Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/03/14 1:27 p.m.110 views

Insider Threats Get Mean, Nasty and Very Personal

SAN FRANCISCO – Companies keep watchful eyes on disgruntled employees who are insider threat risks. But Code42’s CISO Jadee Hanson said distraught employees, that are particularly vulnerable to outside ploys, should be equally scrutinized. Hanson said factors such as terminal illnesses, divorce o...

6.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/03/12 4:9 p.m.110 views

Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes

A previously unknown bug in Microsoft Windows would allow an attacker to spoof Windows dialog boxes that surface when making changes to the Windows registry. This would allow an adversary to plant malware or make other nefarious changes in the registry while getting around Windows’ built-in...

1.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/02/05 2:0 p.m.110 views

Remote Desktop Protocol Clients Rife with Remote Code-Execution Flaws

UPDATE LAS VEGAS — Multiple critical vulnerabilities in the commonly used Remote Desktop Protocol RDP would allow a malicious actor to achieve remote code-execution over a client’s computer. According to Check Point research released Tuesday at the CPX360 event in Las Vegas, both open-source and...

7.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/11/02 2:2 p.m.110 views

Critical MySQL Vulnerabilities Can Lead to Server Compromise

Critical vulnerabilities in MySQL and vendor deployments by database servers MariaDB and PerconaDB have been identified that can lead to arbitrary code execution, root privilege escalation and server compromise. Dawid Golunski of Legal Hackers published details around two proof-of-concept exploit...

10CVSS1.5AI score0.6773EPSS
Exploits21References8
ThreatPost
ThreatPost
added 2013/08/13 2:28 p.m.110 views

August 2013 Microsoft Patch Tuesday Security Updates

Microsoft took less than a month to incorporate an Oracle Outside In patch and fix a critically rated remote code execution bug in Exchange Servers. The Microsoft patch is among three critical bulletins—eight overall—released today as part of its August 2013 Patch Tuesday security updates. Oracle...

9.3CVSS1.3AI score0.99945EPSS
Exploits33References11
ThreatPost
ThreatPost
added 2011/03/15 12:34 p.m.110 views

The Security of the Android Operating System

In this video, Tim Armstrong, a malware researcher at Kaspersky Lab talks with Ryan Naraine about the strengths and weaknesses of the Android operating system. Armstrong looks at strengths and weaknesses of the open-source platform and warns about the risks associated with jailbreaking/rooting...

9.3CVSS4.2AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2022/04/07 1:0 p.m.109 views

MacOS Malware: Myth vs. Truth – Podcast

Remember those ads with a sneezing guy in a suit who says he’s a PC and to stay away, he’s got that nasty virus that’s going around? “That’s OK,” says the young, hip guy in blue jeans: He’s a Mac. … as if any machine that runs code could possibly be immune to malware…? Boy, was that a stretch. Th...

8.6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/08/19 8:19 p.m.109 views

InkySquid State Actor Exploiting Known IE Bugs

The InkySquid advanced persistent threat APT group, which researchers have linked to the North Korean government, was caught launching watering hole attacks against a South Korean newspaper using known Internet Explorer vulnerabilities. New analysis from Volexity reported its team of researchers...

8.8CVSS8.9AI score0.81103EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2021/07/16 5:17 p.m.109 views

Critical Juniper Bug Allows DoS, RCE Against Carrier Networks

A critical remote code-execution vulnerability in Juniper Networks’ Steel-Belted Radius SBR Carrier Edition lays open wireless carrier and fixed operator networks to tampering. The SBR Carrier server is used by telecom carriers to manage policies for how subscribers access their networks – by...

9.8CVSS9.2AI score0.02314EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/06/25 9:31 p.m.109 views

Mercedes-Benz Customer Data Flies Out the Window

Ahh, the luxury of Mercedes-Benz cars: The high-end upholstery, plush carpeting, polished wood trim, LED mood lighting. “Even the scent signals that this vehicle is special,” as the automaker sighs. Of course, even a company like Mercedes-Benz can inadvertently fart out customer data. That’s what...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/02/22 5:51 p.m.109 views

Accellion FTA Zero-Day Attacks Tied to Clop, FIN11

Researchers have identified a set of threat actors dubbed UNC2546 and UNC2582 with connections to the FIN11 and the Clop ransomware gang as the cybercriminal group behind the global zero-day attacks on users of the Accellion legacy File Transfer Appliance product. Click to Register Multiple...

10CVSS1.1AI score0.56411EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2021/01/26 9:24 p.m.109 views

DanaBot Malware Roars Back into Relevancy

Researchers are warning that a new fourth version of the DanaBot banking trojan has surfaced after months of mysteriously going quiet. The latest variant, still under analysis by researchers, is raising concerns given the number of past DanaBot effective campaigns. From May 2018 to June 2020,...

