Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/07/22 9:15 p.m.94 views

FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

The Tokyo Olympics, set to open Friday night, are already being targeted by threat actors — however, the Federal Bureau of Investigation’s Cyber Division has issued a chilling warning the Games’ TV broadcast is likely to be plagued by attacks, since it will be the only way to view events now that...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/01/27 7:16 p.m.94 views

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

A doozy of a bug that could allow any local user on most Linux or Unix systems to gain root access has been uncovered — and it had been sitting there for a decade, researchers said. The bug was found in Sudo, a utility built into most Unix and Linux operating systems that lets a user without...

8.5AI score0.99295EPSS
Exploits81References9
ThreatPost
ThreatPost
added 2020/06/29 6:56 p.m.94 views

Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores

With Magento 1 reaching end-of-life EOL on Tuesday, Adobe is making a last-ditch effort to urge the 100,000 online stores still running the outdated version to migrate to Magento 2. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. After June 30...

8.5AI score0.0552EPSS
Exploits1References19
ThreatPost
ThreatPost
added 2020/04/01 9:7 p.m.94 views

Wiper Malware Called "Coronavirus" Spreads Among Windows Victims

A new Windows malware has emerged that makes disks unusable by overwriting the master boot record MBR. It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.” Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that...

0.26869EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2020/02/19 10:17 p.m.94 views

U.S. Pipeline Disrupted by Ransomware Attack

A ransomware attack has hit a natural gas compression facility in the U.S., the feds have warned. The attack resulted in a two-day pipeline shutdown as the unnamed victim worked to bring systems back online from backups. The attackers were able penetrate the IT portion of the facility’s network,...

0.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/12/20 4:18 p.m.94 views

It’s Time for Your SOC to Level Up

Given an ever-increasing cyberattack surface, a global security workforce shortage, as well as an increased frequency and sophistication of attacks, security operations centers SOCs need to leverage better tools – namely artificial intelligence AI – in order to manage threats. An organization’s S...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/11/12 9:35 p.m.94 views

Microsoft Patches RCE Bug Actively Under Attack

A critical bug in a Microsoft scripting engine, under active attack, has been patched as part of Microsoft’s Patch Tuesday security roundup. The vulnerability exists in Internet Explorer and allows an attacker to execute rogue code if a victim is coaxed into visiting a malicious web page, or, if...

7.6CVSS9.1AI score0.72626EPSS
Exploits3References14
ThreatPost
ThreatPost
added 2019/10/16 3:28 p.m.95 views

Docker Containers Riddled with Graboid Crypto-Worm

The Docker cloud containerization technology is the target for a just-discovered cryptojacking worm dubbed Graboid. According to researchers at Palo Alto’s Unit 42, the worm, which looks to mine the Monero cryptocurrency, has infected more than 2,000 unsecured Docker Engine Community Edition host...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/10/09 7:7 p.m.94 views

Gamers Warned of High-Severity Intel, Nvidia Flaws

Chip giants Intel and Nvidia have stomped out high-severity flaws in two popular products, both commonly used by gamers. Impacted are the Nvidia Shield TV and Intel NUC short for Next Unit of Computing mini-PC kit. Nvidia Shield TV is a media streaming box powered by Nvidia’s Tegra X1...

6CVSS8.2AI score0.02606EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2019/08/14 2:6 p.m.94 views

Facebook Records User Audio, Sparking Privacy Questions

Facebook has admitted that it has been transcribing audio chats between its users on its Messenger platform. Sources said that it’s paying hundreds to third-party outside contractors to do so. The latter calls into question Facebook’s data-handling practices when it comes to being open with its...

6.6AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/07/23 8:22 p.m.94 views

Citrix Confirms Password-Spraying Heist of Reams of Internal IP

UPDATE Digital workspace and enterprise networks vendor Citrix has concluded its investigation into a 6TB data heist in March, which it said was the work of international cybercriminals who exploited weak passwords on an internal network. The attackers intermittently accessed Citrix’ infrastrucur...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/16 4:55 p.m.94 views

The Future is Female: A Key to the Cybersecurity Workforce Challenge

By 2022, 2 million cybersecurity positions globally are projected to be open, even as the threat landscape accelerates and becomes more complex. To meet this growing workforce shortage, women are a crucial, largely untapped reservoir of talent that businesses should be courting. In this Threatpos...

1.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/05/06 2:10 p.m.94 views

Extinguishing the IoT Insecurity Dumpster Fire

It’s no secret IoT security has been a dumpster fire. Last week, it was reported two million IP security cameras, baby monitors and smart doorbells have serious IoT flaws with no known patches. The list, of course, is added to a long list of IoT nightmares that have been reported over the past fi...

