Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/02/28 2:27 p.m.102 views

Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers

Cisco is urging customers to update their wireless VPN and firewall routers, after patching a critical vulnerability that could allow unauthenticated, remote attackers to execute arbitrary code. The vulnerability, CVE-2019-1663, has a CVSS score of 9.8 and impacts the Cisco RV110W Wireless-N VPN...

10CVSS1.2AI score0.95707EPSS
Exploits15References6
ThreatPost
ThreatPost
added 2019/02/20 4:16 p.m.102 views

Microsoft: Russia's Fancy Bear Working to Influence EU Elections

As the May elections for European Parliament loom, Russia-linked APT groups are amping up their efforts to target journalists, think-tanks, non-governmental organizations and other members of civil society, according to Microsoft. The tech giant said on Tuesday that it has observed a recent serie...

0.5AI score
Exploits0References12
ThreatPost
ThreatPost
added 2018/10/17 11:0 a.m.102 views

Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers

A flaw in Medtronic’s CareLink 2090 and CareLink Encore 29901 programmers, which are portable computer systems used to manage implanted cardiac devices in clinical settings, would have allowed remote code implantation over Medtronic’s dedicated Software Deployment Network SDN. The programmers are...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2018/01/09 4:25 p.m.102 views

Microsoft January Patch Tuesday Update Fixes 16 Critical Bugs

Thanks to Meltdown and Spectre, January has already been an extremely busy month of patching for Microsoft. Today Microsoft tackled dozens more bugs, part of its regular Patch Tuesday release covering Microsoft Edge, Windows, Office, ASP.NET and the macOS version of Office. Sixteen of Microsoft’s...

9.3CVSS0.3AI score0.93289EPSS
Exploits7References7
ThreatPost
ThreatPost
added 2015/02/10 9:0 a.m.102 views

Creaking Patch Tuesday's Viability Rests with Quality, Speed

Today is Patch Tuesday, the 11-year-old procession of security bulletins from Microsoft streamed out automatically to consumers of Windows Update, and pulled en masse by enterprise admins worldwide needing to test each for compatibility. This is how it’s been done since shortly after Bill Gates’...

9.3CVSS9.1AI score0.99945EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2012/01/18 3:20 p.m.102 views

Elevating Privileges Via Windows Installers

There’s an odd bit of behavior that some Windows systems will exhibit when certain kinds of installers are launched, automatically elevating the privileges of the installer process to system-level privileges. In theory, the issue shouldn’t be exploitable because at one point in the process the...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2011/10/21 11:50 a.m.102 views

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers

There is a new worm circulating right now that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm also attempts to install a remote access tool in order to give the attacker control over the newly infected server. The worm has...

5CVSS0.5AI score0.79415EPSS
Exploits28References5
ThreatPost
ThreatPost
added 2010/08/09 1:39 p.m.102 views

Another Windows 7 Zero-Day Released

Microsoft’s security response team is investigating the release of a new zero-day flaw that exposes Windows 7 users to blue-screen crashes or code execution attacks. The flaw could be exploited by local attackers to cause a denial-of-service or potentially gain elevated privileges, according to a...

9.3CVSS4AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2021/08/13 1:31 p.m.101 views

WordPress Sites Abused in Aggah Spear-Phishing Campaign

Threat actors are using compromised WordPress websites to target manufacturers across Asia with a new spear-phishing campaign that delivers the Warzone RAT, a commodity infostealer available widely for purchase on criminal forums, researchers have found. The threat group Aggah, believed to be...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/07/12 3:53 p.m.101 views

Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya made good on its promise to issue patches by July 11. On Saturday, the company behind the Virtual System/Server Administrator VSA platform that got walloped by the REvil ransomware-as-a-service RaaS gang in a massive supply-chain attack released urgent updates to address critical zero-day...

