Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2018/11/05 4:59 p.m.632 views

Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections

Midterm elections are being held across the country Tuesday which means millions will be paying close attention to wins and losses. But, for cybersecurity experts, such as Tom Kellermann, the focus will be on voting irregularities. Tom Kellermann Kellermann is chief cybersecurity officer for Carb...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/11/05 4:51 p.m.632 views

Passwords: Here to Stay, Despite Smart Alternatives?

The lowly password is much-maligned as being the weakest link in any company’s security defenses. That’s for good reason: It’s a fact that password reuse, a lack of strong passwords, a failure to change them on a regular basis and other human errors plague the efficacy of this de facto standard f...

7.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2018/11/02 4:50 p.m.631 views

Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild

Attackers are actively exploiting a zero-day vulnerability in certain Cisco security products, to cause a denial-of-service DoS condition. The as-yet-unpatched flaw CVE-2018-15454 has an 8.6 CVSS score and is rated high-severity. It exists in the Session Initiation Protocol SIP inspection engine ...

7.8CVSS0.7AI score0.04381EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/08/11 9:12 p.m.630 views

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Two Microsoft vulnerabilities are under active attack, according the software giant’s August Patch Tuesday Security Updates. Patches for the flaws are available for the bugs, bringing this month’s total number of vulnerabilities to 120. One of the flaws being exploited in the wild is CVE-2020-146...

9.3CVSS8.5AI score0.99512EPSS
Exploits76References15
ThreatPost
ThreatPost
added 2018/10/26 3:42 p.m.630 views

British Airways Data Breach Takes Off Again with 185K More Victims

British Airways said that the data breach it first reported in September is larger than previously thought. It has added an additional 185,000 victims to the official tally. The airline said that hackers may have stolen personal data connected to an additional 77,000 payment cards, including name...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/06/30 4:2 p.m.624 views

PoC Exploit Circulating for Critical Windows Print Spooler Bug

UPDATE A proof-of-concept for a critical Windows security vulnerability that allows remote code execution RCE was dropped on GitHub on Tuesday – and while it was taken back down within a few hours, the code was copied and is still out there circulating on the platform. The bug CVE-2021-1675 exist...

9.3CVSS9.6AI score0.86132EPSS
Exploits80References13
ThreatPost
ThreatPost
added 2018/11/05 8:27 p.m.618 views

Online Radio Stations at Risk from Icecast Flaw

A vulnerability in Icecast, an open-source streaming media server used by online radio stations to broadcast their content, could be used to knock a station off-air. It also could potentially allow remote code-execution. Icecast is maintained by the Xiph.org Foundation, and it supports tens of...

6.8CVSS8.1AI score0.48944EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/03/09 10:12 p.m.616 views

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs

Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall. Included in the slew are 14 critical flaws and 75 important-severity flaws. Microsoft also included five previously disclosed vulnerabilities, which are being actively...

7.5CVSS9.8AI score0.99999EPSS
Exploits66References19
ThreatPost
ThreatPost
added 2018/10/26 3:36 p.m.614 views

DemonBot Fans DDoS Flames with Hadoop Enslavement

A Linux-based DDoS botnet dubbed DemonBot has been found enslaving Hadoop frameworks, using a vulnerability in Hadoop’s resource management tool to infect cloud servers with the botnet malware. Hadoop is a popular open-source framework, usually deployed in cloud environments, that organizations c...

7.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/08/11 6:4 p.m.606 views

Critical Adobe Acrobat and Reader Bugs Allow RCE

Adobe has plugged 11 critical security holes in Acrobat and Reader, which if exploited could allow attackers to remotely execute code or sidestep security features in the app. As part of its regularly scheduled security updates, Tuesday, Adobe fixed critical- and important-severity flaws tied to ...

