Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/09/25 1:0 p.m.107 views

What You Need to Know About Next Gen EDR

Endpoint Detection & Response EDR is the main mode of cybersecurity utilized by many organizations. Already recognized in 2012 as its own category, EDR was pushed as the ideal response to the rapidly changing threatscape that until then had been dealt with though not so successfully primarily...

Exploits0References5
ThreatPost
ThreatPost
added 2019/09/20 1:54 p.m.107 views

News Wrap: Emotet's Return, U.S. Vs. Snowden, Physical Pen Testers Arrested

From the re-emergence of an infamous malware, to a new lawsuit against Edward Snowden, Threatpost editors Lindsey O’Donnell and Tara Seals break down this week’s top news. Top stories include: Emotet, the notorious banking trojan, is back after a summer hiatus. The U.S. sued Edward Snowden over h...

6.9AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/08/11 6:0 p.m.107 views

DEF CON 2019: Picture Perfect Hack of a Canon EOS 80D DSLR

LAS VEGAS – Multiple vulnerabilities in Canon’s DSLR camera firmware could allow an attacker to plant malware on devices and ransom images from users. The bugs, outlined in a session here at DEF CON, open the door to a range of hacks via a Wi-Fi network or a PC’s USB connection to a camera. Eyal...

8.3CVSS0.02559EPSS
Exploits6References5
ThreatPost
ThreatPost
added 2019/07/02 3:22 p.m.107 views

Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

Never-before-seen Mac malware, dubbed OSX/CrescentCore, has been discovered in the wild. The trojan, spotted on various websites masquerading as an Adobe Flash Player installer, drops malicious applications and browser extensions on victims’ systems when downloaded. OSX/CrescentCore is spread via...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/06/26 2:13 p.m.107 views

Second Florida City Pays Hackers $500k Post-Ransomware Attack

UPDATE A city in Florida has paid hackers almost $500,000 after suffering a ransomware attack that locked down its email systems and servers – only the latest municipality to be hit by ransomware and pay the ransom. The Florida municipality, Lake City, has a population of 12,046 and is located in...

1.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/11 5:19 p.m.107 views

Users Urged to Uninstall WordPress Yuzo Plugin After Flaw Exploited

UPDATE Users of the popular Yuzo Related Posts plugin are being urged to uninstall the plugin after a flaw was discovered being exploited in the wild – putting tens of thousands of websites at risk. Yuzo Related Posts, which enables WordPress websites to display “related posts” segments, is...

7.5CVSS10AI score0.9927EPSS
Exploits45References10
ThreatPost
ThreatPost
added 2019/03/25 3:0 p.m.107 views

FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors

The Federal Emergency Management Agency exposed the personal identifiable information of 2.3 million survivors of hurricanes Harvey, Irma and Maria and the California wildfires in 2017, by oversharing survivor data with a contractor when it wasn’t necessary. Worse, the contractor’s networks has...

1.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/03/15 3:46 p.m.107 views

Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection

UPDATE Fujitsu is stopping sales for its popular wireless keyboard after a researcher discovered it is vulnerable to keystroke injection attacks that could allow an adversary to take control of a victim’s system. Researchers with Germany-based SySS reported on Friday that the high-severity...

7.3CVSS0.01224EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2018/11/08 4:39 p.m.107 views

Cisco Accidentally Released Dirty CoW Exploit Code in Software

Cisco Systems revealed in a security bulletin Wednesday that it “inadvertently” shipped in-house exploit code that was used in security tests of scripts as part of its TelePresence Video Communication Server and Expressway Series software. The code exploits the Dirty Cow vulnerability...

10CVSS1.2AI score0.9947EPSS
Exploits135References4
ThreatPost
ThreatPost
added 2014/10/29 2:56 p.m.107 views

Microsoft Plans to Disable SSLv3 in IE, All Online Services

Microsoft is planning to disable support for the weak SSLv3 protocol in Internet Explorer at some undetermined point in the future, and also will remove support for it in the company’s online services soon. The security and utility of SSLv3 has been an issue for a long time, but it came into...