Exploits0References8
ThreatPost
ThreatPost
added 2020/12/21 9:48 p.m.109 views

Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat

Breakups can be traumatic in all sorts of ways. Now we know they can pose a serious cybersecurity threat too. A new survey found that an alarming number of people are still accessing their exes’ accounts without their knowledge — a handful for malicious reasons. The survey conducted during Novemb...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/11/23 9:46 p.m.109 views

Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending

The U.S. Cybersecurity and Infrastructure Security Agency is warning of a zero-day bug affecting six VMware products including its Workspace One, Identity Manager and vRealize Suite Lifecycle Manager. The critical unpatched bug is a command injection vulnerability. In a separate VMware advisory,...

9.8AI score0.23771EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/11/19 9:34 p.m.109 views

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App CWA, would have allowed pre-authenticated remote code execution RCE. Researcher Alvaro Muñoz wrote in a report this week that he and his team at GitHub Security La...

7.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/11/16 8:20 p.m.109 views

Citrix SD-WAN Bugs Allow Remote Code Execution

Three security bugs in the Citrix software-defined SD-WAN platform would allow remote code-execution and network takeover, according to researchers. The flaws affect the Citrix SD-WAN Center in versions before 11.2.2, 11.1.2b and 10.2.8. They consist of an unauthenticated path traversal and shell...

1.4AI score0.11084EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2020/10/09 6:58 p.m.109 views

Fitbit Spyware Steals Personal Data via Watch Face

A wide-open app-building API would allow an attacker to build a malicious application that could access Fitbit user data, and send it to any server. Kev Breen, director of cyber threat research for Immersive Labs, created a proof-of-concept for just that scenario, after realizing that Fitbit...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/09/24 8:21 p.m.109 views

Cisco Patch-Palooza Tackles 29 High-Severity Bugs

Cisco Systems released a barrage of patches, Thursday, aimed at fixing bugs in the networking giant’s ubiquitous IOS operating system. The patches plug holes in a wide range of products and address denial-of-service, file overwrite and input validation attacks. The advisory was planned and part o...

7.8CVSS1.7AI score0.0193EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2020/09/15 11:47 a.m.109 views

MFA Bypass Bugs Opened Microsoft 365 to Attack

Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint. The flaws exist in the implementation o...

0.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/03/18 9:22 p.m.109 views

WordPress, Apache Struts Attract the Most Bug Exploits

WordPress and Apache Struts vulnerabilities were the most-targeted by cybercriminals in web and application frameworks in 2019 – while input-validation bugs edged out cross-site scripting XSS as the most-weaponized weakness type. That’s according to the RiskSense Spotlight Report, which analyzed...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/06 5:13 p.m.109 views

DeathRansom Campaign Linked to Malware Cornucopia

An ongoing DeathRansom malware campaign has been found by researchers to be part of a larger collection of malicious offensives, all carried out by an actor going by the nickname “scat01.” According to Artem Semenchenko and Evgeny Ananin at FortiGuard Labs, evidence found on Russian underground...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/20 12:25 p.m.109 views

Mattress Company Leaks Data Records of 387K Customers

A Wisconsin mattress company leaked the records of 387,000 customers online in a database that lacked password protection, a security researcher has found. The incident once again demonstrates the potential security consequences of failing to take even the simplest security measures to protect...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/07/31 6:50 p.m.109 views

Honda's Security 'Soft Spots' Exposed in Unsecured Database

An unsecured database belonging to Honda Motor Company was found leaking crucial information about its global systems, including which devices aren’t up-to-date or protected by security solutions. The exposed ElasticSearch database contained approximately 134 million documents, and amounted to...

6.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/06/03 7:42 p.m.109 views

Tap 'n Ghost Attack Creatively Targets Android Devices

Researchers have created a novel proof-of-concept PoC attack named Tap ‘n Ghost, which targets Near Field Communication NFC-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing their handset on a specially crafted surfac...

0.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/05/03 2:36 p.m.109 views

Multiple Sierra Wireless AirLink Routers Open to Remote Code Execution

Sierra Wireless is warning that additional AirLink router models, which are targeted toward IoT applications, are vulnerable to previously-disclosed critical flaws. The vulnerabilities are part of the 11 critical bugs disclosed on Sierra Wireless’ AirLink ES450 LTE router last week – only now,...

9.3CVSS2.8AI score0.27851EPSS
Exploits21References13
ThreatPost
ThreatPost
added 2019/04/18 1:4 p.m.109 views

Cisco Patches Critical Flaw In ASR 9000 Routers

Cisco has rushed out patches for a critical vulnerability in its ASR 9000 routers that could give remote, unauthenticated attackers access to the devices – as well as the power to launch denial-of-service DoS attacks against them. The flaw is specifically in Cisco Aggregation Services Routers ASR...

