15946 matches found
Criminal, Domestic Violence Case Info Exposed in Cook County Leak
A non-password protected database, belonging to a county in Illinois, exposed 323,000 court records for at least four months, according to researchers. The database exposed the names of various people involved in sensitive criminal, domestic-abuse or child-custody court cases. Researchers from...
Netgear Won't Patch 45 Router Models Vulnerable to Serious Flaw
UPDATE Netgear will not patch 45 router models that are vulnerable to a high-severity remote code execution flaw, the router company revealed last week. However, the company says that routers that won’t receive updates are outdated or have reached EOL End of Life. The remote code execution...
Nation-State Attacks Drop in Latest Google Analysis
Google has registered a significant drop in government-backed cyberattacks against its properties and the people who use its products. Google sends out warnings if it detects that an account is a target of government-backed phishing or malware attempts. For 2019, the internet giant sent almost...
New Bug Found in NSA’s Ghidra Tool
A medium severity bug reported on Saturday impacts Ghidra, a free, open-source software reverse-engineering tool released by the National Security Agency earlier this year. The vulnerability allows a remote attacker to compromise exposed systems, according to a NIST National Vulnerability Databas...
Amazon Employees Given 'Broad Access' to Personal Alexa Info
Employees at Amazon can access geolocation information for Alexa users, according to reports – thus uncovering their home addresses and even satellite pictures of their houses generated from a service such as Google Earth. Alexa is the built-in voice assistant shipped with devices like Amazon Ech...
SAS 2019: Triton ICS Malware Hits A Second Victim
SINGAPORE – The group behind the Triton malware, which first came to light after a disruptive critical-infrastructure attack on Saudi oil giant Petro Rabigh in 2017, has found a second victim. According to researchers at FireEye, the cybercriminals behind Triton, also called Trisis, have once aga...
Medical Weed Dispensary Exposes Health Data for Thousands
A data breach at a medical marijuana dispensary company operating in Canada has sent the personal health privacy of about 34,000 patients up in smoke. An electronic medical record system used by Natural Health Services – a self-described “cannabinoid medical clinic that specializes in cannabis...
Three Ways DNS is Weaponized and How to Mitigate the Risk
In the early stages of the “Net” each computer system participating in this network could only be contacted by knowing it’s unique 32bit IP address. As the Net grew into the Internet that we know today, some changes had to be made to allow this system of interconnected computers to communicate wi...
Dirty Cow Vulnerability Patched in Android Security Bulletin
The Dirty Cow vulnerability lived in Linux for close to a decade, and while it was patched in October in the kernel and in Linux distributions, Android users had to wait for more than a month for their fix. Today, Google included a patch for CVE-2016-5195 in the monthly Android Security Bulletin,...
Microsoft Mistakenly Leaks Secure Boot Key
Update Opponents of the government’s constant talk about intentional backdoors and exceptional access finally may have their case study as to why it’s such a bad idea. Two researchers operating under aliases my123 and slipstream this week posted a report—accompanied by a relentless chiptune—that...
Four Zero Days Disclosed in Internet Explorer
UPDATE–As if all of the vulnerabilities in Flash and Windows discovered in the Hacking Team document cache and the 193 bugs Oracle fixed last week weren’t enough for organizations to deal with, HP’s Zero Day Initiative has released four new zero days in Internet Explorer Mobile that can lead to...
Microsoft Fixes Critical IE, Windows Bugs with February Patch Tuesday
Microsoft released nine security updates Tuesday, four critical; five important, fixing 21 different holes in various applications with its February patch release. The four critical fixes deal with vulnerabilities in the company’s Windows, Internet Explorer, .NET Framework and Silverlight program...
Microsoft Publishes New FixIt Tool For DLL Bug
Microsoft has released some updated guidance on the recent DLL-hijacking bug, including a new FixIt tool that enables the workaround for the vulnerability that Microsoft shipped late last month. The new guidance includes a detailed explanation of the bug itself as well as how potential attacks...
The Art of Non-boring Cybersec Training–Podcast
Log4j, ransomware, cloud vulnerabilities, phishing: Cyber threats are manifold. They all pale, however, in comparison to the security black holes that walk around on two legs. Studies have shown that nearly all successful breaches stem from human error, be it failure to install security patches...
Cyberattackers Exploiting Critical WordPress Plugin Bug
The Plus Addons for Elementor plugin for WordPress has a critical security vulnerability that attackers can exploit to quickly, easily and remotely take over a website. First reported as a zero-day bug, researchers said it’s being actively attacked in the wild. The plugin, which has more than...
Fake Skype, Signal Apps Used to Spread Surveillanceware
Cybercriminals are increasingly peddling booby-trapped version of popular apps such as Skype and Signal that contain surveillanceware. Apurva Kumar, security intelligence engineer at Lookout, said that one such surveillanceware family that’s been spotted using this tactic is Monokle, a...