10CVSS9.2AI score0.85619EPSS
Exploits5References24
ThreatPost
ThreatPost
added 2021/06/28 8:38 p.m.101 views

NVIDIA Patches High-Severity GeForce Spoof-Attack Bug

NVIDIA gaming graphics software called GeForce Experience, bundled with the chipmaker’s popular GTX GPU, is flawed and opens the door to a remote attacker that can exploit the bug to steal or manipulate data on a vulnerable Windows computer. NVIDIA notified customers late last week of the bug and...

8.3CVSS8.7AI score0.009EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2021/05/13 8:22 p.m.101 views

Colonial Pipeline Shells Out $5M in Extortion Payout, Report

Colonial Pipeline Co., operator of the largest U.S. fuel pipeline, reportedly paid $5 million to criminals behind a ransomware attack that has sent fuel prices spiking up and down the East Coast. Sources familiar with the payout told Bloomberg that representatives of Colonial Pipeline paid the...

5.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/08/21 12:43 p.m.101 views

Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up

A former Uber security executive has been charged for his role in the cover-up of a massive 2016 data breach, in which attackers accessed the company’s Amazon Web Services accounts and stole data associated with 57 million passengers and drivers. The U.S. State Attorney for the Northern District ...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/07/06 5:18 p.m.101 views

Lazarus Group Adds Magecart to the Mix

The Lazarus Group, state-sponsored hackers affiliated with North Korea, has added digital payment-card skimming to their repertoire, researchers said, using Magecart code. Lazarus members are targeting online payments made by American and European shoppers. Among the victims is Claire’s, the...

0.0552EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2019/11/14 11:0 a.m.101 views

Innovative PureLocker Ransomware Emerges in Targeted Attacks

The PureLocker ransomware – so-called because it’s written in the PureBasic programming language – has been spotted being used in targeted attacks against both Windows and Linux-based production servers at enterprises. Researchers said it shows unusual characteristics that underscore the innovati...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/10 8:32 p.m.101 views

Cryptomining Crook Steals Game Developer’s Identity to Carry Out Dirty Work

A 29-year-old cybercriminal assumed the guise of a prominent California video-game developer and eSports tournament organizer to throw authorities off his cryptomining track, according to an indictment unsealed on Wednesday. Matthew Ho, a citizen of Singapore, allegedly used the developer’s stole...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/05 12:0 p.m.101 views

MegaCortex Ransomware Revamps for Mass Distribution

A dangerous enterprise-focused ransomware, MegaCortex, has been retooled to become a weapon for wide-scale attacks. Previously used only in manual, post-network-exploitation, targeted campaigns on carefully selected targets, MegaCortex now has a second variant that adds automation to the kill...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/07/01 9:25 p.m.101 views

Finding Beauty in the IT Architecture

I have a confession to make. I’m a sucker for good architecture. Visiting places like Singapore, London, Rome, Buenos Aires, and New York City, I quickly find myself gravitating towards beautiful archways, spires, and even the voids used in designing some of the world’s most amazing buildings. I...

6.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/14 4:18 p.m.101 views

Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws

Adobe has issued patches for critical flaws across its Adobe Flash Player and Acrobat Reader products, which could enable arbitrary code execution. Overall, the company fixed 87 vulnerabilities across Acrobat and Reader, Flash Player and Adobe Media Encoder as part of its regularly-scheduled...

10CVSS0.1362EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/04 5:33 p.m.101 views

Preinstalled Mobile Security App on Xiaomi Handsets Delivered Vulnerabilities, Not Protection

Preinstalled apps on mobile phones can be just as annoying as crapware found on new PCs. Now a report from security experts at Check Point Research suggest those preinstalled mobile apps may be more than just annoying – they can also be a security risk. Check Point found that a security app calle...

0.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/02/21 7:1 p.m.101 views

ThreatList: Porn-Focused Malware Triples, Dark Web Loves It

Credential-stealing malware targeting premium accounts on adult websites almost tripled in 2018, corresponding with a rise in the number of offers related to stolen porn credentials on Dark Web markets. That’s according to Thursday research from Kaspersky Lab, which found that the malware is...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2014/10/22 3:18 p.m.101 views

New Adobe Flash Exploit Found in Angler, Fiesta EKs

Two notorious exploit kits are already seeding vulnerable websites with exploits for a Flash Player vulnerability that was patched in last week’s Adobe security bulletin. French researcher Kafeine told Threatpost that the most likely scenario is that a skilled coder found a way to reverse-enginee...

