 2019/04/05 5:42 p.m.149 views

Facebook Boots 74 Cybercrime Groups From Platform

Facebook has booted more than 70 cybercrime groups off its platform that were peddling illicit services – from email spamming tools to stolen credentials and payment information sales – in plain sight. Researchers said a simple search on Facebook for keywords like “spam,” “CVV” or more returned...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/02/08 8:5 a.m.149 views

Modern Defenders Share, Visualize and Succeed

TENERIFE, Spain – Network defenders who rely solely on lists of assets to protect are running a fool’s errand. Instead, it’s crucial to think in graphs to not only visualize threats, but also to understand network edges, and dependencies between assets and accounts in order to be able to capture...

9.3CVSS8.2AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2014/02/19 12:53 p.m.149 views

Windows Error Reporting Used to Find Advanced Exploits

Windows Error Reporting, also known as Dr. Watson reports, are Windows crash reports sent by default unencrypted to Microsoft, which uses them to fix bugs. The reports are rich with system data that Microsoft also uses to enhance user interaction with its products. Since, however, they are sent i...

9.3CVSS9AI score0.99945EPSS
Exploits51References6
ThreatPost
ThreatPost
added 2022/02/24 6:42 p.m.148 views

Microsoft App Store Sizzling with New ‘Electron Bot’ Malware

A backdoor malware that can take over social-media accounts – including Facebook, Google and Soundcloud – has infiltrated Microsoft’s official store by cloning popular games such as Temple Run or Subway Surfer. The backdoor, dubbed Electron Bot, gives attackers complete control over compromised...

9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/10/07 8:25 p.m.148 views

Twitch Leak Included Emails, Password: Researcher

Twitch users, if you haven’t changed your password yet, go. Now. Do it. 101321 08:45 UPDATE: Your email and password may already have been leaked – unhashed and unencrypted, though it’s not known if the one Twitch set of Twitch credentials are from an internally or externally facing database...

7.6AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/05/12 4:2 p.m.148 views

Adobe Kills 16 Critical Flaws in Acrobat and Reader, Digital Negative SDK

Adobe has fixed 16 critical flaws across its Acrobat and Reader applications and its Adobe Digital Negative DNG Software Development Kit. If exploited, the flaws could lead to remote code execution. Overall, Adobe fixed vulnerabilities tied to 36 CVEs in its regularly-scheduled Tuesday security...

9.3CVSS0.3AI score0.43739EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2020/01/29 10:9 p.m.148 views

Apple Security Updates Tackle iOS Device Tracking, RCE Flaws

Apple’s latest security fixes, released Tuesday, tackle a wide range of bugs, including several patches for high-risk flaws that could allow for remote code execution RCE. Of particular interest to privacy-minded iPhone 11 users is an iOS 13.3.1 update that allows users to turn off U1...

9.3CVSS0.9AI score0.26869EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/14 8:32 p.m.148 views

Microsoft Patches ‘Major’ Crypto Spoofing Bug

A major crypto-spoofing bug impacting Windows 10 users has been fixed as part of Microsoft’s January Patch Tuesday security bulletin. The vulnerability could allow an attacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an...

10CVSS0.1AI score0.89436EPSS
Exploits23References8
ThreatPost
ThreatPost
added 2019/10/03 4:23 p.m.148 views

Foxit PDF Reader Vulnerable to 8 High-Severity Flaws

Patches are available for eight high-severity flaws impacting the popular PDF software Foxit Reader. The bugs, which exist on Windows versions of the software, enable a remote attacker to execute arbitrary code on vulnerable systems. This week, Foxit Software, the company behind Foxit Reader,...

6.8CVSS8.2AI score0.0604EPSS
Exploits1References16
ThreatPost
ThreatPost
added 2019/09/27 11:25 a.m.148 views

Thousands of PCs Affected by Nodersok/Divergent Malware

New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said. The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own...

7.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/06 8:14 p.m.148 views

Police Use of Facial Recognition is Just Fine, Say Most Americans

Despite the appetite for dystopian surveillance dramas on TV and in film, most Americans actually do trust law enforcement to not abuse facial recognition technology, according to a new survey. According to the Pew Research Center, a full 56 percent said that they trust police and officials to us...

