Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/08/23 4:0 p.m.90 views

Lenovo High-Severity Bug Found in Pre-Installed Software

Another flaw has been found in Lenovo’s decommissioned Lenovo Solution Centre software, preinstalled on millions of older-model PCs made by the world’s leading computer maker. The vulnerability is a privilege escalation flaw that can be used to execute arbitrary code on a targeted system, giving ...

7.5CVSS0.3AI score0.01077EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2019/06/20 3:53 p.m.90 views

Tor Browser Issues Update for Critical System Takeover Flaw

Tor Browser has updated to version 8.5.2, to address a critical security flaw in Mozilla’s Firefox browser that is under active exploit in the wild. The critical flaw CVE-2019-11707 is a type confusion vulnerability in the Array.pop, which is an array method that is used in JavaScript objects in...

7.5CVSS8.4AI score0.37951EPSS
Exploits7References4
ThreatPost
ThreatPost
added 2019/06/12 12:0 p.m.90 views

Full Insight into the Internal Environment with Cynet Free Visibility

Organizational IT security teams have the enormous job of protecting their assets while monitoring and eliminating exposed attack surfaces. Achieving real-time visibility and doing so quickly and efficiently is integral to this, unfortunately though, it eats into resources, frequently requiring...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/09 9:8 p.m.90 views

'Unhackable' Biometric USB Offers Up Passwords in Plain Text

A USB stick dubbed eyeDisk that uses iris recognition to unlock the drive claims to be “unhackable” – only, it isn’t. In fact, a simple Wireshark analysis revealed the device’s password – in plain text. David Lodge of Pen Test Partners noticed the product on Kickstarter, where it amassed enough...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/05/08 12:30 p.m.90 views

Top 5 Configuration Mistakes That Create Field Days for Hackers

Sometimes it’s the little things that lead to big consequences. When it comes to cybersecurity, hacks more often than not stem from minor missteps – or even completely preventable, obvious mistakes. Common security mistakes and overlooked misconfigurations can open the door for attackers to drop...

Exploits0References4
ThreatPost
ThreatPost
added 2019/04/26 12:10 p.m.90 views

Facial Recognition 'Consent’ Doesn’t Exist, Threatpost Poll Finds

Half of respondents in a recent Threatpost poll said that they don’t believe consent realistically exists when it comes to real-life facial recognition. The recent poll of 170 readers comes as facial recognition applications continue to pop up in the real world – from airports to police forces...

9CVSS8.7AI score0.99965EPSS
Exploits30References8
ThreatPost
ThreatPost
added 2019/04/02 9:1 a.m.91 views

Financial Apps are Ripe for Exploit via Reverse Engineering

A white hat hacker reverse engineered 30 mobile financial applications and found sensitive data buried in the underlying code of nearly all apps examined. With this information a hacker could, for example, recover application programming interface API keys and use them to attack the vendor’s...

7.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/03/27 5:41 p.m.90 views

Grindr Poses National Security Risk, U.S. Gov Says

UPDATE The Committee on Foreign Investment in the United States CFIUS has named the ownership of popular gay dating app Grindr a national security risk, according to a report. Grindr describes itself as “the world’s largest social networking app for gay, bisexual, transgender and queer people.” A...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/27 3:45 p.m.90 views

Thunderclap Flaws Shatter Peripheral Security

UPDATE A set of vulnerabilities collectively dubbed “Thunderclap” is putting computers at risk from weaponized peripheral devices think network cards, storage and graphics cards, and even chargers and video projectors. The flaws reside in the Thunderbolt hardware interface developed by Intel in...

0.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/14 6:33 p.m.90 views

Ever-Changing Emotet Evolves Again with Fresh Evasion Tactic

The Emotet trojan has seen a spike in activity in the last month, with a campaign that once again showcases its ability to evolve quickly: It’s now employing a different delivery mechanism than has previously been seen, in what appears to be an effective tactic for evasion. Emotet, which has beco...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/11 8:17 p.m.90 views

Threatpost Poll: Is It Impossible to Secure Mobile Devices?

Between applications and operating systems, a slew of mobile threats continue to pop up – and when it comes to security, it’s getting harder and harder for enterprises to keep up. Just in the past week, Apple patched a massive flaw in its FaceTime allowing a bad actor to eavesdrop on victims; whi...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2016/09/23 3:47 p.m.90 views

OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

A vulnerability in the OpenSSL implementation of the Online Certificate Status Protocol OCSP was patched this week, closing a denial-of-service weakness in affected servers. The patch was the most severe of 14 released yesterday by OpenSSL. OCSP is an alternative in many cases to Certificate...

7.8CVSS0.7AI score0.95707EPSS
Exploits8References3
ThreatPost
ThreatPost
added 2015/12/01 11:37 a.m.90 views

China APT Gang Targets Hong Kong Media via Dropbox

An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong. An August attack against several media companies in Hong Kong was carried out shortly after a...