10CVSS0.2AI score0.99883EPSS
Exploits12References8
ThreatPost
ThreatPost
added 2014/08/08 11:55 a.m.101 views

IE to Block Older ActiveX Controls, Starting with Java

Next week’s Microsoft Patch Tuesday security bulletins will not only bring nine new security bulletins but also an update to Internet Explorer that blocks outdated ActiveX controls, starting with Java. Notifications will flag the older ActiveX controls and users will have the option to update the...

9.3CVSS8.8AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/10/10 1:12 p.m.101 views

Microsoft Mitigation Bypass Bounty Winner James Forshaw

Give James Forshaw a good logic bug over a memory-corruption vulnerability any day of the week. The British researcher says he would rather manipulate weaknesses in code to climb out of an application sandbox than turn a fuzzer against a piece of software and spot a memory leak. But incentivized ...

10CVSS8.8AI score0.99945EPSS
Exploits43References7
ThreatPost
ThreatPost
added 2010/02/02 3:39 p.m.101 views

Microsoft Tries to Boost SDL Adoption

Microsoft is trying to boost adoption of the software security practices in its Security Development Lifecycle by releasing a revised set of instructions to make implementation of the process easier and faster. At the Black Hat DC conference on Tuesday, the company announced the release of its...

9.3CVSS0.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/07/27 3:29 p.m.101 views

Researcher Shows Killbit is No Defense on MsVidCtl Flaw

Ryan Smith, one of the researchers who found the bug in the Microsoft MsVidCtl DLL that the vendor is rushing to patch this week, has posted a short video demonstration of a technique that bypasses the stop-gap solution of preventing the vulnerable ActiveX control from loading. In the demo, Smith...

9.3CVSS0.8AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2022/03/18 5:17 p.m.100 views

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet

The modular botnet known as Cyclops Blink, linked to the same advanced persistent threat APT behind the NotPetya wiper attacks, is expanding its device targeting to include ASUS routers. Further, it’s likely that the botnet’s purpose is far more sinister than the average Mirai-knockoff’s penchant...

8.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/10/26 10:26 p.m.100 views

Microsoft IE Browser Death March Hastens

As the death of the once dominant Internet Explorer IE draws closer, Microsoft is quickly pounding more nails into the browser’s coffin. On Monday, Microsoft hastened its IE-to-Edge browser-transition strategy and announced new controls for users and IT staff when it comes to how the lame-duck...

0.2AI score0.5063EPSS
Exploits2References14
ThreatPost
ThreatPost
added 2020/08/21 4:2 p.m.100 views

University of Utah Pays $457K After Ransomware Attack

The University of Utah coughed up a $457,000 ransom payment after a ransomware attack hit the university’s servers, impacting undisclosed student and faculty related data. The Salt Lake City school, which has 24,485 undergraduate students and 8,333 graduate students enrolled, as well as 1,592...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/08/20 12:0 p.m.100 views

IBM AI-Powered Data Management Software Subject to Simple Exploit

The IBM’s next-gen data-management software suffers from a shared-memory vulnerability that researchers said could lead to other threats — as demonstrated by a new proof-of-concept exploit for the bug. The IBM Db2 is a family of hybrid data-management products containing artificial intelligence,...

3.6CVSS0.5AI score0.26869EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2020/07/01 2:55 p.m.100 views

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. The campaign uses three never-before-seen Android surveillanceware tools, dubbed SilkBean, GoldenEagle and...

