Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2010/07/09 6:34 p.m.124 views

Microsoft Says IE8 Weakness Not an Exploitable Flaw

Microsoft on Friday said that a weakness in Internet Explorer 8 identified by security researcher Ruben Santamarta recently is not an exploitable vulnerability, but rather a “technique for bypassing ASLR.” ASLR Address Space Layout Randomization is a memory protection that, along with DEP Data...

9.3CVSS1.3AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2009/03/17 2:19 p.m.124 views

Microsoft spars with researcher over security patch

One of the patches released by Microsoft last week is not providing protection against the vulnerability it was meant to fix, according to a researcher who today accused Microsoft of making functionality a higher priority than security. According to Tyler Reguly, a senior security engineer at...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/04/05 5:53 p.m.123 views

Authorities Fully Behead Hydra Dark Marketplace

German authorities have taken down the Hydra marketplace – a popular destination on the Dark Web for trading in illicit goods and services, including cyberattack tools and stolen data. This week, they were able to commandeer and take offline underpinning infrastructure such as servers, plus insta...

8.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2022/02/02 7:23 p.m.123 views

Supply Chain Security Is Not a Problem…It’s a Predicament

In the late 19th century, many large cities faced an unpleasant predicament due to too much horse manure piling up in the streets. Aside from the direct impact of the odors and unsightly excrement, it indirectly poisoned the water supply and accelerated the spread of disease. There were some ways...

8.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/09/28 3:6 p.m.123 views

Working PoC Is Out for VMware vCenter CVE-2021-22005 Flaw

A fully working exploit for the critical CVE-2021-22005 remote code-execution RCE vulnerability in VMware vCenter is now public and being exploited in the wild. Released on Monday by Rapid7 security engineer William Vu who goes by the Twitter handle wvu, this one’s different from the incomplete...

9.8CVSS9.8AI score0.99999EPSS
Exploits11References17
ThreatPost
ThreatPost
added 2019/09/24 3:16 p.m.123 views

Dtrack RAT is Behind Virulent ATM-Espionage Campaign

An espionage malware called Dtrack – and a related variant, ATMDtrack – has been traced back to the notorious North Korea-linked Lazarus Group APT. Both have been identified this month targeting victims in India. According to researcher Konstantin Zykov of Kaspersky, researchers first uncovered...

0.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/03 2:40 p.m.123 views

Amazon Admits Alexa Voice Recordings Saved Indefinitely

Amazon has acknowledged that it retains the voice recordings and transcripts of customers’ interactions with its Alexa voice assistant indefinitely. The admission raises questions about how long companies should be able to save highly-personal data collected from voice assistant devices. After U....

Exploits0References8
ThreatPost
ThreatPost
added 2011/09/29 3:10 p.m.123 views

The Inside Story of the Kelihos Botnet Takedown

Earlier this week, Microsoft released an announcement about the disruption of a dangerous botnet that was responsible for spam messages, theft of sensitive financial information, pump-and-dump stock scams and distributed denial-of-service attacks. Kaspersky Lab played a critical role in this botn...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2021/09/13 10:10 p.m.122 views

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Apple users should immediately update all their devices – iPhones, iPads, Macs and Apple Watches – to install an emergency patch for a zero-click zero-day exploited by NSO Group to install spyware. The security updates, pushed out by Apple on Monday, include iOS 14.8 for iPhones and iPads, as wel...

7.8CVSS7.4AI score0.75994EPSS
Exploits2References16
ThreatPost
ThreatPost
added 2021/09/09 2:30 p.m.122 views

SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’

The novel backdoor technique called SideWalk, seen in campaigns targeting US media and retailers late last month, has been tied to an adversary that’s been around for quite a while: namely, China-linked Grayfly espionage group. ESET researchers, who named and discovered the new “SparklingGoblin”...