9.3CVSS1.1AI score0.99966EPSS
Exploits12References6
ThreatPost
ThreatPost
added 2014/11/14 7:42 a.m.90 views

Microsoft Considering Public-Key Pinning for Internet Explorer

Microsoft is considering adding public-key pinning–an important defense against man-in-the-middle attacks–to Internet Explorer. The feature is designed to help protect users against the types of MITM attacks that rely on forged certificates, which comprise a large portion of those attacks...

9.3CVSS8.2AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2010/03/29 5:15 p.m.90 views

Apple Mega Patch Covers 88 Mac OS X Vulnerabilities

Apple Mega Patch Covers 88 Mac OS X Vulnerabilities Apple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping with fixes for 88 documented vulnerabilities. The Mac OS X v10.6.3 update, which is considered “critical,” covers flaws that could lead to...

10CVSS0.4AI score0.9444EPSS
Exploits92References3
ThreatPost
ThreatPost
added 2009/07/14 7:2 p.m.90 views

Inside Microsoft's July Security Patch Batch

Microsoft released six security bulletins today — three rated Critical and three rated Important. Two of the issues are being actively exploited on the Internet and four of the issues are client-side vulnerabilities, which means the exploit can only occur if a user visits an evil website or opens...

9.3CVSS0.5AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2021/05/28 3:11 p.m.89 views

HPE Fixes Critical Zero-Day in SIM

Hewlett Packard Enterprise HPE has fixed a critical zero-day remote code execution RCE flaw in its HPE Systems Insight Manager SIM software for Windows that it originally disclosed in December. HPE SIM is a tool that enables remote support automation and management for a variety of HPE servers,...

9.8CVSS10AI score0.8189EPSS
Exploits4References5
ThreatPost
ThreatPost
added 2021/03/15 3:40 p.m.89 views

Google Warns Mac, Windows Users of Chrome Zero-Day Flaw

Google is hurrying out a fix for a vulnerability in its Chrome browser that’s under active attack – its third zero-day flaw so far this year. If exploited, the flaw could allow remote code-execution and denial-of-service attacks on affected systems. The vulnerability exists in Blink, the browser...

0.9AI score0.0987EPSS
Exploits3References10
ThreatPost
ThreatPost
added 2021/02/19 7:33 p.m.89 views

Mysterious Silver Sparrow Malware Found Nesting on 30K Macs

Hard on the heels of a macOS adware being recompiled to target Apple’s new in-house processor, researchers have discovered a brand-new family of malware targeting the platform. Curiously, in the samples seen so far by analysts at Red Canary, the malware dubbed Silver Sparrow has been executing on...

7.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/01/22 9:57 p.m.89 views

Microsoft Edge, Google Chrome Roll Out Password Protection Tools

Two major browsers –Microsoft Edge and Google Chrome – are rolling out default features, which they say will better help notify users if their password has been compromised as part of a breach or database exposure. Edge and Chrome’s moves signify a bigger push by browsers to solve the big “passwo...

7.7AI score0.00836EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/16 4:13 p.m.89 views

Dickey's BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker's Stash

Popular U.S. smoked-meat franchise Dickey’s Barbecue Pit has been hit with a data breach, with cybercriminals posting the fat cap of the compromised data – 3 million payment cards – on the popular Joker’s Stash underground marketplace this week. The Dallas-based franchise, which is a subsidiary o...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/10/05 5:12 p.m.89 views

Rare Bootkit Malware Targets North Korea-Linked Diplomats

A firmware bootkit has been spotted in the wild, targeting diplomats and members of non-governmental organizations NGOs from Africa, Asia and Europe. It has turned out to be part of a newly uncovered framework called MosaicRegressor. According to researchers from Kaspersky, code artifacts in some...

Exploits0References7
ThreatPost
ThreatPost
added 2020/09/03 2:2 p.m.89 views

NSA Mass Surveillance Program Illegal, U.S. Court Rules

A U.S. federal appeals court ruled that the controversial National Security Agency NSA mass surveillance program exposed in 2013 was illegal – and may have even been unconstitutional. The call comes seven years after former NSA contractor and whistleblower Edward Snowden outed the mass surveillan...

6.8AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/05/11 8:19 p.m.89 views

Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection

A pair of vulnerabilities in Oracle’s iPlanet Web Server have been disclosed that can lead to sensitive data exposure and image injections onto web pages if exploited. However, no patch is forthcoming for either flaw. The bugs CVE-2020-9315 and CVE-2020-9314 are specifically found in the web...

9.3CVSS6.9AI score0.81814EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/15 9:10 p.m.89 views

Malicious Google Web Extensions Harvest Cryptowallet Secrets

Large campaigns that are spreading malicious browser extensions are abusing Google Ads and well-known cryptocurrency brands to draw in victims. Extensions can be installed to add widgets or other functionality to web browsers; they offer the ability to do everything from setting a special search...