8.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/06/15 3:36 p.m.100 views

'Lamphone' Hack Uses Lightbulb Vibrations to Eavesdrop on Homes

Researchers have discovered a novel way to spy on conversations that are happening in houses from almost a hundred feet away. The hack stems simply from a lightbulb hanging in the home. The hack, dubbed “lamphone,” is performed by analyzing the tiny vibrations of a hanging lightbulb, which are...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/01 8:53 p.m.100 views

Upgraded Cerberus Spyware Spreads Rapidly via MDM

A newly discovered variant of the Cerberus Android trojan has been spotted, with vastly expanded and more sophisticated info-harvesting capabilities, and the ability to run TeamViewer. It was spotted by researchers being used in a targeted campaign on a multinational conglomerate. Unusually, the...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/03/11 9:20 p.m.100 views

Flaws Riddle Zyxel’s Network Management Software

Security researchers are warning that networking hardware vendor Zyxel and its Cloud CNM SecuManager software is chock-full of unpatched vulnerabilities that kick open the doors for hackers to exploit. In all, researchers have identified 16 vulnerabilities, ranging from multiple backdoors and...

10CVSS0.1AI score0.99988EPSS
Exploits2References24
ThreatPost
ThreatPost
added 2020/01/28 10:58 p.m.100 views

New ‘CacheOut’ Attack Targets Intel CPUs

Researchers have identified a new speculative execution type attack, dubbed CacheOut, that could allow attackers to trigger data leaks from most Intel CPUs. The more serious of the two bugs, revealed Monday, is rated medium severity by Intel, who said fixes for both flaws are on the way. The more...

2.1CVSS1AI score0.00587EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2020/01/06 9:48 p.m.100 views

ToTok Returned to Google Play Despite ‘Spy Tool’ Claims

Mobile application ToTok has been reinstated to the Google Play app ecosystem, after it was removed last month due to claims that it was being used for government espionage. ToTok, a social app that was released in 2019 and has been downloaded by millions, gained rapid popularity in the United Ar...

6.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/08 7:34 p.m.100 views

Apple Tackles Over a Dozen Bugs in its Catalina 10.15 Update

Apple wasted little time snuffing out bugs in its macOS Catalina operating system. On Tuesday, Apple rolled out 16 patches addressing a wide range of Catalina bugs in components such as CoreAudio, IOGraphics and WebKit. The security fixes are exclusively for macOS 10.15; so pre-Catalina releases ...

9.3CVSS0.5AI score0.0442EPSS
Exploits4References11
ThreatPost
ThreatPost
added 2019/08/23 4:38 p.m.100 views

News Wrap: Steam Zero Day Disclosure Drama, Unix Utility Backdoor

Why did Valve-owner Steam say it made a “mistake” turning a researcher away from its bug bounty program? Who was behind a backdoor that was purposefully introduced into a utility utilized by Unix and Linux servers? And why is Facebook coming under fire for its “Clear History” feature? Threatpost...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/06/19 12:57 p.m.100 views

Mozilla Patches Firefox Critical Flaw Under Active Attack

UPDATE Mozilla has released updates for the Firefox browser addressing a critical vulnerability that is being actively exploited in targeted attacks against Coinbase employees – and potentially other cryptocurrency organizations. The critical flaw CVE-2019-11707 is a type confusion vulnerability ...

7.5CVSS10AI score0.37951EPSS
Exploits7References10
ThreatPost
ThreatPost
added 2019/05/22 8:9 p.m.100 views

WannaCry-Infested Laptop Starts at $1.13M in Art Auction

Malware as high art? Stranger things have happened, but a Windows laptop infected with six high-profile pieces of malware think WannaCry and BlackEnergy is nonetheless looking to fetch more than $1 million in public art-auction bids. A project called “The Persistence of Chaos,” mounted by artist...

Exploits0References13
ThreatPost
ThreatPost
added 2018/08/14 8:42 p.m.100 views

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

Microsoft has rolled out its August Patch Tuesday fixes, addressing 19 critical vulnerabilities, including fixes for two zero-day vulnerabilities that are under active attack. Overall, the company patched a total of 60 flaws, spanning Microsoft Windows, Edge, Internet Explorer IE, Office, .NET...