9.8CVSS9.9AI score0.99987EPSS
Exploits10References15
ThreatPost
ThreatPost
added 2020/10/09 5:40 p.m.122 views

Sophisticated Android Ransomware Executes with the Home Button

A fresh variant of a sophisticated Android ransomware known as MalLocker locks up mobile devices – surfacing its ransom note when a user hits the Home button. According to research from Microsoft, MalLocker is spreading via malicious website downloads disguised as popular apps, cracked games or...

0.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/08/05 4:14 p.m.122 views

High-Severity Android RCE Flaw Fixed in August Security Update

Google has released patches addressing a high-severity issue in its Framework component, which if exploited could enable remote code execution RCE on Android mobile devices. Overall, 54 high-severity flaws were patched as part of Google’s August security updates for the Android operating system,...

10CVSS0.8AI score0.12651EPSS
Exploits2References9
ThreatPost
ThreatPost
added 2020/06/30 4:12 p.m.122 views

UCSF Pays $1.14M After NetWalker Ransomware Attack

The University of California, San Francisco UCSF has paid a $1.14 million ransom to recover data related to “important” academic work. The data was encrypted after the NetWalker ransomware reportedly hit the UCSF medical school. The UCSF, which includes a medical school and a medical center UCSF...

0.2AI score
Exploits0References17
ThreatPost
ThreatPost
added 2020/06/09 3:27 p.m.122 views

Adobe Warns of Critical Flaws in Flash Player, Framemaker

Adobe released patches for four critical flaws in Flash Player and in its Framemaker document processor as part of its regularly scheduled updates. The bugs, if exploited, could enable arbitrary code-execution. In Tuesday’s June Adobe security updates, critical flaws tied to three CVEs were patch...

10CVSS0.3AI score0.0756EPSS
Exploits1References13
ThreatPost
ThreatPost
added 2020/01/30 5:38 p.m.122 views

Cisco Patches Two High-Severity Bugs in its Small Business Switch Lineup

Cisco Systems released security patches on Wednesday for high-severity vulnerabilities affecting over a half dozen of its small business switches. The flaws allow remote unauthenticated adversaries to access sensitive information and level denial-of-service DoS attacks against affected gear...

7.8CVSS0.3AI score0.26869EPSS
Exploits3References4
ThreatPost
ThreatPost
added 2019/11/18 9:11 p.m.122 views

WhatsApp Remote Code Execution Triggered by Videos

Facebook has quietly patched a vulnerability in the popular WhatsApp messaging platform, which could be exploited to launch remote-code-execution or denial-of-service attacks on victims. Attackers can exploit the flaw merely by sending a target user a video — specifically, a specially crafted MP4...

6.8CVSS0.2AI score0.01321EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2019/11/14 3:18 p.m.122 views

Website, Know Thyself: What Code Are You Serving?

When we think of “securing our website” from attackers, we often think of securing against hooded figures somewhere in Eastern Europe working out of a smoky office above an illegal gambling den. Not only is that probably geographically insensitive, it’s also not necessarily the best way threat to...

8.6AI score0.0552EPSS
Exploits1References12
ThreatPost
ThreatPost
added 2019/10/18 12:18 p.m.122 views

Zappos Offers Users 10% Discount in 2012 Breach Settlement

Online retailer Zappos will give customers a 10 percent discount to its online store as settlement for a 2012 data breach that affected 24 million customers, while lawyers in the case will win $1.6 million in fees. The news shows customers once again getting the short end of the stick when it com...

0.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/26 9:34 p.m.122 views

DoorDash Data Breach Impacts Personal Data of Almost 5M Users

Food delivery service DoorDash disclosed a data breach that affects almost 5 million customers, drivers and merchants using its platform. DoorDash, an on-demand food delivery service, connects end users with local restaurants and relies on contracted drivers who use their own vehicles for deliver...

0.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/09/19 4:47 p.m.122 views

Microsoft Silent Update Torpedoes Windows Defender

A broken Microsoft Windows Defender signature file that was causing system file checks to fail got a patch this week – but the patch caused an even bigger issue, making Defender user-triggered antivirus scans fail altogether. The issue was in place for about a day before Microsoft re-patched the...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/09/03 6:18 p.m.122 views

Firefox 69 Release Kills Default Tracking Cookies, Flash Support

Mozilla has released its latest Firefox browser iteration, Firefox 69, which by default blocks third-party cookies and cryptominers; it also disables default support for Adobe Flash Player. In addition, the browser has squashed several critical and high-severity vulnerabilities. Mozilla has long...

