Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2012/10/24 7:1 p.m.97 views

Microsoft Agrees to Modify Windows 8 Following EU Complaint

Microsoft announced Wednesday it will tweak the release of its forthcoming Windows 8 operating system to comply with the European Commission, which argues that in its current state, the software fails to offer customers a browser choice screen to let them “easily choose their preferred web...

9.3CVSS0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2012/03/21 6:31 p.m.97 views

New Trojan For Mac Used In Attacks On Tibetan NGOs

The security firm Alienvault reports that its own research on phishing attacks against non governmental organizations supporting the Tibetan Government in Exile is now being used as bait in a new round of phishing attacks on those same NGOs. The firm warned the public on Monday about a round of...

10CVSS9.8AI score0.96714EPSS
Exploits13References9
ThreatPost
ThreatPost
added 2009/03/18 4:35 p.m.97 views

The Ryan & Roel Show Episode 7

Emergency IE Patch – Fri, January 9, 2009 Ryan and Roel dissect the latest wave of malware attacks against Microsoft Internet Explorer browser and discuss the company’s plans to ship an emergency out-of-band update. Download episode...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/06/28 1:5 p.m.96 views

Top Six Security Bad Habits, and How to Break Them

Cybercrime is on the rise, and attacks are getting faster, more nuanced and increasingly sophisticated. The number of cyberattack-related data breaches rose 27 percent in 2021 — an upward trend that shows no signs of slowing down. Bad security habits, such as using the same password more than onc...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/12/21 4:46 p.m.96 views

Two Active Directory Bugs Lead to Easy Windows Domain Takeover

A proof-of-concept tool has been published that leverages two Windows Active Directory bugs fixed last month that, when chained, can allow easy Windows domain takeover. In a Monday alert, Microsoft urged organizations to immediately patch the pair of bugs, tracked as CVE-2021-42287 and...

8.8CVSS9AI score0.74265EPSS
Exploits10References20
ThreatPost
ThreatPost
added 2021/10/20 1:28 p.m.96 views

‘Lone Wolf’ APT Uses Commodity RATs

An APT described as a “lone wolf” is exploiting a decades-old Microsoft Office flaw to deliver a barrage of commodity RATs to organizations in India and Afghanistan, researchers have found. Attackers use political and government-themed malicious domains as lures in the campaign, which targets...

9.3CVSS8.7AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2021/09/14 9:2 p.m.96 views

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

Adobe is urging its throngs of Acrobat Reader users to update their software to fix critical vulnerabilities that could allow adversaries to execute arbitrary code on unpatched versions. The warnings are part of the firm’s September monthly security update, which this month addresses 59 bugs foun...

9.3CVSS8.6AI score0.03525EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/02 5:37 p.m.96 views

Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins

A tiny-sized malware that packs a big punch has been targeting supercomputers, especially those used in academia and scientific enterprises. It allows initial access for a variety of follow-on attacks, including credential theft – and potentially data exfiltration or cryptomining. That’s accordin...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/03/05 11:32 a.m.96 views

Trump, Sanders Are the Top Brands for Cybercriminals

Unwanted and malicious emails using political-themed lures has spiked as the presidential primary season cranks into high gear – with Donald Trump and Bernie Sanders representing the lion’s share of subject line themes. Since the beginning of the year, Proofpoint researchers have tracked subject...

Exploits0References10
ThreatPost
ThreatPost
added 2020/01/22 1:1 p.m.96 views

New Muhstik Botnet Attacks Target Tomato Routers

A new variant of the Muhstik botnet has appeared, this time with scanner technology that for the first time can brute-force web authentication to attack routers using Tomato open-source firmware, researchers have found. Researchers at Palo Alto Networks’ Unit 42 discovered the new variant...

0.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/12/24 2:0 p.m.96 views

The Case for Cyber-Risk Prospectuses

Sometimes our investments lose money. It’s not for lack of trying, indeed most investment firms make money off the growth of our investments. But despite best intentions and detailed investment plans, we sometimes end up with less than that with which we started. This can be due to outside forces...

6.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/12/20 3:55 p.m.96 views

Wawa Data Breach: Malware Stole Customer Payment Card Info

Popular convenience-store chain Wawa Inc. has disclosed a data breach potentially affecting all of its 850 locations. The breach stemmed from malware on its in-store payment processing systems that collected customers’ payment card data – for almost 10 months. The popular chain of Wawa convenienc...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/24 5:48 p.m.96 views

Unique Monokle Android Spyware Self-Signs Certificates

A never-before-publicized mobile spy tool, a mobile surveillanceware remote access trojan RAT for Android called Monokle, has been spotted using novel techniques to exfiltrate data. According to the Lookout researchers who discovered Monokle in the wild, the malware has the ability to self-sign...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/07/24 2:0 p.m.96 views

