Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/05/24 1:42 p.m.102 views

News Wrap: Which Companies Are Doing Privacy Right and Which Aren't?

The Threatpost team breaks down the top data privacy-related news this week, including: Google’s acknowledgement that G Suite passwords had been stored in plaintext – since 2005. The database of golfing app Game Golf left misconfigured, exposing millions of data points on games played plus...

6.3AI score
Exploits0References17
ThreatPost
ThreatPost
added 2019/05/22 1:16 p.m.102 views

Google Stored G Suite Passwords in Plaintext Since 2005

Google stored G Suite passwords in plaintext for almost 15 years, the cloud giant acknowledged on Tuesday evening. G Suite, Google’s brand of cloud computing, productivity and collaboration tools, software and products, has more than 5 million users as of February. Google said that it recently...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/28 2:27 p.m.102 views

Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers

Cisco is urging customers to update their wireless VPN and firewall routers, after patching a critical vulnerability that could allow unauthenticated, remote attackers to execute arbitrary code. The vulnerability, CVE-2019-1663, has a CVSS score of 9.8 and impacts the Cisco RV110W Wireless-N VPN...

10CVSS1.2AI score0.95707EPSS
Exploits15References6
ThreatPost
ThreatPost
added 2019/02/20 4:16 p.m.102 views

Microsoft: Russia's Fancy Bear Working to Influence EU Elections

As the May elections for European Parliament loom, Russia-linked APT groups are amping up their efforts to target journalists, think-tanks, non-governmental organizations and other members of civil society, according to Microsoft. The tech giant said on Tuesday that it has observed a recent serie...

0.5AI score
Exploits0References12
ThreatPost
ThreatPost
added 2018/10/17 11:0 a.m.102 views

Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers

A flaw in Medtronic’s CareLink 2090 and CareLink Encore 29901 programmers, which are portable computer systems used to manage implanted cardiac devices in clinical settings, would have allowed remote code implantation over Medtronic’s dedicated Software Deployment Network SDN. The programmers are...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2018/01/09 4:25 p.m.102 views

Microsoft January Patch Tuesday Update Fixes 16 Critical Bugs

Thanks to Meltdown and Spectre, January has already been an extremely busy month of patching for Microsoft. Today Microsoft tackled dozens more bugs, part of its regular Patch Tuesday release covering Microsoft Edge, Windows, Office, ASP.NET and the macOS version of Office. Sixteen of Microsoft’s...

9.3CVSS0.3AI score0.93289EPSS
Exploits7References7
ThreatPost
ThreatPost
added 2016/12/05 3:32 p.m.102 views

Dirty Cow Vulnerability Patched in Android Security Bulletin

The Dirty Cow vulnerability lived in Linux for close to a decade, and while it was patched in October in the kernel and in Linux distributions, Android users had to wait for more than a month for their fix. Today, Google included a patch for CVE-2016-5195 in the monthly Android Security Bulletin,...

7.2CVSS1.4AI score0.83524EPSS
Exploits83References4
ThreatPost
ThreatPost
added 2015/02/10 9:0 a.m.102 views

Creaking Patch Tuesday's Viability Rests with Quality, Speed

Today is Patch Tuesday, the 11-year-old procession of security bulletins from Microsoft streamed out automatically to consumers of Windows Update, and pulled en masse by enterprise admins worldwide needing to test each for compatibility. This is how it’s been done since shortly after Bill Gates’...

9.3CVSS9.1AI score0.99945EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2011/10/21 11:50 a.m.102 views

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers

There is a new worm circulating right now that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm also attempts to install a remote access tool in order to give the attacker control over the newly infected server. The worm has...

5CVSS0.5AI score0.79415EPSS
Exploits28References5
ThreatPost
ThreatPost
added 2010/08/09 1:39 p.m.102 views

Another Windows 7 Zero-Day Released

Microsoft’s security response team is investigating the release of a new zero-day flaw that exposes Windows 7 users to blue-screen crashes or code execution attacks. The flaw could be exploited by local attackers to cause a denial-of-service or potentially gain elevated privileges, according to a...