10CVSS2.3AI score0.98975EPSS
Exploits13References8
ThreatPost
ThreatPost
added 2019/03/07 12:53 p.m.109 views

RSA Conference 2019: NIST's Privacy Framework Starts to Take Shape

Data privacy has been thrust into the limelight with the passage of the General Data Protection Regulation in Europe last year and a string of high-profile consumer privacy snafus. The National Institute of Standards and Technology has plans to help companies address data privacy with the...

6.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/05 5:2 a.m.109 views

BSides SF 2019: Remote-Root Bug in Logitech Harmony Hub Patched and Explained

SAN FRANCISCO – Users of Logitech’s Harmony Hub have been wide open to an attack for years because of four unpatched vulnerabilities that left any IoT device connected at risk to remote takeover. The bugs were patched by Logitech in November, but for the first time the researchers that discovered...

9.3CVSS9.6AI score0.03699EPSS
Exploits3References12
ThreatPost
ThreatPost
added 2019/03/04 2:0 p.m.109 views

RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions

SAN FRANCISCO – Much has been made of the cybersecurity workforce gap, and it appears to be a persistent issue: A full 69 percent of respondents in a recent survey said that they have cybersecurity teams that are understaffed. According to ISACA’s State of Cybersecurity 2019 survey, released at t...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2012/03/13 7:8 p.m.109 views

Microsoft Adds New Exploit Mitigations to IE 10

Windows 8 is still off on the horizon somewhere, but the new version of Internet Explorer that’s coming with it–IE 10–already is in consumer preview and it includes some major changes to the exploit mitigations. In addition to the existing implementations of ASLR, DEP and others technologies in...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/03/01 4:55 p.m.108 views

Ukraine Hit with Novel ‘FoxBlade’ Trojan Hours Before Invasion

“As tanks rolled into Ukraine, so did malware,” summarized humanitarian author Andreas Harsono, referring to the novel malware that Microsoft has named FoxBlade. On Monday, the company reported that its Threat Intelligence Center MSTIC had detected cyberattacks launched against Ukraine’s digital...

6.5AI score
Exploits0References24
ThreatPost
ThreatPost
added 2021/10/05 8:1 p.m.108 views

Apache Web Server Zero-Day Actively Exploited, Exposes Sensitive Data

Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server, which was first reported to the project last week. The vulnerability is under active exploitation in the wild, it said, and could allow attackers to access sensitive information. According to a securit...

9.8CVSS8.5AI score0.99992EPSS
Exploits149References4
ThreatPost
ThreatPost
added 2021/05/26 7:45 p.m.108 views

VMware Sounds Ransomware Alarm Over Critical Severity Bug

VMware patched a critical bug impacting its vCenter Server platform with a severity rating of 9.8 out of 10. The company said the flaw could allow a remote attacker to exploit its products and take control of a company’s affected system. VMware went a step further on Tuesday, calling on IT securi...

10CVSS10AI score0.99999EPSS
Exploits13References11
ThreatPost
ThreatPost
added 2020/03/12 2:20 p.m.108 views

$100K Paid Out for Google Cloud Shell Root Compromise

Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...

0.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/02/25 6:34 p.m.108 views

Google Patches Chrome Browser Zero-Day Bug, Under Attack

Google said Monday it has patched a Chrome web browser zero-day bug being actively exploited in the wild. The flaw affects versions of Chrome running on the Windows, macOS and Linux platforms. The zero-day vulnerability, tracked as CVE-2020-6418, is a type of confusion bug and has a severity rati...

6.8CVSS1.9AI score0.78808EPSS
Exploits6References4
ThreatPost
ThreatPost
added 2020/02/05 4:0 p.m.108 views

Critical Cisco ‘CDPwn’ Flaws Affect Millions of Devices

Cisco is issuing patches for five critical vulnerabilities that have been discovered in Cisco Discovery Protocol CDP, the info-sharing layer that maps all Cisco equipment on a network. Researchers at Armis say that the vulnerabilities, which they disclosed on Wednesday and collectively dubbed...

8.3CVSS8.9AI score0.26869EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/30 2:0 p.m.108 views

Mean Time to Hardening: The Next-Gen Security Metric

On average, it takes an organization 15 times longer to close a vulnerability than it does for attackers to weaponize and exploit one. Seven days to weaponize and 102 days to patch. Let that sink in. Once a vulnerability is disclosed, it’s you against them in a race to either secure or exploit; a...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/09/25 4:28 p.m.108 views

Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS

An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored cross-site scripting XSS attacks. Sites running the plugin are vulnerable to unauthenticated plugin option updates, which can be used to deliver malware payloads; and...