9.3CVSS0.4AI score0.48441EPSS
Exploits4References9
ThreatPost
ThreatPost
added 2014/09/18 11:43 a.m.606 views

New Initiative Simply Secure Aims to Make Security Tools Easier to Use

The dramatic revelations of large-scale government surveillance and deep penetration of the Internet by intelligence services and other adversaries have increased the interest of the general public in tools such as encryption software, anonymity services and others that previously were mainly of...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/11/04 4:17 p.m.595 views

VMware Issues Updated Fix For Critical ESXi Flaw

VMware issued an updated fix for a critical-severity remote code execution flaw in its ESXi hypervisor products. Wednesday’s VMware advisory said updated patch versions were available after it was discovered the previous patch, released Oct. 20, did not completely address the vulnerability. That’...

10CVSS0.8AI score0.9927EPSS
Exploits11References7
ThreatPost
ThreatPost
added 2020/06/01 4:7 p.m.591 views

Apple Pays $100K Bounty for Critical 'Sign in With Apple' Flaw

A researcher recently found a critical Apple vulnerability that, if exploited, could enable remote attackers to abuse the “Sign in with Apple” feature to take over victims’ third-party application accounts. The security researcher, Bhavuk Jain, reported the flaw to Apple via its bug bounty progra...

8.6AI score0.26869EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2018/10/22 2:41 p.m.591 views

Critical RCE Bug Impacts Streaming Server Libraries: VLC, MPLayer Not Impacted

A critical remote code-execution bug has been found in the popular Live Networks LIVE555’s streaming media RTSPServer. The vulnerability could allow an attacker to send a specially crafted packet to vulnerable systems and trigger a stack-based buffer overflow, according to researchers at Cisco...

7.5CVSS1.3AI score0.09487EPSS
Exploits3References4
ThreatPost
ThreatPost
added 2018/11/07 3:33 p.m.588 views

WordPress Flaw Opens Millions of WooCommerce Shops to Takeover

Up to 4 million online merchants who use the popular WooCommerce WordPress plugin are vulnerable to a file deletion vulnerability that could allow a rogue “shop manager” to escalate privileges and eventually execute remote code on impacted websites. Researchers at RIPS Technologies trace the bug ...

0.8AI score0.9947EPSS
Exploits54References5
ThreatPost
ThreatPost
added 2018/11/02 8:39 p.m.583 views

Facebook Blames Malicious Extensions in Breach of 81K Private Messages

Hackers have published what they claim are private messages from at least 81,000 Facebook accounts – and they say the trove contains a fraction of the details they have from a larger cadre of 120 million accounts. In an English-language Dark Web advertisement now taken down, the perpetrators...

0.6AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/03/03 3:30 p.m.572 views

Microsoft Exchange 0-Day Attackers Spy on U.S. Targets

Microsoft has spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server. Adversaries have been able to access email accounts, steal a raft of data and drop malware on target machines for long-term remote access, according to the computin...

10AI score0.99999EPSS
Exploits66References8
ThreatPost
ThreatPost
added 2018/10/24 8:4 p.m.572 views

Windows ‘Deletebug’ Zero-Day Allows Privilege Escalation, Destruction

A proof-of-concept exploit for a Windows zero-day that works on fully patched Windows 10 machines has been released by a security researcher. It allows an attacker to delete any kind of file on a victim machine, including system data. The flaw no CVE has been assigned since it was just exposed on...

0.3AI score
Exploits0References14
ThreatPost
ThreatPost
added 2018/10/23 8:54 p.m.570 views

City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate

The city of West Haven, Conn. made the hard choice to pay cyberattackers a $2,000 ransom after being hit with malware that ground their operations to a halt. West Haven said that its City Hall offices were the victim of a ransomware attack, which the U.S. Department of Homeland Security determine...

6.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/23 4:0 p.m.569 views

StrongPity APT Changes Tactics to Stay Stealthy

The APT group behind the sophisticated malware known as StrongPity a.k.a. Promethium has changed its tactics, after various research groups analyzed the malware and exposed its methods of deployment. The efforts have allowed the group to return to hidden status, even after being labeled a known...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/06/10 8:7 p.m.567 views

Chrome Browser Bug Under Active Attack

Google is warning that a bug in its Chrome web browser is actively under attack, and it is urging users to upgrade to the latest 91.0.4472.101 version to mitigate the issue. In all, Google rolled out fixes for 14 bugs impacting its Windows, Mac and Linux browsers as part of its June update to the...