9.3CVSS4AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2021/08/13 1:31 p.m.101 views

WordPress Sites Abused in Aggah Spear-Phishing Campaign

Threat actors are using compromised WordPress websites to target manufacturers across Asia with a new spear-phishing campaign that delivers the Warzone RAT, a commodity infostealer available widely for purchase on criminal forums, researchers have found. The threat group Aggah, believed to be...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/07/12 3:53 p.m.101 views

Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya made good on its promise to issue patches by July 11. On Saturday, the company behind the Virtual System/Server Administrator VSA platform that got walloped by the REvil ransomware-as-a-service RaaS gang in a massive supply-chain attack released urgent updates to address critical zero-day...

10CVSS9.2AI score0.85619EPSS
Exploits5References24
ThreatPost
ThreatPost
added 2021/06/28 8:38 p.m.101 views

NVIDIA Patches High-Severity GeForce Spoof-Attack Bug

NVIDIA gaming graphics software called GeForce Experience, bundled with the chipmaker’s popular GTX GPU, is flawed and opens the door to a remote attacker that can exploit the bug to steal or manipulate data on a vulnerable Windows computer. NVIDIA notified customers late last week of the bug and...

8.3CVSS8.7AI score0.009EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2021/05/13 8:22 p.m.101 views

Colonial Pipeline Shells Out $5M in Extortion Payout, Report

Colonial Pipeline Co., operator of the largest U.S. fuel pipeline, reportedly paid $5 million to criminals behind a ransomware attack that has sent fuel prices spiking up and down the East Coast. Sources familiar with the payout told Bloomberg that representatives of Colonial Pipeline paid the...

5.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/08/21 12:43 p.m.101 views

Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up

A former Uber security executive has been charged for his role in the cover-up of a massive 2016 data breach, in which attackers accessed the company’s Amazon Web Services accounts and stole data associated with 57 million passengers and drivers. The U.S. State Attorney for the Northern District ...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/08/20 12:0 p.m.101 views

IBM AI-Powered Data Management Software Subject to Simple Exploit

The IBM’s next-gen data-management software suffers from a shared-memory vulnerability that researchers said could lead to other threats — as demonstrated by a new proof-of-concept exploit for the bug. The IBM Db2 is a family of hybrid data-management products containing artificial intelligence,...

3.6CVSS0.5AI score0.26869EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/14 11:0 a.m.101 views

Innovative PureLocker Ransomware Emerges in Targeted Attacks

The PureLocker ransomware – so-called because it’s written in the PureBasic programming language – has been spotted being used in targeted attacks against both Windows and Linux-based production servers at enterprises. Researchers said it shows unusual characteristics that underscore the innovati...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/10 8:32 p.m.101 views

Cryptomining Crook Steals Game Developer’s Identity to Carry Out Dirty Work

A 29-year-old cybercriminal assumed the guise of a prominent California video-game developer and eSports tournament organizer to throw authorities off his cryptomining track, according to an indictment unsealed on Wednesday. Matthew Ho, a citizen of Singapore, allegedly used the developer’s stole...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/05 12:0 p.m.101 views

MegaCortex Ransomware Revamps for Mass Distribution

A dangerous enterprise-focused ransomware, MegaCortex, has been retooled to become a weapon for wide-scale attacks. Previously used only in manual, post-network-exploitation, targeted campaigns on carefully selected targets, MegaCortex now has a second variant that adds automation to the kill...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/07/01 9:25 p.m.101 views

Finding Beauty in the IT Architecture

I have a confession to make. I’m a sucker for good architecture. Visiting places like Singapore, London, Rome, Buenos Aires, and New York City, I quickly find myself gravitating towards beautiful archways, spires, and even the voids used in designing some of the world’s most amazing buildings. I...