7.7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/04/25 3:19 p.m.94 views

Qualcomm Critical Flaw Exposes Private Keys For Android Devices

Researchers have uncovered a side-channel attack that enables a bad actor to extract sensitive data from Qualcomm’s secure keystore. The critical flaw impacts most modern Android devices that use Qualcomm chips. The issue stems from an issue in Qualcomm technology, dubbed the Qualcomm Secure...

4.9CVSS0.4AI score0.00204EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2019/04/02 3:48 p.m.94 views

Mobile-First Phishing Kit Targets Verizon Customers

As people increasingly go mobile-first in their work and personal lives, cybercrime is keeping up: The latest is a phishing kit that specifically targets Verizon Wireless customers in the U.S. According to Jeremy Richards, a researcher at Lookout Security, the kit pushes phishing links to users v...

1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2017/06/20 2:27 p.m.94 views

UCL Ransomware Linked to AdGholas Malvertising Group

A ransomware attack that closed off access to personal and shared drives at University College London last week has been linked to a malvertising campaign spreading Mole, a variant of CryptoMix ransomware. Kafeine, a white-hat who works for Proofpoint and is known for his research into exploit...

10CVSS0.3AI score0.94354EPSS
Exploits16References4
ThreatPost
ThreatPost
added 2017/04/12 2:58 p.m.94 views

Office Zero Day Delivering FINSPY Spyware to Victims in Russia

Since at least January, unidentified state-sponsored attackers have been targeting victims in Russia with FINSPY spyware delivered in exploits for an Office and WordPad zero-day vulnerability patched on Tuesday by Microsoft. Separately, the same zero-day has been leveraged in financially motivate...

9.3CVSS0.1AI score0.99933EPSS
Exploits29References3
ThreatPost
ThreatPost
added 2016/08/18 4:38 p.m.94 views

EFF Blasts Microsoft Over Windows 10 Rollout

The Electronic Frontier Foundation is blasting Microsoft for its “malicious” and “annoying” tactics when it comes to prodding Windows users to update their operating system to Windows 10. The digital watchdog group says Microsoft’s strategy of pushing the Windows 10 upgrade application onto users...

9.3CVSS0.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/02/20 4:7 p.m.94 views

iOS Developer Site at Core of Facebook, Apple Watering Hole Attack

UPDATE – The missing link connecting the attacks against Apple, Facebook and possibly Twitter is a popular iOS mobile developers’ forum called iPhoneDevSDK which was discovered hosting malware in an apparent watering hole attack that has likely snared victims at hundreds of organizations beyond t...

5CVSS9.2AI score0.89987EPSS
Exploits8References11
ThreatPost
ThreatPost
added 2012/06/08 5:32 p.m.94 views

Attackers Can Use 'Self-Destruct' Feature to Kill Flame

The attackers behind Flame can easily clean up compromised computers, according to research by security firm Symantec who found that some attackers have been able to use command-and-control C&C servers to completely remove the malware from certain machines. According to a post on Symantec’s...

9.3CVSS2.3AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2012/02/22 3:45 p.m.94 views

Waves of Attacks Target Adobe Reader Bug From 2010

Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a...

9.3CVSS0.8AI score0.88246EPSS
Exploits12References3
ThreatPost
ThreatPost
added 2012/01/12 2:43 p.m.94 views

Ten Years After Gates's Memo, Effects Still Being Felt

Ten years. That’s a really long time. Think about what you were doing 10 years ago. Can you even remember? Maybe you were in college or high school, or cripes, even grade school. Or maybe you were working in security already, trying to figure out why your network kept getting overrun by viruses a...

9.3CVSS8.4AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2011/12/14 4:22 p.m.94 views

Mobile Madness

Admit it. It would scarcely break your heart if the legions of slack-jawed smartphone Facebook and FourSquare gawkers were forced to confront their own digital mortality – however briefly – with a few scary exploits made just for them. In 2011, the untethered among us saw several mobile security...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2009/04/09 8:27 p.m.94 views

After attacks, Microsoft readies security patches

From CIO Robert McMillan Corporate IT staffers will get a double whammy next week, as both Microsoft and Oracle are set to release critical security updates cio.com on the same day, including a likely fix for an Excel bug that has been used by cybercriminals. This month, Oracle’s quarterly softwa...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2022/06/28 12:42 p.m.93 views

Mitel VoIP Bug Exploited in Ransomware Attacks

Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP Voice over Internet Protocol application and using it as a springboard plant malware on targeted systems. The critical remote code execution RCE flaw, tracked as CVE-2022-29499, was first report by Crowdstrike in April a...

10CVSS10AI score0.56967EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/11/02 5:20 p.m.93 views

Android Patches Actively Exploited Zero-Day Kernel Bug

Among Google’s November Android security updates is a patch for a zero-day weakness that “may be under limited, targeted exploitation,” the company said. Out of this month’s batch of 39 patches, 18 of them plug flaws in the framework and system components and another 18 address vulnerabilities in...