9.3CVSS8.8AI score0.71536EPSS
Exploits5References9
ThreatPost
ThreatPost
added 2020/06/16 4:22 p.m.567 views

'Ripple20' Bugs Impact Hundreds of Millions of Connected Devices

A series of 19 different vulnerabilities, four of them critical, are affecting hundreds of millions of internet of things IoT and industrial-control devices. The issue is based in the supply chain and code reuse, with the bugs affecting a TCP/IP software library developed by Treck that many...

10CVSS0.1AI score0.36965EPSS
Exploits9References7
ThreatPost
ThreatPost
added 2018/11/19 4:20 p.m.567 views

Cryptojacking Attack Targets Make-A-Wish Foundation Website

Hackers have been stealing CPU-cycles from visitors to the Make-A-Wish Foundation’s international website in order to mine for Monero cryptocurrency. Researchers said they found the CoinIMP mining script embedded in the non-profit’s website, and that it was taking advantage of the Drupalgeddon 2...

7.5CVSS9.9AI score0.99993EPSS
Exploits46References6
ThreatPost
ThreatPost
added 2020/06/17 10:12 p.m.565 views

AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit

Advanced malware, dubbed AcidBox, has been identified by researchers who say a mysterious cybergang used it twice against Russian organizations as far back as 2017. In a report released Wednesday, Palo Alto Networks’ Unit 42 sheds new light onto attacks against the popular open-source...

7.2CVSS9.1AI score0.26869EPSS
Exploits8References7
ThreatPost
ThreatPost
added 2020/03/06 4:53 p.m.565 views

Critical Zoho Zero-Day Flaw Disclosed

UPDATE A zero-day vulnerability has been disclosed in the IT help desk ManageEngine software made by Zoho Corp. The serious vulnerability enables an unauthenticated, remote attacker to launch attacks on affected systems. Zoho has now released a security update addressing the vulnerability. As of...

10CVSS9.6AI score0.99941EPSS
Exploits81References16
ThreatPost
ThreatPost
added 2022/02/16 3:59 p.m.563 views

Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers

VMware has issued a critical security update to address issues in its ESXi, Fusion and Workstation products, including VMware Cloud Foundation versions. Exploitation could give attackers access to workloads inside organizations’ virtual environments. The bugs have a range of 5.3 to 8.4 out of 10 ...

7.8CVSS9AI score0.0228EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2019/07/17 8:55 p.m.563 views

Wormable BlueKeep Bug Still Threatens Legions of Windows Systems

For the past two months, security researchers have been sounding the alarm about BlueKeep, a critical remote code-execution vulnerability in Microsoft Windows that researchers said could lead to a “mega-worm” global infection. As of July 2, approximately 805,665 systems remain online that are...

10CVSS10AI score0.99999EPSS
Exploits123References9
ThreatPost
ThreatPost
added 2018/11/01 9:31 p.m.563 views

GDPR’s First 150 Days Impact on the U.S.

Apple CEO Tim Cook publicly entered the data privacy fray earlier this month, praising the European Union’s General Data Protection Regulation GDPR. At the International Conference of Data Protection and Privacy Commissioners Conference ICDPPC, Cook advocated for GDPR rules to have a far-reaching...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2018/11/06 9:53 p.m.561 views

HSBC Data Breach Hits Online Banking Customers

International banking giant HSBC has reported that it was breached in October, as a result of a credential-stuffing attack. In a notice PDF filed with the state of California, the bank said that it became aware of some online accounts being accessed by unauthorized users between October 4 and 14...