10CVSS0.1AI score0.73968EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2017/03/14 3:26 p.m.100 views

Patch Tuesday Returns; Microsoft Quiet on Postponement

Patch Tuesday returned today as expected after last month’s postponement with a giant release of fixes that includes patches for vulnerabilities disclosed and exploited since the last set of updates in January. Microsoft, however, was relatively silent on the reasons why the February updates were...

9.3CVSS9.1AI score0.99945EPSS
Exploits45References12
ThreatPost
ThreatPost
added 2016/12/05 3:32 p.m.100 views

Dirty Cow Vulnerability Patched in Android Security Bulletin

The Dirty Cow vulnerability lived in Linux for close to a decade, and while it was patched in October in the kernel and in Linux distributions, Android users had to wait for more than a month for their fix. Today, Google included a patch for CVE-2016-5195 in the monthly Android Security Bulletin,...

7.2CVSS1.4AI score0.83524EPSS
Exploits82References4
ThreatPost
ThreatPost
added 2015/04/21 5:41 p.m.100 views

Microsoft Data Shows Drop in Remote Code Execution Bugs Being Exploited

SAN FRANCISCO–One of the downsides to being a software company with a huge customer base is that your products are going to be prime targets for attackers. But the flip side to that coin is that you’re going to gather a lot of data about vulnerabilities and attacks. Microsoft has been collecting...

9.3CVSS1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/10/15 2:9 p.m.100 views

Microsoft Finally Shuts Door on ATL Bugs

Computerworld’s Gregg Keizer brings word that this week’s record-setting batch of patches from Microsoft actually closed the book on the vexing ATL code library issues that first surfaced in July 2009. Keizer quotes Ryan Smith, one of the hackers credited with discovering the flaw, as saying that...

9.3CVSS1.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/06/07 11:21 a.m.99 views

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

Threat actors are using public exploits to pummel a critical zero-day remote code execution RCE flaw that affects all versions of a popular collaboration tool used in cloud and hybrid server environments and allows for complete host takeover. Researchers from Volexity uncovered the flaw in...

9.8CVSS10AI score0.99999EPSS
Exploits75References10
ThreatPost
ThreatPost
added 2022/02/28 5:23 p.m.99 views

Toyota to Close Japan Plants After Suspected Cyberattack

What was potentially a cyberattack hit one of Toyota’s parts suppliers, causing the company to move to shut down about a third of the company’s global production tomorrow, the company announced on Monday. Toyota doesn’t know how long the 14 plants will be unplugged. The closure will mean that the...

8.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2022/01/20 7:35 p.m.99 views

Critical Cisco StarOS Bug Grants Root Access via Debug Mode

Cisco released a security update warning about a handful of vulnerabilities lurking in its networking technology, led by a critical bug in the company’s StarOS debug services. Cisco pushed out a fix for its Cisco StarOS Software on Wednesday. Jan. 19. In its advisory, the company said that the fl...

8.8CVSS8.8AI score0.11636EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2021/12/07 8:24 p.m.99 views

Windows 10 Drive-By RCE Triggered by Default URI Handler

Researchers have discovered a drive-by remote code-execution RCE bug in Windows 10 via Internet Explorer 11/Edge Legacy – the EdgeHTML-based browser that’s currently the default browser on Windows 10 PCs – and Microsoft Teams. According to a report posted Tuesday by Positive Security, the...

6.8CVSS9.1AI score0.25895EPSS
Exploits2References22
ThreatPost
ThreatPost
added 2021/11/12 1:14 p.m.99 views

Millions of Routers, IoT Devices at Risk from BotenaGo Malware

Newly surfaced malware that is difficult to detect and written in Google’s open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found. Discovered by researchers at AT&T AlienLabs, BotenaGo can exploit more than 30 different...

9CVSS7.6AI score0.46642EPSS
Exploits4References15
Total number of security vulnerabilities5000