9.3CVSS1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2012/03/15 8:33 p.m.107 views

Ryan Naraine on Exploit Mitigations and the MS12-020 RDP Bug

Dennis Fisher talks with Ryan Naraine about whether exploit mitigations such as ASLR and DEP really make any difference in preventing browser attacks and the seriousness of the MS12-020 RDP vulnerability that was patched during March’s Patch Tuesday release. Podcast audio courtesy of sykboy65...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2012/01/10 7:31 p.m.107 views

Microsoft Fixes BEAST SSL Bug in January Patch Tuesday

Microsoft on Tuesday patched the vulnerability in Windows that was exploited by the BEAST SSL attack tool developed by Juliano Rizzo and Thai Duong last year. The patch is one of several rated important that was issued by Microsoft in January’s Patch Tuesday release, and there also was a critical...

9.3CVSS0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2010/11/04 9:58 p.m.107 views

Microsoft To Patch Critical Office Flaw

Microsoft will use its monthly patch to fix a critical security hole in versions of its Microsoft Office suit that could allow attackers to run malicious code on vulnerable systems. The company announced details of its upcoming monthly patch for November on Thursday. This months patch also includ...

9.3CVSS1AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2009/11/19 9:17 p.m.107 views

MS Denies Windows 7 Backdoor Allegations

Microsoft today denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency NSA official testified before Congress that the agency had worked on the operating system. “Microsoft has not and will not put ‘backdoors’ into Windows,” a...

9.3CVSS4.6AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/04/15 5:34 p.m.106 views

Karakurt Ensnares Conti, Diavol Ransomware Groups in Its Web

Researchers have found financial and technological links between the Karakurt cybercriminal group and two high-profile ransomware actors that signal a shift in business operations and an expansion of opportunities for the threat actors to target victims, they said. Karakurt—a financially motivate...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/09/22 4:17 p.m.106 views

VMware Warns of Ransomware-Friendly Bug in vCenter Server

VMware has released a security update that includes patches for 19 CVE-numbered vulnerabilities that affect the company’s vCenter Server virtualization management platform and its hybrid Cloud Foundation platform for managing VMs and orchestrating containers. They’re all serious, but one –...

9.8CVSS9.8AI score0.99999EPSS
Exploits11References21
ThreatPost
ThreatPost
added 2021/04/27 11:45 a.m.106 views

Apple Patches Zero-Day MacOS Bypass Bug

Apple patched a zero-day vulnerability in its MacOS that can bypass critical anti-malware capabilities and which a variant of the notorious Mac threat Shlayer adware dropper already has been exploiting for several months. Security researcher Cedric Owens first discovered the vulnerability, tracke...

6.2AI score0.68531EPSS
Exploits5References17
ThreatPost
ThreatPost
added 2021/01/28 6:1 p.m.106 views

Utah Ponders Making Online ‘Catfishing’ a Crime

Legislature introduced in Utah means it could soon be illegal there to pretend to be someone else when engaging in certain types of deceptive activities on the internet, a practice known as “catfishing.” The Online Impersonation Prohibition up for debate this week in the Utah House of...

0.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/12/08 8:23 p.m.106 views

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays

Microsoft has addressed 58 CVEs nine of them critical for its December 2020 Patch Tuesday update. This brings the computing giant’s patch tally to 1,250 for the year – well beyond 2019’s 840. This month’s security bugs affect Microsoft Windows, Edge EdgeHTML-based, ChakraCore, Microsoft Office an...

9CVSS8.7AI score0.8979EPSS
Exploits7References16
ThreatPost
ThreatPost
added 2020/12/07 10:6 p.m.106 views

NSA Warns: Patched VMware Bug Under Active Attack

Active attacks against a flaw in VMware’s Workspace One Access continue, three days after the vendor patched the vulnerability and urged customers to fix the bug classified as a zero-day at the time. Now the U.S. National Security Agency NSA has escalated concerns and on Monday warned that foreig...