6.8CVSS0.2AI score0.01713EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2019/08/21 2:55 p.m.122 views

Backdoor Found in Utility for Linux, Unix Servers

In an unnerving twist, when a critical zero-day vulnerability was reported in a Unix administration tool, called Webmin, it was revealed the flaw was no accident. According to researchers, the vulnerability was a secret backdoor planted in the popular utility nearly a year before its discovery. T...

10CVSS9.8AI score0.99766EPSS
Exploits37References9
ThreatPost
ThreatPost
added 2019/07/22 3:0 p.m.122 views

Amazon Alexa, Google Home Are On a Collision Course With Regulation

Voice assistants are growing rapidly in popularity — but at the same time, the privacy concerns and security issues with popular home assistant devices like Amazon Echo and Google Home are peaking too. Earlier in July, Amazon came under fire after acknowledging that it retains the voice recording...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/07/17 3:21 p.m.122 views

Massive Malvertising Campaign Reaches 100M Ads, Manipulates Supply Chain

A Hong Kong-based advertiser has mounted a snowballing campaign, compromising more than 100 million ads to date by forming relationships with legitimate ad platforms to gain access to premium audiences. From there, it often pushes malware onto victim machines. The malvertiser, operating under the...

7.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/03/20 8:3 p.m.122 views

Years-Long Phishing Campaign Targets Saudi Gov Agencies

An ongoing three-year-old phishing campaign has been targeting the credentials of Saudi Arabian government agencies — with a financially motivated actor the likely culprit. The campaign, code-named “Bad Tidings,” has siphoned victims’ credentials by pretending to be the Kingdom’s Ministry of...

0.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/01/04 12:30 p.m.122 views

Adobe Fixes Two Critical Acrobat and Reader Flaws

Adobe on Thursday released unscheduled security updates for Adobe Acrobat and Reader for Windows and MacOS. The updates fix two critical vulnerabilities, CVE-2018-16011 and CVE-2018-19725. Successful exploitation of the flaws could lead to arbitrary code execution in the context of the current...

10CVSS1.2AI score0.81971EPSS
Exploits13References7
ThreatPost
ThreatPost
added 2012/06/14 2:25 p.m.122 views

Microsoft Issues FixIt For XML Flaw

With attackers already exploiting the MSXML zero-day vulnerability, which affects a wide range of products, Microsoft has issued a FixIt tool for the bug that it is encouraging users to install as they prepare a full patch for the flaw. The vulnerability is a critical one, and, because it’s prese...

9.3CVSS2.5AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2010/11/09 2:28 p.m.122 views

Barracuda Networks Launches Bug Bounty Program

Following the lead of Mozilla and Google, Barracuda Networks is launching a bug bounty program that will pay out cash rewards for vulnerabilities found in the company’s own products. The move by Barracuda, a maker of mail security and data protection products, is the first such bug bounty program...

9.3CVSS1AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2022/08/31 12:57 p.m.121 views

Student Loan Breach Exposes 2.5M Records

EdFinancial and the Oklahoma Student Loan Authority OSLA are notifying over 2.5 million loanees that their personal data was exposed in a data breach. The target of the breach was Nelnet Servicing, the Lincoln, Neb.-based servicing system and web portal provider for OSLA and EdFinancial, accordin...

6.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/04/22 10:56 a.m.121 views

Skeletons in the Closet: Security 101 Takes a Backseat to 0-days

Rarely a month goes by without the infosec industry being plagued by a new zero-day apocalypse. Most recently in December 2021, the world was swept by a series of vulnerabilities in Log4J – a popular logging system used by thousands of systems around the world. While writing this article, the...