8.8AI score0.62119EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2019/06/26 7:33 p.m.108 views

Iran-linked APT33 Shakes Up Cyberespionage Tactics

Following a recent report detailing APT33’s infrastructure and tactics, the Iranian state-sponsored threat actor shook up its cyberespionage efforts by adopting new tools and reassigning key domain infrastructure. The infrastructure overhaul stems from a March 2019 Symantec report exposing the...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/05/08 5:14 p.m.108 views

Lax Telco Security Allows Mobile Phone Hijacking and Redirects

As anyone who has called into a bank or utility provider lately knows, security for customer service routines – the prescribed ways in which support reps verify the identity of customers that call in – are being continually upgraded. Two-factor authentication, voice passwords, various security...

7.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/05/07 5:52 p.m.108 views

Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak

Hacking tools allegedly developed by the National Security Agency NSA were being used in the wild by at least one APT long before the Shadow Brokers released the now-infamous trove of U.S. cyberweapons, new analysis suggests. According to researchers at Symantec, an attack group affiliated with t...

9.3CVSS0.1AI score0.93307EPSS
Exploits47References13
ThreatPost
ThreatPost
added 2019/03/19 9:43 p.m.108 views

Host of Flaws Found in CUJO Smart Firewall

Multiple vulnerabilities have been uncovered in the CUJO Smart Firewall, which is a security hardware device aimed at protecting home networks against malware, phishing websites and hacking attempts. CUJO is widely available, including on Amazon where it has racked up 1,000+ customer reviews. The...

10CVSS0.5AI score0.02669EPSS
Exploits4References7
ThreatPost
ThreatPost
added 2018/11/08 4:39 p.m.108 views

Cisco Accidentally Released Dirty CoW Exploit Code in Software

Cisco Systems revealed in a security bulletin Wednesday that it “inadvertently” shipped in-house exploit code that was used in security tests of scripts as part of its TelePresence Video Communication Server and Expressway Series software. The code exploits the Dirty Cow vulnerability...

10CVSS1.2AI score0.9947EPSS
Exploits136References4
ThreatPost
ThreatPost
added 2014/10/15 2:58 p.m.108 views

Firms Detail Zero Days Targeting Windows Kernel

After they were patched in yesterday’s round of Patch Tuesday security bulletins, security firms have begun to peel back the layers on two zero-day vulnerabilities that are being used in limited, targeted attacks against Microsoft’s Windows Kernel. According to FireEye, one of the firms that...

9.3CVSS1.1AI score0.87042EPSS
Exploits44References5
ThreatPost
ThreatPost
added 2013/11/01 2:7 p.m.108 views

Windows XP End of Life a Security Milestone

Forget for a moment the impending cryptoapocalypse because of aging and/or subverted encryption standards and algorithms. Microsoft this week put out the word on the scourge that is Windows XP. The latest Microsoft Security Intelligence Report goes to great pains to encourage users to move off th...

9.3CVSS0.8AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2012/08/20 7:11 p.m.108 views

Microsoft Warns Users About ChapCrack Tool Availability

Microsoft is warning customers about the availability of the ChapCrack tool that Moxie Marlinspike built to crack the VPN credentials for systems built on MS-CHAPv2 protocol. The company said that while it’s not aware of any active attacks using the tool, customers can protect themselves by...

9.3CVSS2.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2021/12/08 8:13 p.m.107 views

Moobot Botnet Chews Up Hikvision Surveillance Systems

Although a patch was released in September, any still-vulnerable Hikvision IP Network Video Recorder NVR products are being actively targeted by the Mirai-based botnet known as Moobot. FortiGuard Labs has released a report detailing how the Moobot botnet is leveraging a known remote code executio...

9.8CVSS9AI score0.99869EPSS
Exploits23References17
ThreatPost
ThreatPost
added 2021/09/22 4:17 p.m.107 views

VMware Warns of Ransomware-Friendly Bug in vCenter Server

VMware has released a security update that includes patches for 19 CVE-numbered vulnerabilities that affect the company’s vCenter Server virtualization management platform and its hybrid Cloud Foundation platform for managing VMs and orchestrating containers. They’re all serious, but one –...

9.8CVSS9.8AI score0.99999EPSS
Exploits11References21
ThreatPost
ThreatPost
added 2020/11/10 8:59 p.m.107 views

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs

A massive Intel security update this month addresses flaws across a myriad of products – most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges. These critical flaws exist in products related to Wireless Bluetooth – including...

8.2AI score0.01727EPSS
Exploits0References28
ThreatPost
ThreatPost
added 2020/04/17 7:37 p.m.107 views

Attacks on Linksys Routers Trigger Mass Password Reset

UPDATE Home Linksys router users were targeted in a cyberattack that changed router settings, and redirected requests for specific webpages and domains to malicious Coronavirus-themed landing pages that were booby-trapped with malware. Researchers identified the attack last month, and earlier thi...

7AI score
Exploits0References7
Total number of security vulnerabilities5000