Protecting Against Ransomware Attacks: A Checklist

Sometimes all it takes is a malicious email to infect an entire municipality with ransomware, freezing important city systems from water utilities or websites. That was the case with the Florida city of Riviera Beach, which paid hackers $600,000 after being hit by a ransomware attack that downed...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/23 4:49 p.m.96 views

Popular Samsung, LG Android Phones Open to 'Spearphone' Eavesdropping

A new way to eavesdrop on people’s mobile phone calls has come to light in the form of Spearphone – an attack that makes use of Android devices’ on-board accelerometers motion sensors to infer speech from the devices’ speakers. An acronym for “Speech privacy exploit via accelerometer-sensed...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/06/10 5:39 p.m.96 views

How to Model Risk in an Apex Predator Cyber-World

The threat-intelligence researchers at Alphabet’s Chronicle have borrowed the apex predator concept from ecology to describe today’s multi-organizational, multinational threat actors — the evolution of which could provoke an overhaul of risk analysis and management. However, it’s important to kee...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/03/19 10:7 p.m.96 views

Cardinal RAT Resurrected to Target FinTech Firms

A malware family called Cardinal RAT has reappeared, after two years of silence, in a series of attacks that have been targeting Israel-based financial technology firms. After Cardinal RAT was first detected in 2017, the malware disappeared for two years. But now, in this latest campaign,...

0.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/03/19 4:26 p.m.96 views

Researcher Says NSA's Ghidra Tool Can Be Used for RCE

Ghidra, a free, open-source software reverse-engineering tool that was released by the National Security Agency at RSA, has been found to be a potential conduit to remote code-execution. Ghidra is a disassembler written in Java; software that breaks down executable files into assembly code that c...

8.9AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/02/22 12:11 p.m.96 views

Threatpost Poll: Are Password Managers Too Risky?

Do you use a password manager? Or do you think they pose too much of a risk, holding all the keys to the kingdom? Weigh in with our poll, below. A little background: There have been vulnerabilities found before in this kind of software, which is meant to take the headache out of remembering...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/02/15 8:19 p.m.96 views

Eight Cryptojacking Apps Booted From Microsoft Store

Microsoft booted eight malicious apps from its official desktop and mobile app store after researchers found the programs surreptitiously mined for Monero cryptocurrency. Researchers who discovered the apps said that an unspecified, but significant number, of users may have downloaded the rogue...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2015/01/21 11:40 a.m.96 views

Bypass Demonstrated for Microsoft Use-After-Free Mitigation in IE

For a long time, Microsoft’s monthly Patch Tuesday security bulletins have periodically addressed use-after free vulnerabilities, the latest class of memory corruption bugs that have already found their way into a number of targeted attacks. Microsoft has implemented mitigations to address memory...

9.3CVSS9.1AI score0.99945EPSS
Exploits33References7
ThreatPost
ThreatPost
added 2012/12/24 4:50 p.m.96 views

Interview with Kaspersky Chief Malware Expert Alex Gostev

The last year has seen a lot of changes in the threat landscape, with the emergence of a number of new cyber espionage tools such as Gauss and Flame, as well as an increase in the volume of malware targeting mobile platforms such as Android. Recently, Alex Gostev, the chief malware expert at...

9.3CVSS7.4AI score0.91324EPSS
Exploits13References20
ThreatPost
ThreatPost
added 2009/09/23 10:40 p.m.96 views

Microsoft Takes Aim at Malvertising Threat

Less than a week after a malicious advertising attack against the New York Times ad servers, Microsoft filed five civil lawsuits against companies allegedly using online advertising to serve malware. The lawsuits allege that individuals using the business names “Soft Solutions,” “Direct Ad,”...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References7
ThreatPost
ThreatPost
added 2009/03/25 3:27 p.m.96 views

Ken "Skywing" Johnson joins Microsoft security team

Microsoft has hired yet another well-known security researcher to join its ever-growing team of exploit and defense experts. This time it’s Ken Johnson, known in the hacker world as Skywing. Johnson is known as an expert on debugging and reverse engineering, and has done a tremendous amount of wo...

9.3CVSS1AI score0.99945EPSS
Exploits33References7
ThreatPost
ThreatPost
added 2022/08/19 3:25 p.m.95 views

iPhone Users Urged to Update to Patch 2 Zero-Days

Apple is urging macOS, iPhone and iPad users immediately to install respective updates this week that includes fixes for two zero-days under active attack. The patches are for vulnerabilities that allow attackers to execute arbitrary code and ultimately take over devices. Patches are available fo...