9.8CVSS8.2AI score0.70947EPSS
Exploits3References13
ThreatPost
ThreatPost
added 2020/05/05 7:38 p.m.121 views

Spear-Phishing Attack Spoofs EE To Target Executives

Researchers warn of an ongoing spear-phishing attack mimicking a well-known telecommunications company, EE, to snatch up corporate executives’ credentials and payment details. Highly targeted emails have been sent to a few executives – including one at a leading financial firm – purporting to be...

7.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/11 5:13 p.m.121 views

Wormable, Unpatched Microsoft Bug Threatens Corporate LANs

UPDATE Microsoft released an emergency out-of-band patch to fix a SMBv3 wormable bug on Thursday that leaked earlier this week. The a patch for the vulnerability, tracked as CVE-2020-0796, is now rolling out to Windows 10 and Windows Server 2019 systems worldwide, according to Microsoft. On...

0.6AI score0.9981EPSS
Exploits125References14
ThreatPost
ThreatPost
added 2020/01/06 9:47 p.m.121 views

Magecart Hits Parents and Students via Blue Bear Attack

Blue Bear Software, an administration and e-commerce platform for K-12 schools and other educational institutions, is warning its customers that it has suffered a Magecart attack. Blue Bear’s platform enables management of school accounting, student fees and online stores. In a letter to those...

8.3AI score0.0552EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2019/09/27 12:0 p.m.121 views

News Wrap: GandCrab Operators Resurface, Utilities Firms Hit By LookBack Malware

On this week’s news wrap podcast, Threatpost editors Tara Seals and Lindsey O’Donnell break down the top news, including: Despite claiming they were retiring, GandCrab’s authors have been linked to the REvil/Sodinokibi ransomware via a technical analysis. A spearphishing campaign, first spotted i...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2018/05/16 7:56 p.m.121 views

New Cryptominer Distributes XMRig in Aggressive Attacks

Hackers behind cryptominer attacks are growing more aggressive and ruthless. Case and point, a cryptominer malware sample dubbed WinstarNssmMiner has been tracked in 500,000 attacks in the past three days, earning the crooks $28,000, according to researchers. What makes the cryptominer so vicious...

7.5CVSS1.5AI score0.99686EPSS
Exploits36References6
ThreatPost
ThreatPost
added 2010/09/02 4:28 a.m.121 views

Researcher Will Demo Bypass of Windows Service Isolation Feature

A prominent researcher will use an upcoming security conference in Buenos Aires to demonstrate an exploit that allows hackers to bypass the Windows Service Isolation feature, despite Microsoft’s efforts to close the security loophole. Security researcher Cesar Cerrudo of Argeniss Information...

9.3CVSS1.2AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2010/01/12 9:34 p.m.121 views

Microsoft warning to XP users: Update Flash Player Now

Microsoft has shipped a security advisory with an urgent message for Windows XP users: Update your Flash Player immediately. The Adobe Flash Player 6 that ships by default in Windows XP is vulnerable to multiple code execution vulnerabilities that could lead to PC takeover attacks, according to t...

9.3CVSS2.2AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2009/09/08 11:58 a.m.121 views

Attackers Pounce on Microsoft FTP in IIS Vulnerability

Less than a week after the publication of exploit code for a gaping hole in the FTP Service in Microsoft Internet Information Services IIS, attackers are launching what is described as “limited attacks” against Windows users. Microsoft has updated its security advisory to warn of the new attacks...

9.3CVSS1.8AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/05/31 12:24 p.m.120 views

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...

10CVSS10AI score0.99999EPSS
Exploits476References16
ThreatPost
ThreatPost
added 2022/04/12 5:22 p.m.120 views

Menswear Brand Zegna Reveals Ransomware Attack

High-end Italian fashion house Ermenegildo Zegna revealed on Monday that it was the target of a ransomware attack last August — and that it managed to recover its systems from back-up without paying a ransom. The Milan-based firm already had revealed on Aug. 6, 2021, that it became aware of...