Exploits0References8
ThreatPost
ThreatPost
added 2019/08/09 8:0 p.m.148 views

DEF CON 2019: Delta ICS Flaw Allows Total Industrial Takeover

A serious vulnerability in a commonly used Delta industrial control system has been found that could allow malicious actors on the same network complete control of the operating system. The Delta enteliBUS Manager centralizes control for various pieces of hardware often found in corporate or...

7.5CVSS0.6AI score0.04737EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2019/05/16 1:53 p.m.148 views

Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution

Cisco is warning of critical remote code-execution RCE vulnerabilities in the Cisco Prime Infrastructure PI and Evolved Programmable Network EPN Manager, which is used by telcos, mobile carriers, cable companies and ISPs to manage their hardware infrastructure. The vendor also issued estimated...

10CVSS0.8AI score0.98092EPSS
Exploits16References9
ThreatPost
ThreatPost
added 2017/04/11 6:19 p.m.148 views

Microsoft Patches Three Vulnerabilities Under Attack

Microsoft today patched a zero-day Word vulnerability that has been publicly attacked along with deploying fixes for Internet Explorer, Microsoft Edge and Windows 10. In all, nine Microsoft products received updates totaling 45 unique CVEs. Three of the vulnerabilities among Tuesday’s updates,...

9.3CVSS0.1AI score0.99933EPSS
Exploits29References13
ThreatPost
ThreatPost
added 2011/11/09 3:20 p.m.148 views

Microsoft Patches Critical Bug in Windows TCP/IP Stack

Microsoft has patched a serious vulnerability in the Windows TCP/IP stack that, under some conditions, could enable an attacker to run code on remote machines. The flaw lies in the way that the stack handles large amounts of specially formatted packets sent to a vulnerable machine. Microsoft...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/01/18 3:44 p.m.147 views

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware

A critical security vulnerability in the Zoho ManageEngine Desktop Central and Desktop Central MSP platforms could allow authentication bypass, the company has warned. The bug CVE-2021-44757 could allow a remote user to “perform unauthorized actions in the server,” according to the company’s Mond...

10CVSS9.9AI score0.99867EPSS
Exploits10References10
ThreatPost
ThreatPost
added 2021/02/15 8:50 p.m.147 views

Cybercrooks Rake in $304M in Romance Scams

Romance scams remain the most successful fraud strategy for cybercrooks, and represents a growing sector, according to the Federal Trade Commission. Last year, romance schemes accounted for a record $304 million raked into illicit coffers, according to new data – up about 50 percent from 2019...

Exploits0References5
ThreatPost
ThreatPost
added 2021/02/01 9:47 p.m.147 views

Wind River ‘Security Incident’ Affects SSNs, Passport Numbers

Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/01/27 6:4 p.m.147 views

Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline

UPDATE The virulent malware known as Emotet – one of the most prolific malware strains globally – has been dealt a blow thanks to a takedown by an international law-enforcement consortium. Meanwhile, the NetWalker ransomware has also been subjected to partial disruption, according to the U.S...

Exploits0References17
ThreatPost
ThreatPost
added 2021/01/20 3:21 p.m.147 views

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms

Google Project Zero researcher Natalie Silvanovich outlined what she believes is a common theme when it comes to serious vulnerabilities impacting leading chat platforms. The research, published Tuesday, identifies a common denominator within chat platforms, called “calling state machine”, which...

7.2AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/11/27 2:0 p.m.147 views

Dexphot Malware Hijacks 80K+ Devices to Mine Cryptocurrency

Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and...

7.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/09/26 11:47 a.m.147 views

Chrome Bug, Not Avid Software, Causes Damage to MacOS File Systems

Researchers have tracked a problem that caused corruption to the file systems of macOS users to a bug in a Google Chrome update after users originally feared it was a problem with Avid Media Composer. People using the Avid software for video editing on macOS platforms posted warnings Tuesday on...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/15 7:20 p.m.147 views

HTTP Bugs Open Websites to DoS Attacks

Eight bugs in the implementation of HTTP/2, the most recent version of the HTTP protocol, can be exploited to launch denial of service attacks. The flaws were found in vendor server configurations ranging from Amazon, Google, Microsoft and Apache. Bugs are similar in nature and can be exploited b...