Chris Eng: Patch Management Challenges Drive 'Security Debt'
Companies are lagging when it comes to keeping up with software security patches – causing them to fall into “security debt,” Chris Eng, chief research officer with Veracode said. Today, challenges around patch management are being worsened by applications using third-party code and open source...
Popular Apps on Google Play Store Remain Unpatched
Most people think if they keep their mobile apps updated to the latest version, they also are patching for critical vulnerabilities. Not so, said researchers from Check Point Software, which discovered that outdated code—including known vulnerabilities—are still present in hundreds of popular app...
The Unhappiest Subscribers on Earth? Disney+ Accounts Hacked & Hijacked
The highly anticipated Disney+ streaming service launched last week – and was promptly targeted by hackers looking to compromise users’ accounts. Around 4,000 customer account credentials have shown up for sale on hacking forums for around $3 each, according to reports. An investigation by ZDNet...
Gustuff Android Banker Switches Up Technical Approach
An Instagram-initiated campaign using the Gustuff Android mobile banking trojan has rolled out in October, featuring an updated version of the malware that lowers its detection profile. How the cybercriminals are rolling out the campaign is the same as a previous offensive seen in June, according...
Virus Bulletin 2019: Magecart Infestations Saturate the Web
LONDON — Magecart, the digital card-skimming collective, is now so ubiquitous that its infrastructure is flooding the internet. In a paper presented at Virus Bulletin 2019 this week in London, Jordan Herman and Yonathan Klijnsma of RiskIQ said that there are now 573 known C2 domains for the group...
TikTok Scammers Cash In On Adult Dating, Impersonation Tricks
As social media platform TikTok becomes the top App Store download in 2019 – and the number three app download on Google Play and on platforms overall – scammers are looking to cash in on the troves of younger users of the popular platform. Tenable researcher Satnam Narang, who has been tracking...
Intel Patches High-Severity Flaw in Processor Diagnostic Tool
Intel has patched a high-severity vulnerability in its processor diagnostic tool, which could allow local attackers to launch several malicious attacks on affected devices, such as escalation of privilege or denial of service. The Intel Processor Diagnostic tool is a free product that allows user...
Wordpress Users Urged to Delete Zero-Day-Ridden Plugin
Researchers are urging WordPress site owners to delete a compromised plugin after multiple zero-day vulnerabilities were discovered being exploited by a malicious actor. Researchers at Wordfence said on Friday that flaws in the plugin, Total Donations, are being exploited by malicious actors to...
As End of Life Nears, More Than Half of Websites Still Use PHP V5
Almost 62 percent of all websites are still running PHP version 5 – even as version 5.6 of the server-side scripting language inches toward an ominous end-of-life. Hypertext Preprocessor PHP, a programming language designed for use in web-based applications with HTML content, supports a wide...
Word-based Malware Attack Doesn’t Use Macros
Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not...
APT28 Using EternalBlue to Attack Hotels in Europe, Middle East
Russian-speaking cyberespionage group APT28, also known as Sofacy, is believed to be behind a series of attacks last month against travelers staying in hotels in Europe and the Middle East. APT28 notably used the NSA hacking tool EternalBlue as part of its scheme to steal credentials from busines...
Microsoft Extends SHA-2, TLS Support for Windows
One by one, tech companies have been tossing aside the SHA-1 cryptographic algorithm like the unreliable collision-prone mess that it is. Microsoft was among the first to steer its customers away from SHA-1 and established an internal edict that its developers would no longer use it for...
New Bug in Internet Explorer Used in Targeted Attacks
There’s a new flaw in all of the current versions of Internet Explorer that is being used in some targeted attacks right now. Microsoft has confirmed the bug and said it is working on a fix, but has no timeline for the patch release yet. The company did not rule out an emergency out-of-band patch...
By Stefan Tanase
In general, a lack of user education and strong policies regarding online security often lead to undesirable events. Whether you manage an official Twitter account or a personal one, you should know how Twitter accounts get hacked so you can protect yourself. Here are some methods:...
Microsoft researching new (secure) browser
Microsoft’s research unit is investing resources in a new Web browser that could eventually signal a shift away from the ubiquitous Internet Explorer. According to a research paper released this week, the project is called Gazelle and is positioned as a secure web browser constructed as a...
Log4J-Related RCE Flaw in H2 Database Earns Critical Warning
Researchers discovered a bug related to the Log4J logging library vulnerability, which in this case opens the door for an adversary to execute remote code on vulnerable systems. However, this flaw does not pose the same risk as the previously identified in Log4Shell, they said. JFrog security...
FreakOut Botnet Turns DVRs Into Monero Cryptominers
Threat group FreakOut’s Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner. Juniper Threat Labs researchers have issued a report detailing new activities from FreakOut, also known as Necro Python and Python.IRCBot. In late September, the team noticed that the...
Ransomware Takes Down Network of French IT Giant
French IT giant Sopra Steria was hit with a cyber attack this week that disrupted the business of the firm and is widely believed to be the work of the threat actors behind Ryuk ransomware. The company revealed the attack in a brief press statement released Oct. 22, two days after officials said...