8.8CVSS9.3AI score0.09785EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2022/08/11 3:48 p.m.95 views

Starlink Successfully Hacked Using $25 Modchip

A Belgian security researcher has successfully hacked the SpaceX operated Starlink satellite-based internet system using a homemade circuit board that cost around $25 to develop, he revealed at Black Hat. Lennert Wouters revealed a voltage fault injection attack on a Starlink User Terminal UT—or...

8.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/06/15 1:59 p.m.95 views

DragonForce Gang Unleash Hacks Against Govt. of India

According to a new advisory from Radware, a hacktivist group called DragonForce Malaysia, “with the assistance of several other threat groups, has begun indiscriminately scanning, defacing and launching denial-of-service attacks against numerous websites in India.” In addition to DDoS, their...

9.8CVSS9.8AI score0.99999EPSS
Exploits75References3
ThreatPost
ThreatPost
added 2022/01/05 10:18 p.m.95 views

‘Elephant Beetle’ Lurks for Months in Networks

Researchers have identified a threat group that’s been quietly siphoning off millions of dollars from financial- and commerce-sector companies, spending months patiently studying their targets’ financial systems and slipping in fraudulent transactions amongst regular activity. The Sygnia Incident...

10CVSS10AI score0.97655EPSS
Exploits16References14
ThreatPost
ThreatPost
added 2021/08/20 2:9 p.m.95 views

Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of Profits

Researchers have discovered a Nigerian threat actor trying to turn an organization’s employees into insider threats by soliciting them to deploy ransomware for a cut of the ransom profits. Researchers at Abnormal Security identified and blocked a number of emails sent earlier this month to some i...

8.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/11/06 9:56 p.m.95 views

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. This can lead to payment skimmers being installed, crashing of the site or information retrieval via SQL injection, researchers said. Welcart e-Commerce is a free WordPress plugin that has more than...

1.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/05/18 9:20 p.m.95 views

Ransomware Gang Arrested for Spreading Locky to Hospitals

A cybercriminal gang have been arrested for spreading the Locky ransomware among hospitals, among other crimes. In an operation spearheaded by Romania’s law enforcement department, four people have been taken into custody after their houses were raided – three in Romania and one in neighboring...

0.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/04/20 4:23 p.m.95 views

Bitcoin Stealers Hide in 700+ Ruby Developer Libraries

About 760 malicious libraries, bent on stealing Bitcoin, have been identified so far in the open-source Ruby programming language code base. According to Tomislav Maljic, threat analyst at ReversingLabs, cybercriminals have been using simple typosquatting to carry out their plan – which is the...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/31 10:23 p.m.95 views

Evil Corp Returns With New Malware Infection Tactic

Cybercrime group Evil Corp a.k.a. Dudear is back in action after a short hiatus, with a technique in its arsenal not previously used by the group to distribute malware. Microsoft on Thursday said that it observed emails from the cybercriminal gang utilizing HTML redirectors. Microsoft is unclear...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/10/16 8:12 p.m.95 views

10 Steps for Ransomware Protection

Just the thought of ransomware is enough to keep CISOs and security teams up at night. Victims are caught in an awful choice between paying a ransom to a criminal who may or may not release their captured network and data, or potentially spending millions of dollars to remove the ransomware on...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/01 2:57 p.m.95 views

Google Play Malicious Apps Racked Up 335M+ Installs In September

Despite Google’s stepped up efforts to ban malicious apps hosted on Google Play 172 harmful apps – installed 335 million times by users – have been discovered on the platform in September alone. ESET researcher Lukas Stefanko said on Tuesday that the majority of those 172 malicious apps were...

7.3AI score
Exploits0References15
ThreatPost
ThreatPost
added 2019/09/26 1:0 p.m.95 views

CISOs: Support vendor security ops for best cloud results

Data from McKinsey Insights suggests that many CISOs are uneasy about increasing dependence on SaaS applications and the security risks – real or perceived – the cloud represents. Their apprehension isn’t slowing down cloud adoption. As McKinsey put it, “Most companies … will eventually confront...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/08/19 8:59 p.m.95 views

VLC Media Player Allows Desktop Takeover Via Malicious Video Files

Two high-risk vulnerabilities in the VLC media player could allow an adversary to craft a malicious .MKV video file that could be used in an attack to gain control of the victim’s PC. The flaws were made public Monday by the developer of the open-source VLC media player, VideoLAN project, who als...

7.5CVSS0.9AI score0.036EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2019/08/08 11:58 p.m.95 views

Apple Upgrades Bug Bounty Program: Adds Macs, $1M Reward

LAS VEGAS – Apple is giving its bug bounty program a much-needed makeover. The device manufacturer in a Thursday Black Hat USA 2019 session said it will open the historically private program to all researchers in the fall. In addition, it plans to drastically boost some rewards for vulnerabilitie...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/22 4:1 p.m.95 views

Large-Scale Government Hacks Hit Russia, Bulgaria

A pair of notable hacks on government targets have come to light: One, an attack affecting nearly the entire country of Bulgaria; and two, a hack of Russia’s main security agency FSB that represents the largest data heist ever experienced there. In Bulgaria, cybercriminals were able to infiltrate...