7.8CVSS0.4AI score0.87806EPSS
Exploits1References27
ThreatPost
ThreatPost
added 2019/06/11 1:40 p.m.147 views

Data Breach Exposes 100K U.S. Traveler Photos, License Plates

UPDATE The U.S. Customs and Border Protection said that a recent data breach exposed photos of the faces and license plates for more than 100,000 travelers driving in and out of the country. The department said Monday that the breach stemmed from an attack on a federal subcontractor. Customs and...

Exploits0References11
ThreatPost
ThreatPost
added 2019/02/05 10:9 p.m.147 views

IoT Scale Flaws Enable Denial of Service, Privacy Issues

Here is an internet of things flaw that can tip the scales to a hacker’s advantage. Researchers have discovered a bevy of flaws in a consumer smart scale that could allow hackers to launch a variety of attacks, from man-in-the-middle to denial of service attacks. Checkmarx researchers reported th...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/07/09 2:50 p.m.147 views

Wekby APT 18 Exploiting Hacking Team Flash Zero Day

The Wekby APT group, implicated in a number of targeted attacks against health care organizations such as Community Health Systems and major pharmaceutical companies, is reportedly making use of the Adobe Flash Player zero-day found in the Hacking Team data dump. According to Virginia-based...

10CVSS10AI score0.99344EPSS
Exploits29References9
ThreatPost
ThreatPost
added 2022/08/29 2:56 p.m.146 views

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign that resulted in 9,931 accounts at over 130 organizations being compromised. The campaigns are tied to focused abuse of identity and access management firm Okta, which gained the threat actors the 0ktapus...

7.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/02/10 3:16 p.m.146 views

Intel Squashes High-Severity Graphics Driver Flaws

Intel has issued fixes for five high-severity vulnerabilities in its graphics drivers. Attackers can exploit these flaws to launch an array of malicious attacks – such as escalating their privileges, stealing sensitive data or launching denial-of-service attacks. The graphics driver is software...

7.9AI score0.00359EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2020/12/03 11:0 a.m.146 views

Google Play Apps Remain Vulnerable to High-Severity Flaw

UPDATE Researchers are warning that several popular Google Play applications – including mobile browser app Edge – have yet to push out an important update addressing a high-severity vulnerability in the Google Play Core Library. The vulnerability exists in Google Play Core Library, which is...

6.8CVSS8.8AI score0.02883EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2020/05/19 12:40 p.m.146 views

Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials

A new phishing campaign can bypass multi-factor authentication MFA on Office 365 to access victims’ data stored on the cloud and use it to extort a Bitcoin ransom or even find new victims to target, security researchers have found. Researchers at Cofense Phishing Defense Center discovered the...

Exploits0References7
ThreatPost
ThreatPost
added 2020/03/24 5:46 p.m.146 views

Critical Adobe Flaw Fixed in Out-of-Band Security Update

Adobe has released an out-of-band patch for a critical vulnerability in its Creative Cloud Desktop Application for Windows. The flaw can be exploited by an attacker to delete specific arbitrary files on the victim’s system. Creative Cloud acts as a central console for desktop users to quickly...

5.8CVSS0.4AI score0.0552EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2020/01/17 10:1 p.m.146 views

New JhoneRAT Malware Targets Middle East

Researchers are warning of a new remote access trojan RAT, dubbed JhoneRAT, which is being distributed as part of an active campaign, ongoing since November 2019, that targets victims in the Middle East. Once downloaded, the RAT gathers information on the victims’ computers and is also able to...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/08/30 3:48 p.m.146 views

iPhone Zero-Days Anchored Watering-Hole Attacks

A total of 14 iPhone vulnerabilities – including two that were zero-days when discovered — have been targeted by five exploit chains in a watering hole attack that has lasted years. The watering holes deliver a spyware implant that can steal private data like iMessages, photos and GPS location in...