6.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/14 4:18 p.m.101 views

Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws

Adobe has issued patches for critical flaws across its Adobe Flash Player and Acrobat Reader products, which could enable arbitrary code execution. Overall, the company fixed 87 vulnerabilities across Acrobat and Reader, Flash Player and Adobe Media Encoder as part of its regularly-scheduled...

10CVSS0.1362EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/04 5:33 p.m.101 views

Preinstalled Mobile Security App on Xiaomi Handsets Delivered Vulnerabilities, Not Protection

Preinstalled apps on mobile phones can be just as annoying as crapware found on new PCs. Now a report from security experts at Check Point Research suggest those preinstalled mobile apps may be more than just annoying – they can also be a security risk. Check Point found that a security app calle...

0.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/02/21 7:1 p.m.101 views

ThreatList: Porn-Focused Malware Triples, Dark Web Loves It

Credential-stealing malware targeting premium accounts on adult websites almost tripled in 2018, corresponding with a rise in the number of offers related to stolen porn credentials on Dark Web markets. That’s according to Thursday research from Kaspersky Lab, which found that the malware is...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2014/10/22 3:18 p.m.101 views

New Adobe Flash Exploit Found in Angler, Fiesta EKs

Two notorious exploit kits are already seeding vulnerable websites with exploits for a Flash Player vulnerability that was patched in last week’s Adobe security bulletin. French researcher Kafeine told Threatpost that the most likely scenario is that a skilled coder found a way to reverse-enginee...

10CVSS0.2AI score0.99883EPSS
Exploits12References8
ThreatPost
ThreatPost
added 2014/08/08 11:55 a.m.101 views

IE to Block Older ActiveX Controls, Starting with Java

Next week’s Microsoft Patch Tuesday security bulletins will not only bring nine new security bulletins but also an update to Internet Explorer that blocks outdated ActiveX controls, starting with Java. Notifications will flag the older ActiveX controls and users will have the option to update the...

9.3CVSS8.8AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/10/10 1:12 p.m.101 views

Microsoft Mitigation Bypass Bounty Winner James Forshaw

Give James Forshaw a good logic bug over a memory-corruption vulnerability any day of the week. The British researcher says he would rather manipulate weaknesses in code to climb out of an application sandbox than turn a fuzzer against a piece of software and spot a memory leak. But incentivized ...

10CVSS8.8AI score0.99945EPSS
Exploits43References7
ThreatPost
ThreatPost
added 2010/02/02 3:39 p.m.101 views

Microsoft Tries to Boost SDL Adoption

Microsoft is trying to boost adoption of the software security practices in its Security Development Lifecycle by releasing a revised set of instructions to make implementation of the process easier and faster. At the Black Hat DC conference on Tuesday, the company announced the release of its...

9.3CVSS0.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/07/27 3:29 p.m.101 views

Researcher Shows Killbit is No Defense on MsVidCtl Flaw

Ryan Smith, one of the researchers who found the bug in the Microsoft MsVidCtl DLL that the vendor is rushing to patch this week, has posted a short video demonstration of a technique that bypasses the stop-gap solution of preventing the vulnerable ActiveX control from loading. In the demo, Smith...

9.3CVSS0.8AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2022/03/18 5:17 p.m.100 views

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet

The modular botnet known as Cyclops Blink, linked to the same advanced persistent threat APT behind the NotPetya wiper attacks, is expanding its device targeting to include ASUS routers. Further, it’s likely that the botnet’s purpose is far more sinister than the average Mirai-knockoff’s penchant...

8.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/01/20 7:35 p.m.100 views

Critical Cisco StarOS Bug Grants Root Access via Debug Mode

Cisco released a security update warning about a handful of vulnerabilities lurking in its networking technology, led by a critical bug in the company’s StarOS debug services. Cisco pushed out a fix for its Cisco StarOS Software on Wednesday. Jan. 19. In its advisory, the company said that the fl...