0.4AI score
Exploits0References22
ThreatPost
ThreatPost
added 2019/07/15 10:7 p.m.95 views

Privacy Experts: Facebook's $5B Fine Unlikely to Do Much

The $5 billion fine that the Federal Trade Commission has slapped on Facebook for privacy violations may be the largest ever levied by the agency, but it’s being derided as “chump change” and ineffective by lawmakers and privacy analysts. The settlement, reported Friday evening, stems from...

Exploits0References13
ThreatPost
ThreatPost
added 2019/05/27 2:11 p.m.95 views

Chinese Spy Group Mixes Up Its Malware Arsenal with Brand-New Loaders

The Chinese-language cyber-espionage group known as APT10 has apparently added to its malware bag of tricks, with two never-before-seen malware loader variants used in April campaigns against government and private organizations in Southeast Asia. Also, the campaigns featured modified versions of...

1.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/05/20 6:44 p.m.95 views

Windows 10 Update Bricks PCs, Microsoft Offers Workarounds

Microsoft has acknowledged that a Windows 10 bug is causing some users’ systems to freeze after using their System Restore feature. The issue arose after users complained that when they updated Windows 10 and attempted to restart their system, they were met with a “Stop error” that blocked them...

0.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/05/06 2:10 p.m.95 views

Extinguishing the IoT Insecurity Dumpster Fire

It’s no secret IoT security has been a dumpster fire. Last week, it was reported two million IP security cameras, baby monitors and smart doorbells have serious IoT flaws with no known patches. The list, of course, is added to a long list of IoT nightmares that have been reported over the past fi...

7.7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/04/17 1:33 p.m.95 views

Oracle Squashes 53 Critical Bugs in April Security Update

Oracle is urging customers to patch critical vulnerabilities in its products as part of its massive April update, which fixes a whopping 297 flaws. Of those flaws, 53 vulnerabilities in Oracle products had a CVSS score of 9.0 or higher, making them “critical” severity – and in fact, 49 of those...

7.5CVSS0.34731EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2019/03/18 4:46 p.m.95 views

Privacy Regulations Needed for Next-Gen Cars

Driverless automobiles, long-haul trucks and military transport vehicles are on a fast track for wide deployment over the next five to 10 years. That much is clear. Vehicle manufacturers are all in, and innovation is racing forward. Meanwhile, captains of industry and political leaders are eager ...

0.1AI score
Exploits0References20
ThreatPost
ThreatPost
added 2019/03/01 6:11 p.m.95 views

Podcast: RSA Conference 2019 Preview

The RSA 2019 conference is right around the corner, kicking off next week in San Francisco. As they prepare to cover the show, Threatpost editors Lindsey O’Donnell, Tom Spring and Tara Seals break down the biggest news, stories and trends – from artificial intelligence and government security to...

2.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/02/14 5:27 p.m.95 views

Coffee Meets Bagel Dating App Warns Users of Breach

Popular dating app Coffee Meets Bagel has sent its users an email notifying them that their data may have been “acquired by an unauthorized party.” The news comes days after a massive database containing the information of around 6.2 million Coffee Meets Bagel users showed up on the Dark Web. Use...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2012/07/16 1:54 p.m.95 views

Black Hole Exploit Kit Targeting Java CVE-2012-1723 Flaw

A new fork of the Black Hole exploit kit is making quick work of a recently patched Java vulnerability and security researchers say that the attackers are registering new sites quickly to exploit users with vulnerable browsers. The CVE-2012-1723 Java vulnerability that the Black Hole exploit kit ...

10CVSS9.7AI score0.93688EPSS
Exploits9References8
ThreatPost
ThreatPost
added 2011/05/03 7:5 p.m.95 views

Popular Sports Site Goal.com Serves Malware

Goal.com, a popular football aka “soccer” for all us Yanks news site was hacked and found serving malware via drive-by-downloads between April 27 and 28, according to a post by Web security firm Armorize. In an analysis of the attack, Armorize researcher Wayne Huang suggests that a hacker...

9.3CVSS1.7AI score0.96632EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2022/06/28 12:42 p.m.94 views

Mitel VoIP Bug Exploited in Ransomware Attacks

Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP Voice over Internet Protocol application and using it as a springboard plant malware on targeted systems. The critical remote code execution RCE flaw, tracked as CVE-2022-29499, was first report by Crowdstrike in April a...

10CVSS10AI score0.56967EPSS
Exploits0References5
Total number of security vulnerabilities5000