10CVSS8.9AI score0.01602EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/03/02 5:6 p.m.93 views

Compromised Website Images Camouflage ObliqueRAT Malware

The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites. The remote access trojan RAT, which has been operating since 2019, spreads via emails, which have malicious Microsoft Office documents attached. Previously, payloads were...

8.8AI score0.26525EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2021/02/22 9:7 p.m.93 views

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report

New research has found evidence that a Chinese-affiliated threat group APT31 has hijacked a hacking tool previously used by the Equation Group which has been tied to the U.S. National Security Agency, or NSA. The tool in question, dubbed “Jian,” is used to exploit a local privilege-escalation LPE...

6.9CVSS7.4AI score0.11022EPSS
Exploits1References22
ThreatPost
ThreatPost
added 2020/11/11 7:3 p.m.93 views

Nvidia Warns Windows Gamers of GeForce NOW Flaw

Nvidia is red-flagging a high-severity flaw in its GeForce NOW application software for Windows. An attacker on a local network can exploit the flaw in order to execute code or gain escalated privileges on affected devices. GeForce NOW is the brand used by Nvidia for its cloud-based gaming servic...

4.4CVSS1.6AI score0.00457EPSS
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/31 5:35 p.m.93 views

Zoom Scrutinized As Security Woes Mount

The New York attorney general, Letitia James, is demanding more information about how Zoom secures user data. The inquiry comes amidst mounting public scrutiny of the web conferencing platform’s data privacy and security policies. In a Monday letter, James questioned whether Zoom’s security...

6.9AI score
Exploits0References22
ThreatPost
ThreatPost
added 2020/01/24 2:29 p.m.93 views

Fake Smart Factory Honeypot Highlights New Attack Threats

A honeypot set up to observe the current security landscape in smart manufacturing systems observed numerous threats—including cryptomining malware and ransomware—in just a few months, highlighting the new threats that industrial control systems ICS face with increased exposure to the internet...

0.2AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/01/14 5:0 p.m.93 views

Public Bug Bounty Takes Aim at Kubernetes Container Project

A public bug-bounty program for the Kubernetes container technology framework has just launched, backed by Google, HackerOne and the Cloud Native Computing Foundation CNCF. The Kubernetes container-orchestration system was originally built by Google for automating application deployment, scaling...

7.5CVSS7.8AI score0.86978EPSS
Exploits11References8
ThreatPost
ThreatPost
added 2019/12/17 8:51 p.m.93 views

Rooster Teeth Attack Showcases New Magecart Approach

The online store for the Rooster Teeth video-streaming service has been hit with a malicious web redirect attack by Magecart, which allowed the cybercriminals to harvest users’ payment-card details. The attack marks a slight departure from the group’s typical tactics. Rooster Teeth, which offers...

8.1AI score0.0552EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2019/11/14 2:22 p.m.93 views

APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims

The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, linked to its own...

1.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/07/11 2:4 p.m.93 views

Apple Issues Silent Update Removing Zoom's Hidden Server

Apple has pushed a silent update to Mac users that removes a hidden web server from Zoom users’ machines. The Zoom web- and video-conferencing service has come under scrutiny for its handling of a zero-day bug CVE-2019–13450 found by researcher Jonathan Leitschuh, which would allow an attacker to...

4.3CVSS6.6AI score0.03523EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2019/05/01 7:57 p.m.93 views

DHS Shortens Deadline For Gov Agencies to Fix Critical Flaws

A Department of Homeland Security DHS order now requires agencies to remediate critical vulnerabilities discovered on their systems in 15 days – cutting in half the previous deadline of 30 days. That’s according to a Tuesday binding directive, which is a compulsory order for federal, executive...

9CVSS1.1AI score0.99965EPSS
Exploits30References5
ThreatPost
ThreatPost
added 2019/03/27 12:48 p.m.93 views

Ransomware Behind Norsk Hydro Attack Takes On Wiper-Like Capabilities

LockerGoga, the malware that took down Norsk Hydro last week, has taken the industrial world by storm, as researchers race to uncover more about the mysterious ransomware that crippled several of the aluminum maker’s plants. Questions still remain about how the malware first infects the system it...

0.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/03/25 6:10 p.m.93 views

Malware Payloads Hide in Images: Steganography Gets a Reboot

One of the challenges of cybersecurity is that overfocusing on one threat trend means that another one can sneak up on you. This is especially problematic as our networks and the attack surface expands. Beyond threat vectors, though, we also need to pay attention to the entire spectrum of threat...