9CVSS0.7AI score0.23771EPSS
Exploits0References13
ThreatPost
ThreatPost
added 2020/11/10 8:59 p.m.106 views

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs

A massive Intel security update this month addresses flaws across a myriad of products – most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges. These critical flaws exist in products related to Wireless Bluetooth – including...

8.2AI score0.01727EPSS
Exploits0References28
ThreatPost
ThreatPost
added 2019/07/23 2:39 p.m.106 views

Update: VLC Media Player Plagued By Unpatched Critical RCE Flaw

UPDATE After a German security agency reported a critical vulnerability existed in VLC open-source media player that could enable remote code execution and other malicious actions, the developers of VLC said that the media player is not vulnerable. The VLC media player, developed by the VideoLAN...

4.3CVSS0.2AI score0.02492EPSS
Exploits1References11
ThreatPost
ThreatPost
added 2019/06/04 4:4 p.m.106 views

AI Isn't Good Enough When Lives Are on the Line, Experts Warn

LONDON, UK – With the infosec community eyeing artificial intelligence as the next big frontier for cyber defense, experts here at Infosecurity Europe on Tuesday warned that several challenges in how AI processes and interprets data need to first be fleshed out before widespread adoption. AI, in...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/05/14 12:58 p.m.106 views

WhatsApp Zero-Day Exploited in Targeted Spyware Attacks

UPDATE WhatsApp is urging users to update as soon as possible, after a zero-day vulnerability found in its messaging platform was exploited by attackers who were able to inject spyware onto victims’ phones in targeted campaigns. First reported by the Financial Times, the popular messaging app...

7.5CVSS9.8AI score0.39166EPSS
Exploits0References16
ThreatPost
ThreatPost
added 2018/10/12 5:1 p.m.106 views

Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm

UPDATE Microsoft patched a zero-day in its JET Database Engine this week – but the patch was incomplete, according to researchers at 0patch. The company has developed a micropatch that corrects that hole, it said Friday. The memory corruption vulnerability CVE-2018-8423 could allow remote...

9.3CVSS7.9AI score0.32705EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2018/09/27 8:8 p.m.106 views

Threatlist: Hackers Turn to Python as Attack Coding Language of Choice

Python was recently touted as on track to become the world’s most prevalent coding language, looking to swallow, as it were, the majority of the market share for developers. According to recent analysis, Python’s popularity also extends to black hats. Mirroring the findings around its use by code...

7.5CVSS8.6AI score0.99999EPSS
Exploits35References12
ThreatPost
ThreatPost
added 2022/02/01 8:2 p.m.105 views

Samba ‘Fruit’ Bug Allows RCE, Full Root User Access

A critical severity vulnerability in the Samba platform could allow attackers to gain remote code execution with root privileges on servers. Samba is an interoperability suite that allows Windows and Linus/Unix-based hosts to work together and share file and print services with multi-platform...

9CVSS8.5AI score0.74042EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2021/05/18 12:32 p.m.105 views

Microsoft, Adobe Exploits Top List of Crooks’ Wish List

A year-long study into the underground market for exploits in cybercriminal forums shows that crooks are salivating for Microsoft bugs, which are far and away the most requested and most sold exploits. According to researchers see chart below Microsoft products made up a whopping 47 percent of th...

10CVSS8.8AI score0.99988EPSS
Exploits2References16
ThreatPost
ThreatPost
added 2020/09/08 8:34 p.m.105 views

Critical Intel Active Management Technology Flaw Allows Privilege Escalation

Intel patched a critical privilege escalation vulnerability in its Active Management Technology AMT, which is used for remote out-of-band management of PCs. AMT is part of the Intel vPro platform Intel’s umbrella marketing term for its collection of computer hardware technologies and is primarily...