8.8CVSS8.8AI score0.11636EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2021/03/10 10:0 p.m.100 views

SAP Stomps Out Critical RCE Flaw in Manufacturing Software

Enterprise software giant SAP pushed out fixes for a critical-severity vulnerability in its real-time data monitoring software for manufacturing operations. If exploited, the flaw could allow an attacker to access SAP databases, infect end users with malware and modify network configurations. The...

9.7AI score0.50913EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/10/26 10:26 p.m.100 views

Microsoft IE Browser Death March Hastens

As the death of the once dominant Internet Explorer IE draws closer, Microsoft is quickly pounding more nails into the browser’s coffin. On Monday, Microsoft hastened its IE-to-Edge browser-transition strategy and announced new controls for users and IT staff when it comes to how the lame-duck...

0.2AI score0.5063EPSS
Exploits2References14
ThreatPost
ThreatPost
added 2020/08/21 4:2 p.m.100 views

University of Utah Pays $457K After Ransomware Attack

The University of Utah coughed up a $457,000 ransom payment after a ransomware attack hit the university’s servers, impacting undisclosed student and faculty related data. The Salt Lake City school, which has 24,485 undergraduate students and 8,333 graduate students enrolled, as well as 1,592...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/07/01 2:55 p.m.100 views

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. The campaign uses three never-before-seen Android surveillanceware tools, dubbed SilkBean, GoldenEagle and...

8.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/06/15 3:36 p.m.100 views

'Lamphone' Hack Uses Lightbulb Vibrations to Eavesdrop on Homes

Researchers have discovered a novel way to spy on conversations that are happening in houses from almost a hundred feet away. The hack stems simply from a lightbulb hanging in the home. The hack, dubbed “lamphone,” is performed by analyzing the tiny vibrations of a hanging lightbulb, which are...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/01 8:53 p.m.100 views

Upgraded Cerberus Spyware Spreads Rapidly via MDM

A newly discovered variant of the Cerberus Android trojan has been spotted, with vastly expanded and more sophisticated info-harvesting capabilities, and the ability to run TeamViewer. It was spotted by researchers being used in a targeted campaign on a multinational conglomerate. Unusually, the...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/03/11 9:20 p.m.100 views

Flaws Riddle Zyxel’s Network Management Software

Security researchers are warning that networking hardware vendor Zyxel and its Cloud CNM SecuManager software is chock-full of unpatched vulnerabilities that kick open the doors for hackers to exploit. In all, researchers have identified 16 vulnerabilities, ranging from multiple backdoors and...

10CVSS0.1AI score0.99988EPSS
Exploits2References24
ThreatPost
ThreatPost
added 2020/01/28 10:58 p.m.100 views

New ‘CacheOut’ Attack Targets Intel CPUs

Researchers have identified a new speculative execution type attack, dubbed CacheOut, that could allow attackers to trigger data leaks from most Intel CPUs. The more serious of the two bugs, revealed Monday, is rated medium severity by Intel, who said fixes for both flaws are on the way. The more...

2.1CVSS1AI score0.00587EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2020/01/06 9:48 p.m.100 views

ToTok Returned to Google Play Despite ‘Spy Tool’ Claims

Mobile application ToTok has been reinstated to the Google Play app ecosystem, after it was removed last month due to claims that it was being used for government espionage. ToTok, a social app that was released in 2019 and has been downloaded by millions, gained rapid popularity in the United Ar...

6.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/16 8:12 p.m.100 views

10 Steps for Ransomware Protection

Just the thought of ransomware is enough to keep CISOs and security teams up at night. Victims are caught in an awful choice between paying a ransom to a criminal who may or may not release their captured network and data, or potentially spending millions of dollars to remove the ransomware on...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/08 7:34 p.m.100 views

Apple Tackles Over a Dozen Bugs in its Catalina 10.15 Update

Apple wasted little time snuffing out bugs in its macOS Catalina operating system. On Tuesday, Apple rolled out 16 patches addressing a wide range of Catalina bugs in components such as CoreAudio, IOGraphics and WebKit. The security fixes are exclusively for macOS 10.15; so pre-Catalina releases ...