1.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/11/06 7:51 p.m.561 views

ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers

As National Fraud Day approaches Nov. 11, it remains clear that more consumer education is required when it comes to thwarting scammers and identity thieves. Despite almost half of U.S. consumers 49 percent believing their security habits make them vulnerable to information fraud or identity thef...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/09/23 9:5 p.m.559 views

Zerologon Patches Roll Out Beyond Microsoft

UPDATE The “perfect” Windows vulnerability known as the Zerologon bug is getting a patch assist from two non-Microsoft sources, as they strive to fill in the gaps that the official fix doesn’t address. They roll out as Microsoft announced that it is tracking active exploitation in the wild. “We...

9.3CVSS8.2AI score0.99512EPSS
Exploits75References10
ThreatPost
ThreatPost
added 2018/10/24 4:32 p.m.559 views

sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting

A new PowerShell downloader dubbed sLoad is making the rounds, sporting impressive reconnaissance tactics and a penchant for geofencing, which indicate increasing sophistication when it comes to targeting efforts. First spotted in May 2018, sLoad typically delivers the Ramnit banking trojan but h...

0.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/05/28 2:39 p.m.551 views

One Million Devices Open to Wormable Microsoft BlueKeep Flaw

One million devices are still vulnerable to BlueKeep, a critical Microsoft bug with “wormable” capabilities, almost two weeks after a patch was released. The flaw CVE-2019-0708 was fixed during Microsoft’s May Patch Tuesday Security Bulletin earlier this month. System administrators were urged to...

10CVSS1.2AI score0.99999EPSS
Exploits123References18
ThreatPost
ThreatPost
added 2021/05/25 2:57 p.m.550 views

Pulse Secure VPNs Get Quick Fix for Critical RCE

Pulse Secure has issued a workaround for a critical remote-code execution RCE vulnerability in its Pulse Connect Secure PCS VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure’s parent company, Ivanti, issued an out-of-band advisory...

10CVSS10AI score0.99999EPSS
Exploits22References14
ThreatPost
ThreatPost
added 2020/08/06 9:29 p.m.550 views

Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs

The Mercedes-Benz E-Class went to market riddled with 19 vulnerabilities, which, among other things, could enable attackers to remotely unlock the car door and start its engine. Researchers say the flaws, detailed at Black Hat USA on Thursday, potentially impacted over 2 million Mercedes-Benz...

0.2AI score0.0552EPSS
Exploits7References9
ThreatPost
ThreatPost
added 2022/02/09 2:0 p.m.546 views

Ex-Gumshoe Nabs Cybercrooks with FBI Tactics

Crooks are crooks, right? Whatever motivates serial violent offenders doesn’t switch off when they stop mugging people and instead pick up a keyboard to transform into cyber actors who craft cyber threats. At least, that was the thinking behind the 2012 creation of the FBI’s Cyber Behavioral...

8.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2018/10/25 3:27 p.m.544 views

Pentagon Expands Bug-Bounty Program to Include Physical Systems

The Department of Defense is expanding its “Hack the Pentagon” bug-bounty program to include hardware assets, tapping the Synack, HackerOne and Bugcrowd platforms to attract more white hats to the effort. The news comes two weeks after the Government Accountability Office GAO released a report...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/11/07 6:26 p.m.543 views

Program Looks to Tap Military Vets for Cyber-Jobs

Cisco Talos, NetApp and Maryland’s state government announced an initiative to help military veterans in that state transition into civilian positions in cybersecurity. The hope is that it will address twin goals: To help the hundreds of thousands of discharged veterans flowing into the workplace...

0.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/24 8:17 p.m.543 views

Magecart Cybergang Targets 0days in Third-Party Magento Extensions

Criminals behind the Magecart gang have shifted tactics, and are now targeting nearly two dozen unpatched vulnerabilities found in third-party plugins used in the Magento e-commerce platform. Previously, the Magecart cybergang had focused on the core of Magento, using attack strategies such as...

Exploits0References6
ThreatPost
ThreatPost
added 2018/11/01 4:37 p.m.542 views

Utilities, Energy Sector Attacked Mainly Via IT, Not ICS

While industrial control systems ICS are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report o...