7.5CVSS9.2AI score0.0552EPSS
Exploits1References13
ThreatPost
ThreatPost
added 2020/08/17 8:55 p.m.105 views

'EmoCrash' Exploit Stoppered Emotet For 6 Months

A researcher was able to exploit a vulnerability in Emotet – effectively causing the infamous malware to crash and preventing it from infecting systems for six months. Emotet, which first emerged in 2014 and has since then evolved into a full fledged botnet that’s designed to steal account...

7.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/05/07 9:1 p.m.105 views

Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

A Monero cryptocurrency-mining campaign has emerged that exploits a known vulnerability in public-facing web applications built on the ASP.NET open-source web framework. The campaign has been dubbed Blue Mockingbird by the analysts at Red Canary that discovered the activity. Research uncovered th...

7.5CVSS0.2AI score0.99737EPSS
Exploits16References8
ThreatPost
ThreatPost
added 2019/12/06 9:35 p.m.105 views

Email Voted a Weak Link for Election Security, with DMARC Lagging

As the 2020 Presidential election looms closer in the United States, a key focus will be on securing election infrastructure to prevent tampering. In a recent analysis, researchers found that email remains a potential weak link, with most counties failing to implement DMARC protections. DMARC whi...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/06 4:54 p.m.105 views

Linux Bug Opens Most VPNs to Hijacking

A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers. According to researchers at University of New Mexico and Breakpointin...

4.9CVSS0.6AI score0.00838EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/14 10:12 p.m.105 views

Double Vision: Stealthy Malware Dropper Delivers Dual RATs

A newly discovered initial-stage malware dropper has been discovered sneaking by antivirus products, with the ultimate goal of delivering a double-pronged whammy of RevengeRAT and WSH RAT payloads onto targeted Windows machines. A FortiGuard Labs team recently captured a sample file that had been...

Exploits0References7
ThreatPost
ThreatPost
added 2019/11/01 7:32 p.m.105 views

News Wrap: Office 365 Voicemail Phish and Bed Bath and Beyond Breach

Threatpost editors Tara Seals and Lindsey O’Donnell break down the top security news of this week, from data breaches to advanced persistent threat APT activity. Top stories include: A Microsoft alert that APT group Fancy Bear has targeted anti-doping authorities and sporting organizations around...

7AI score
Exploits0References21
ThreatPost
ThreatPost
added 2019/08/10 11:45 p.m.105 views

Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster

LAS VEGAS – An insecure driver can be just what a hacker needs to get its foot in the door to a Windows environment. Compromised drivers are at the heart of massive security headaches ranging from recent Slingshot APT campaigns and LoJax malware. That’s why researchers at Eclypsium are sounding t...

0.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/06/26 3:8 p.m.105 views

EA Games Patches Account-Hijacking Bug

Researchers chained together two vulnerabilities in the Electronic Arts EA gaming platform and developed a proof-of-concept attack that allowed for possible account takeovers. A successful attack could allow a malicious actor to gain access to a user’s account and steal credit card information or...

7.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/06/25 6:34 p.m.105 views

Newly-Discovered Malware Targets Unpatched MacOS Flaw

Researchers have discovered never-before-seen Mac malware samples, which they believe are being developed to target a recently-disclosed vulnerability in the MacOS operating system. The vulnerability, a bypass that was disclosed in May and has yet to be patched by Apple, exists in the MacOS...

Exploits0References6
ThreatPost
ThreatPost
added 2019/05/16 1:5 p.m.106 views

Cybercrime Gang Behind GozNym Banking Malware Dismantled

The cybercrime network behind the GozNym malware, used to siphon $100 million out of its victims, has been dismantled in a massive international investigation, according to authorities. Europol said on Thursday that they are charging 10 members of the GozNym criminal network with spreading the...