9.3CVSS0.5AI score0.0442EPSS
Exploits4References11
ThreatPost
ThreatPost
added 2019/08/23 4:38 p.m.100 views

News Wrap: Steam Zero Day Disclosure Drama, Unix Utility Backdoor

Why did Valve-owner Steam say it made a “mistake” turning a researcher away from its bug bounty program? Who was behind a backdoor that was purposefully introduced into a utility utilized by Unix and Linux servers? And why is Facebook coming under fire for its “Clear History” feature? Threatpost...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/06/19 12:57 p.m.100 views

Mozilla Patches Firefox Critical Flaw Under Active Attack

UPDATE Mozilla has released updates for the Firefox browser addressing a critical vulnerability that is being actively exploited in targeted attacks against Coinbase employees – and potentially other cryptocurrency organizations. The critical flaw CVE-2019-11707 is a type confusion vulnerability ...

7.5CVSS10AI score0.37951EPSS
Exploits7References10
ThreatPost
ThreatPost
added 2019/05/22 8:9 p.m.100 views

WannaCry-Infested Laptop Starts at $1.13M in Art Auction

Malware as high art? Stranger things have happened, but a Windows laptop infected with six high-profile pieces of malware think WannaCry and BlackEnergy is nonetheless looking to fetch more than $1 million in public art-auction bids. A project called “The Persistence of Chaos,” mounted by artist...

Exploits0References13
ThreatPost
ThreatPost
added 2018/08/14 8:42 p.m.100 views

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

Microsoft has rolled out its August Patch Tuesday fixes, addressing 19 critical vulnerabilities, including fixes for two zero-day vulnerabilities that are under active attack. Overall, the company patched a total of 60 flaws, spanning Microsoft Windows, Edge, Internet Explorer IE, Office, .NET...

10CVSS0.1AI score0.73968EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2017/03/14 3:26 p.m.100 views

Patch Tuesday Returns; Microsoft Quiet on Postponement

Patch Tuesday returned today as expected after last month’s postponement with a giant release of fixes that includes patches for vulnerabilities disclosed and exploited since the last set of updates in January. Microsoft, however, was relatively silent on the reasons why the February updates were...

9.3CVSS9.1AI score0.99945EPSS
Exploits45References12
ThreatPost
ThreatPost
added 2015/04/21 5:41 p.m.100 views

Microsoft Data Shows Drop in Remote Code Execution Bugs Being Exploited

SAN FRANCISCO–One of the downsides to being a software company with a huge customer base is that your products are going to be prime targets for attackers. But the flip side to that coin is that you’re going to gather a lot of data about vulnerabilities and attacks. Microsoft has been collecting...

9.3CVSS1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/10/15 2:9 p.m.100 views

Microsoft Finally Shuts Door on ATL Bugs

Computerworld’s Gregg Keizer brings word that this week’s record-setting batch of patches from Microsoft actually closed the book on the vexing ATL code library issues that first surfaced in July 2009. Keizer quotes Ryan Smith, one of the hackers credited with discovering the flaw, as saying that...

9.3CVSS1.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/03/03 8:45 p.m.100 views

Microsoft researching new (secure) browser

Microsoft’s research unit is investing resources in a new Web browser that could eventually signal a shift away from the ubiquitous Internet Explorer. According to a research paper released this week, the project is called Gazelle and is positioned as a secure web browser constructed as a...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/06/07 11:21 a.m.99 views

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

Threat actors are using public exploits to pummel a critical zero-day remote code execution RCE flaw that affects all versions of a popular collaboration tool used in cloud and hybrid server environments and allows for complete host takeover. Researchers from Volexity uncovered the flaw in...

9.8CVSS10AI score0.99999EPSS
Exploits76References10
Total number of security vulnerabilities5000