8.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/06/21 4:58 p.m.120 views

iPhone Wi-Fi Crushed by Weird Network

FUD is spreading about a weirdly named personal network that a reverse engineer stumbled across and which he said “permanently” wrecked his iPhone’s Wi-Fi. TL;DR version: The twitching inflicted on his iPhone, which he demonstrated in the 4-second Tweet below, wasn’t permanent. As replies to the...

7.6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/02/01 9:18 p.m.120 views

Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers

Advanced persistent threat APT group Lebanese Cedar has compromised at least 250 public-facing servers since early 2020, researchers said, with its latest malware. The group has added new features to its custom “Caterpillar” webshell and the “Explosive RAT” remote access trojan RAT, both of which...

10CVSS10AI score0.99913EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2020/10/08 3:28 p.m.120 views

Microsoft Azure Flaws Open Admin Servers to Takeover

Researchers have disclosed two flaws in Microsoft’s Azure web hosting application service, App Services, which if exploited could enable an attacker to take over administrative servers. Azure App Services is an HTTP-based service for hosting web applications, and is available in both Microsoft...

8.8AI score0.0552EPSS
Exploits1References11
ThreatPost
ThreatPost
added 2020/02/21 1:36 p.m.120 views

ISS World Hit with Malware Attack that Shuts Down Global Computer Network

A Denmark-based global facility-management company was hit with a major cyber attack this week that shut down its worldwide computer systems for a few days and disrupted operations across its global network of employees. ISS World cut off access to shared IT services across its customer sites and...

0.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/10/01 7:22 p.m.120 views

Ransomware Attacks Leave U.S. Hospitals Turning Away Patients

A rash of ransomware attacks this week targeted hospitals in the U.S. and Australia. The cyberattacks froze the computer systems of several medical facilities, to the point where they needed to turn away new patients and even cancel surgery appointments. A ransomware attack, reported on Tuesday,...

0.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/19 12:5 p.m.120 views

Smart TVs, Subscription Services Leak Data to Facebook, Google

Smart TVs and so-called “over the top” OTT platforms are the latest IoT devices found “spying” on users and leaking sensitive data to companies such as Facebook, Amazon, Google and Netflix, according to two separate studies conducted by university researchers as well as independent research done ...

0.7AI score
Exploits0References16
ThreatPost
ThreatPost
added 2019/07/16 7:59 p.m.120 views

LenovoEMC Storage Gear Leaks Sensitive Financial Data

Researchers are warning of a vulnerability in LenovoEMC storage hardware and legacy Iomega-branded network attached storage NAS appliances that could lead to a breach of data stored on the devices. The bug, disclosed Tuesday by Lenovo, is rated high-severity and can be triggered via specially...

0.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/06/26 10:33 p.m.120 views

Google Announces DNS over HTTPS 'General Availability'

Google announced general availability of its Public DNS-over-HTTPS service Wednesday, based on the Internet Engineering Task Force’s RFC 8484 standard. The move is a culmination of three years of Google fine-tuning DNS over HTTPS, otherwise known as DoH. “Today we are announcing general...

6.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/03/26 1:54 p.m.120 views

Apple iOS 12.2 Patches 51 Serious Flaws

Apple patched 51 vulnerabilities rated serious with its iOS 12.2 update. One of the most serious bugs could allow apps to secretly listen to end users. Apple’s iOS security updates, announced Monday during its March product announcement event, are for the iPhone 5s and later, iPad Air and later a...

9.3CVSS0.5AI score0.13512EPSS
Exploits6References5
ThreatPost
ThreatPost
added 2018/09/27 4:0 p.m.120 views

Local-Privilege Escalation Flaw in Linux Kernel Allows Root Access

A local-privilege escalation vulnerability in the Linux kernel affects all current versions of Red Hat Enterprise Linux and CentOS, even in their default/minimal installations. It would allow an attacker to obtain full administrator privileges over the targeted system, and from there potentially...

7.2CVSS1.9AI score0.14806EPSS
Exploits6References4
Total number of security vulnerabilities5000