0.6AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/05/07 5:52 p.m.105 views

Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak

Hacking tools allegedly developed by the National Security Agency NSA were being used in the wild by at least one APT long before the Shadow Brokers released the now-infamous trove of U.S. cyberweapons, new analysis suggests. According to researchers at Symantec, an attack group affiliated with t...

9.3CVSS0.1AI score0.93307EPSS
Exploits46References13
ThreatPost
ThreatPost
added 2019/03/14 4:56 p.m.105 views

Cisco Patches Critical ‘Default Password’ Bug

Cisco Systems is warning customers that a discovery tool for network devices can be accessed by a remote and unauthenticated attacker. The flaw could allow an adversary to log into the system and collect sensitive data tied to host operating systems and hardware. The disclosure is part of a Cisco...

10CVSS1AI score0.05817EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/01 3:41 p.m.105 views

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Necurs, the prolific and globally dispersed spam and malware distribution botnet, has been spotted using a fresh hiding technique to avoid detection while quietly adding more bots to its web. According to research from Black Lotus Labs, which is telecom and ISP provider CenturyLink’s network...

0.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/06 4:25 p.m.105 views

What are Data Manipulation Attacks, and How to Mitigate Against Them

Conventional wisdom says that once an attacker is in the system, moving laterally from network to network, the damage is already done. The adversary has found a way in and more than likely identified the data they’re after. They simply need to exfiltrate it, the last step of the kill chain, to la...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/05/07 4:16 p.m.105 views

Cryptojacking Campaign Exploits Drupal Bug, Over 400 Websites Attacked

UPDATE – Hundreds of websites running on the Drupal content management system – including those of the San Diego Zoo and the National Labor Relations Board – have been targeted by a malicious cryptomining campaign taking advantage of unpatched and recently revealed vulnerabilities. The attacks,...

7.5CVSS9.8AI score0.99993EPSS
Exploits46References14
ThreatPost
ThreatPost
added 2013/11/04 9:0 a.m.105 views

How I Got Here: Katie Moussouris

Dennis Fisher talks with Katie Moussouris of Microsoft about her childhood exploits with Commodore 64 programming, ignoring her Barbies, growing up as a hacker, her days as a pen tester and the challenges of working on security at Microsoft. Download: 12moussouris.mp3 Microsoft image via Robert...

9.3CVSS2.4AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2012/03/27 8:3 p.m.105 views

Richard Boscovich on the Zeus Botnet Takedown

Dennis Fisher talks with Richard Boscovich of the Microsoft Digital Crimes Unit about the operation to take down the Zeus botnet, how the company works with partners and law enforcement on these operations and the importance of getting the word out to consumers about the danger of botnets. Podcas...

9.3CVSS3AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2021/12/20 4:1 p.m.104 views

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

No, you’re not seeing triple: On Friday, Apache released yet another patch – version 2.17 – for yet another flaw in the ubiquitous log4j logging library, this time for a DoS bug. Trouble comes in threes, and this is the third one for log4j. The latest bug isn’t a variant of the Log4Shell...

10CVSS9.5AI score0.99999EPSS
Exploits355References24
ThreatPost
ThreatPost
added 2021/11/24 5:28 p.m.104 views

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery

Why would a game about a cat’s “cute diary” need permission to make phone calls or suss out your location? It doesn’t: “Cat cute diary” is one of 190 trojanized games that Doctor Web malware analysts have found on AppGallery, the official app store for Huawei Android. They’re littering the Androi...

6.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/04/30 11:49 a.m.104 views

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors’ IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash...

0.5AI score0.01326EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2021/03/24 6:39 p.m.104 views

Ransomware Attack Foils IoT Giant Sierra Wireless

A ransomware attack on leading internet-of-things IoT manufacturer Sierra Wireless this week ground its production activity to a halt and froze various other internal operations. The Canadian multinational manufacturer creates a broad array of communications equipment – from gateways to routers,...

1.5AI score
Exploits0References6
Total number of security vulnerabilities5000