2.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/11/02 3:16 p.m.538 views

ThreatList: Fewer Big DDoS Attacks in Q3, Overall Rate Holds Steady

When it comes to distributed denial of service DDoS attacks, the third quarter of 2018 marked an apparent lull in the action, with fewer huge, multi-day attacks than in previous quarters. Researchers however warn against having a false sense of security: The total number of attacks in the quarter...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2018/10/25 3:32 p.m.536 views

UK Slaps Facebook with $645K Fine Over Cambridge Analytica Scandal

The UK has fined Facebook $645,000 over Cambridge Analytica’s data harvesting practices, which exploited the data of 87 million users of the social network. That represents a gnat bite for the tech giant, which generated $5.1 billion in net profit in the second quarter of the year. However, the...

1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/10/23 2:58 p.m.535 views

ThreatList: 3 Out of 4 Employees Pose a Security Risk to Businesses

While much is always made of external hackers, insider threats remain a problem at more organizations. A full 75 percent of professionals pose a moderate or severe risk to their company’s data, according to a recent survey. MediaPRO’s third-annual State of Privacy and Security Awareness Report...

6.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2018/10/22 3:52 p.m.534 views

The Danger and Opportunity in 5G Connectivity and IoT

There is a lot of buzz building over fifth-generation mobile networks 5G and how they will revolutionize the fast-growing numbers of internet-connected devices — but what about security? What makes 5G so closely tied to billions of Internet of Things IoT devices is its speed 5G is expected to be ...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/11/06 4:8 p.m.533 views

Samsung, Crucial’s Flawed Storage Drive Encryption Leaves Data Exposed

Self-encrypting solid-state storage drives from Samsung and Crucial are open to tampering that would allow an attacker with physical access to harvest their data without knowing the user’s password, researchers have discovered. Researchers at Radboud University in the Netherlands found that it’s...

1.9CVSS0.4AI score0.0063EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/24 4:18 p.m.530 views

ThreatList: Ransomware, EKs and Trojans lead the Way in Q3 Malware Trends

When it comes to malware activity, businesses took a big hit in the third quarter, with detection trending upward by a whopping 55 percent, according to new research. Consumers saw an uptick too, but only a modest one: volume was up just 4 percent quarter-over-quarter for this segment. Overall,...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/08/09 7:41 p.m.527 views

Auth Bypass Bug Exploited, Millions of Routers Affected

An authentication-bypass vulnerability affecting multiple routers and internet-of-things IoT devices is being actively exploited in the wild, according to researchers. The security flaw, tracked as CVE-2021-20090, was disclosed last week by researchers at Tenable. It affects devices from 20...

10CVSS9.1AI score0.99999EPSS
Exploits17References8
ThreatPost
ThreatPost
added 2021/07/16 9:7 p.m.527 views

Top CVEs Trending with Cybercriminals

Criminal small talk in underground forums offer critical clues about which known Common Vulnerabilities and Exposures CVEs threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for. An analysis of such chatter, by Cognyte, examined 15 cybercrime forums...

10CVSS9.3AI score0.99999EPSS
Exploits491References15
ThreatPost
ThreatPost
added 2020/03/11 1:0 p.m.527 views

The Ultimate Security Budget Excel Template

Sound security budget planning and execution are essential for the CIO’s/CISO’s success. Now, for the first time, The Ultimate Security Budget Plan & Track Excel template download here provides security executives a clear and intuitive tool to keep track of planned vs. actual spend, ensuring that...

0.3AI score0.08469EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2018/10/29 4:13 p.m.527 views

X.Org Flaw Allows Privilege Escalation in Linux Systems

A local privilege-escalation and file-overwrite vulnerability in X.Org X server opens the door to trivial compromise in Linux systems that use the open-source software. The X server is a core graphics and windowing technology that can be found in most Linux and BSD distributions that use a...

7.2CVSS2.2AI score0.2704EPSS
Exploits39References14
Total number of security vulnerabilities5000