Malware Risks Triple on WFH Networks: Experts Offer Advice
Home office networks are 3.5 times more likely than corporate networks to be infected by malware, according a report from BitSight. That statistic comes into sharp focus as the coronavirus pandemic forces companies to shift to a work-from-home workforce. Those home networks that remote workers ar...
News Wrap: PoC Exploits, Cable Haunt and Joker Malware
This week’s news wrap podcast breaks down the biggest Threatpost security stories of the week, including: Various proof-of-concept exploits being released for serious vulnerabilities this week – including for the recently-patched crypto-spoofing vulnerability found by the National Security Agency...
Biggest Malware Threats of 2019
One out of five computer users were subject to at least one malware-class web attack in 2019. This past year cities such as New Orleans were under ransomware siege by the likes of malware Ryuk. Zero-day vulnerabilities were also in no short supply with targets such as Google Chrome and Operation...
TP-Link Routers Give Cyberattackers an Open Door to Business Networks
A firmware vulnerability in TP-Link Archer C5 v4 routers used in enterprise and home environments could allow unauthorized, remote access to the device with administrative privileges. The bug CVE-2017-7405 affects models that run firmware version 3.16.0 0.9.1 v600c.0 Build 180124 Rel.28919n. Firs...
Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers
UPDATE Security researchers are warning users of two WordPress plugins – made by Brainstorm Force – that they need to patch a “major” vulnerability that could allow hackers to gain administrative access to any website using the plugins. According to Brainstorm Force, it is only aware of one...
Romanian Duo Receives Jailtime For Infecting 400,000 With Malware
A Romanian duo has been sentenced to jailtime for infecting 400,000 computers with malware that stole credentials and financial information, and scammed victims out of millions of dollars. The two Romanian hackers, Bogdan Nicolescu, 37, and Radu Miclaus, 37, were sentenced to 20 years and 18 year...
Arcane Stealer V Takes Aim at the Low End of the Dark Web
A general-purpose info-stealing malware is poised to make a splash in cybercrime circles, thanks to its market niche: It’s positioned as an ideal tool for low-skilled adversaries looking to get some skin in the game without having a lot of expertise. According to the Fidelis Threat Research Team...
How to Guide Users to Better Passwords by Learning from Attackers
If you’re human, you’ve probably re-used a password or two. In fact, the majority of internet users between the ages of 18-65 have done so, and the younger you are, the more likely it is that you use just one password for all of your accounts. Article written by: Chris LaConte, Chief Strategy...
Slack Initiates Mass Password Reset
Popular workspace collaboration platform Slack is in the middle of asking tens of thousands of users to reset their passwords after a security breach. The move is actually in response to new information that has come to light regarding a 2015 compromise, when hackers infiltrated Slack’s networks ...
Google Home Captures Porn and More, Unbeknownst to Users
Google Home smart speakers and the Google Assistant virtual assistant have been caught eavesdropping without permission — capturing and recording highly personal audio of domestic violence, confidential business calls — and even some users asking their smart speakers to play porn on their connect...
News Wrap: Infosecurity Europe Highlights and BlueKeep Anxiety
This week, the focus was on Infosecurity Europe, which took place in London and showcased a myriad of sessions, threat research and trends in the cybersecurity space. During the Threatpost news wrap for the week ended June 7, the team breaks down the top news from the show, as well as other...
Soaring Cryptocurrency Prices Draw Malicious Apps, Malware
The price of Bitcoin is steadily surging in May and hackers are looking to cash in on the uptick with fake cryptocurrency apps, malware and other related scams. In May 2019, Bitcoin prices climbed to their highest points this year, with the popular cryptocurrency being worth $8,300 its highest...
Spam Campaigns Spread Trickbot Malware with Tax Lure
Hackers pushing the TrickBot banking trojan are exploiting tax season by pushing malicious Microsoft Excel spreadsheet documents via spam campaigns. Researchers said that they discovered the malware in three different campaigns since Jan. 27, 2019. These campaigns target victims with emails...
Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns
A recently discovered vulnerability in the WinRAR file archival utility has been exploited in a slew of new campaigns, including one with a never-before-seen payload. The flurry of activity shows no sign of waning as cybercriminals continue to find success exploiting the bug. The campaigns take...
Attackers Completely Destroy VFEmail's Secure Mail Infrastructure
A catastrophic, smash-and-destroy cyberattack has eliminated the U.S. infrastructure for secure email service VFEmail. It’s a rare example of a purely destructive offensive, apparently unmotivated by financial gain or espionage goals. An attacker wiped out the company’s U.S. servers on Monday...
Microsoft Agrees to Modify Windows 8 Following EU Complaint
Microsoft announced Wednesday it will tweak the release of its forthcoming Windows 8 operating system to comply with the European Commission, which argues that in its current state, the software fails to offer customers a browser choice screen to let them “easily choose their preferred web...