7.6AI score
Exploits0
ThreatPost
ThreatPost
added 2019/01/31 9:59 p.m.93 views

TheMoon Rises Again, With a Botnet-as-a-Service Threat

TheMoon, an IoT botnet targeting home routers and modems, is entering a new phase, as it were: It has added a previously undocumented module that allows it to be sold as-a-service to other malicious actors. This has already had significant real-world consequences, according to CenturyLink Threat...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/04/21 9:0 a.m.93 views

Misunderstanding APT Indicators of Compromise

Threatpost Op-Ed is a regular feature where experts contribute essays and commentary on what’s happening in security and privacy. Today’s contributors are Dave Dittrich and Katherine Carpenter. Reports of APT activities detail compromises spanning multiple organizations, sectors, industry...

6.9AI score
Exploits0References14
ThreatPost
ThreatPost
added 2014/10/29 1:0 p.m.93 views

Facebook Releases osquery to Open Source

Facebook is in a giving mood today. The social networking giant announced today that it will release to open source a framework that detects and logs state changes in an operating system likely caused by an attack or performance meltdown. It also announced that it will hand out up to $300,000 nex...

9.3CVSS8.5AI score0.81628EPSS
Exploits22References3
ThreatPost
ThreatPost
added 2014/03/05 10:7 a.m.93 views

Researchers Investing in EMET Bypasses More than Hackers

Exploits bypassing Microsoft’s Enhanced Mitigation Experience Toolkit, or EMET, are quickly becoming a parlor game for security researchers. With increasing frequency, white hats are poking holes in EMET, and to its credit, Microsoft has been quick to not only address those issues but challenge a...

9.3CVSS0.9AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2010/09/28 6:12 p.m.93 views

Microsoft Pushes Emergency Patch For ASP.NET Flaw

Microsoft has released the emergency out-of-band patch for the ASP.NET padding oracle attack, less than two weeks after a pair of researchers discussed the flaw and a reliable attack against it at a security conference in Argentina. The patch for the ASP.NET bug is only available through...

9.3CVSS0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2022/08/23 1:19 p.m.92 views

Firewall Bug Under Active Attack Triggers CISA Warning

Software running Palo Alto Networks’ firewalls is under attack, prompting U.S. Cybersecurity and Infrastructure Security Agency CISA to issue a warning to public and federal IT security teams to apply available fixes. Federal agencies urged to patch the bug by September 9. Earlier this month, Pal...

8.6CVSS8.8AI score0.02041EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2022/03/11 6:34 p.m.92 views

Russia Issues Its Own TLS Certs

Russia is offering its own trusted Transport Layer Security TLS certificate authority CA to replace certificates that need to be renewed by foreign countries. As it is, a pile of sanctions imposed in the wake of Russia’s invasion of Ukraine is gumming up its citizen’s access to websites. As it is...

8.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/11/09 9:41 p.m.92 views

Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs

Microsoft reported a total of 55 vulnerabilities, six of which are rated critical, with the remaining 49 being rated important. The flaws are found in Microsoft Windows and Windows Components, Azure, Azure RTOS, Azure Sphere, Microsoft Dynamics, Microsoft Edge Chromium-based, Exchange Server,...

9.8CVSS9.2AI score0.99999EPSS
Exploits75References20
ThreatPost
ThreatPost
added 2021/08/09 4:18 p.m.92 views

Android Malware ‘FlyTrap’ Hijacks Facebook Accounts

Researchers have uncovered a new Android trojan, dubbed FlyTrap, that’s spread to more than 10,000 victims via rigged apps on third-party app stores, sideloaded apps and hijacked Facebook accounts. In a report posted on Monday, Zimperium’s zLabs mobile threat research teams wrote that FlyTrap has...

6.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/07/21 10:0 a.m.92 views

MacOS Being Picked Apart by $49 XLoader Data Stealer

There’s a new version of the old FormBook form-stealer and keylogger that’s added Mac users to its hit list, and it’s selling like hotcakes on underground markets for as low as $49. It’s not only cheap; it’s easy. The data stealer is distributed in the form of malware-as-a-service MaaS and stands...

7.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/05/27 1:56 p.m.92 views

Fujitsu SaaS Hack Sends Govt. of Japan Scrambling

Threat actors have stolen files from several official government agencies of Japan by hacking into Fujitsu’s software-as-a-service SaaS platform and gaining access to its systems. The Japan-based tech giant temporarily disabled ProjectWEB enterprise after learning of the attack, which is known to...

7.5AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/05/21 6:41 p.m.92 views

DarkSide Getting Taken to ‘Hackers’ Court’ For Not Paying Affiliates

Cybercriminals who have worked as affiliates with ransomware group DarkSide, responsible for the Colonial Pipeline attack, are having a tough time getting paid for their work now that the group has had its operations interrupted; so, they’re turning to admins of the group’s Dark Web criminal foru...

7.2AI score
Exploits0References7
Total number of security vulnerabilities5000