9.3CVSS8.3AI score0.15705EPSS
Exploits2References6
ThreatPost
ThreatPost
added 2019/05/31 9:31 p.m.146 views

Gen Z Interns and Social Media: A Perfect Security Storm

Researchers are warning of a new security Achilles’ heel for enterprises, and it may not be what they expect. That threat is interns. According to researchers, interns are unwittingly posting confidential and valuable company insights via social media that pose a security risk to the companies th...

0.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/05/21 9:2 p.m.146 views

Intel Fixes Critical, High-Severity Flaws Across Several Products

Intel has issued an updated advisory for more than 30 fixes addressing vulnerabilities across various products – including a critical flaw in Intel’s converged security and management engine CSME that could enable privilege-escalation. The bug CVE-2019-0153 exists in a subsystem of Intel CSME,...

7.5CVSS8.9AI score0.01864EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2018/09/12 4:12 p.m.146 views

Osiris Banking Trojan Displays Modern Malware Innovation

After staying dormant for few years, the Kronos banking trojan resurfaced in July in a form dubbed Osiris. A wider analysis of how the banking trojan is evolving shows innovative development on the part of its authors, with an eye to broader malware trends. Osiris first appeared in July in three...

9.3CVSS8.9AI score0.99945EPSS
Exploits33References9
ThreatPost
ThreatPost
added 2018/09/04 6:34 p.m.146 views

Thousands of MikroTik Routers Hijacked for Eavesdropping

A full 7,500+ MikroTik routers are forwarding their owners’ traffic to eavesdropping cybercriminals – while 239,000 more have had their Socks4 proxy enabled, maliciously and surreptitiously. This means the bad actors can gain access to any of the files or data being passed by the router to and fr...

10CVSS0.6AI score0.96087EPSS
Exploits23References5
ThreatPost
ThreatPost
added 2016/07/18 6:0 p.m.146 views

CGI Script Vulnerability 'Httpoxy' Allows Man-in-the-Middle Attack

An old scripting vulnerability that impacts a large number of Linux distributions and programing languages allows for man-in-the-middle attacks that could compromise web servers. The vulnerability, which affects many PHP and CGI web-apps, was revealed Monday in tandem with the release of a bevy...

6.8CVSS8AI score0.55724EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2016/01/13 9:1 a.m.146 views

Microsoft Silverlight Zero Day Vulnerability Patched

Microsoft Silverlight vulnerabilities certainly don’t have the same hacker cred as bugs in Adobe Flash, for example, but nonetheless, that does not diminish their value, nor does that mean they should be ignored. Microsoft patched a critical flaw in the application framework on Tuesday, and...

9.3CVSS8.9AI score0.99945EPSS
Exploits34References4
ThreatPost
ThreatPost
added 2014/02/11 10:53 a.m.146 views

Five OAuth Bugs Lead to Github Hack

A Russian security researcher was able to take five low severity OAuth bugs in the coding site Github and string them together to create what he calls a “simple but high severity exploit” that gave him unfettered access to users’ private repositories. Bangkok-based researcher Egor Homakov –...

8.8AI score0.99993EPSS
Exploits41References8
ThreatPost
ThreatPost
added 2022/03/16 4:29 p.m.145 views

Another Destructive Wiper Targets Organizations in Ukraine

Researchers have discovered yet another destructive data-wiping malware targeting organizations in Ukraine, the third to be found in as many weeks attacking systems in the country that’s currently defending itself against a Russian physical invasion. A team from cybersecurity firm ESET on Monday...

8.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2022/03/07 9:30 p.m.145 views

Novel Attack Turns Amazon Devices Against Themselves

UPDATE Researchers from the University of London and the University of Catania have discovered how to weaponize Amazon Echo devices to hack themselves. The – dubbed “Alexa vs. Alexa” – leverages what the researchers called “a command self-issue vulnerability”: using pre-recorded messages which,...

8.9AI score
Exploits0References5
Total number of security vulnerabilities5000