6.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/08 8:50 p.m.89 views

PowerPoint ‘Weakness’ Opens Door to Malicious Mouse-Over Attack

A researcher is sounding the alarm over what he believes could be a novel attack vector which allows a hacker to manipulate a PowerPoint file to download and begin the installation of malware, simply by hovering over a hypertext link. The technique does require a victim to accept one pop-up...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/02/20 5:29 p.m.89 views

Critical Cisco Bug Opens Software Licencing Manager to Remote Attack

A critical flaw in the High Availability HA service of Cisco Smart Software Manager On-Prem Base has been uncovered, which would open the door to remote attackers thanks to its use of a static, default password, even if the platform isn’t directly connected to the internet. Cisco Smart Software...

8.8CVSS0.8AI score0.0552EPSS
Exploits1References11
ThreatPost
ThreatPost
added 2020/02/03 3:56 p.m.89 views

Ashley Madison Breach Extortion Scam Targets Hundreds

Nearly five years after the high-profile Ashley Madison data breach, hundreds of impacted website users are being targeted by a new extortion attack this past week. The 2015 data breach of the adultery website led to 32 million accounts being publicly dumped online, including victims’ names,...

Exploits0References10
ThreatPost
ThreatPost
added 2019/09/06 6:23 p.m.89 views

News Wrap: Deepfake CEO Voice Scam, Facebook Phone Data Exposed

In this week’s news wrap ended Sept. 6, the Threatpost team breaks down the biggest news of the week, including: Cybercrooks successfully fooling a company into a large wire transfer using an AI-powered deepfake of a chief executive’s voice and Facebook, Microsoft and a number of universities...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/08/21 7:20 p.m.89 views

The Texas Ransomware Attacks: A Gamechanger for Cybercriminals

Texas officials have been left scrambling after up to 22 Texas entities – the majority of which are local governments – were hit by a coordinated ransomware attack on Friday. So far, these include the cities of Borger and Keene, and Texas officials say the attacks are all connected and carried ou...

0.7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/08 12:0 p.m.89 views

Black Hat 2019: WhatsApp Users Still Open to Message Manipulation

LAS VEGAS – Researchers at Black Hat USA 2019 demoed how known vulnerabilities in WhatsApp could still be exploited in several attacks that manipulate chats. Facebook-owned WhatsApp is a popular end-to-end encrypted messaging platform with at least 1.5 billion users. Researchers with Check Point...

6.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/27 1:0 p.m.89 views

ThreatList: Top 8 Threat Actors Targeting Canada in 2019

Banking and financial services in Canada are being targeted in geo-specific attacks looking to spread varying forms of malware, according to researchers tracking thousands of malicious email campaigns between January 2019 to May 2019. In particular, campaigns are typically launched by...

0.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/05/20 3:55 p.m.89 views

Salesforce Woes Linger as Admins Clean Up After Service Outage

After a massive service outage on Friday, software-as-a-service giant Salesforce restored partial access to its affected customers over the weekend, while admins continued with cleanup into Monday. The outage was brought on by a scripting error that affected all Pardot marketing automation softwa...

0.2AI score
Exploits0References19
ThreatPost
ThreatPost
added 2019/05/20 3:14 p.m.89 views

Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws

There was a lot more to the name game behind choosing titles for ZombieLoad, Spectre and Meltdown than picking cool and edgy attack titles. If you have ever wondered why they were named what they were, Threatpost tracked down one of the researchers behind the naming convention and discovery and...

7.3AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/04/30 4:21 p.m.89 views

BEC Hack Cons Catholic Church Out of $1.75 Million

A church in Brunswick, Ohio was scammed out of a whopping $1.75 million as a result of a business email compromise BEC attack. St. Ambrose Catholic Parish, which has around 16,000 members, has been working on a massive $4 million church renovation, dubbed “Vision 20/20” – but attackers figured ou...

9CVSS0.2AI score0.99965EPSS
Exploits30References6
ThreatPost
ThreatPost
added 2019/03/11 6:44 p.m.89 views

Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks

SAN FRANCISCO – Ransomware may be poised to return as a top scourge for companies, as more and more of them pay up after an attack in an effort to minimize the cost of recovery. That’s just one insight gleaned from an interview at RSA Conference 2019 last week with Josh Zelonis, senior analyst at...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/02/25 2:17 p.m.89 views

Google Ditches Passwords in Latest Android Devices

Half of all Android users can now log into apps and websites on their devices – without having to remember a cumbersome password. On Monday, Google and the Fast IDentity Online FIDO Alliance announced that devices running Android 7 or later are certified by the FIDO2 standard, meaning that users...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/15 3:38 p.m.89 views

NotPetya Linked to Industroyer Attack on Ukraine Energy Grid

The massive NotPetya ransomware outbreak that crippled organizations around the world last year turns out to have links to the Industroyer backdoor, which targets industrial control systems ICS and took down the Ukrainian power grid in Kiev in 2016. In fact, the same threat actor – dubbed TeleBot...

0.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2017/07/11 1:43 p.m.89 views

Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks

NTLM has a long history of serious vulnerabilities and of causing anxiety for Windows and UNIX server admins. Their collective angst is unlikely to lessen today with the disclosure of a pair of new vulnerabilities in the protocol suite. Microsoft today patched one of the issues among its Patch...

9.3CVSS1.3AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2016/06/23 9:43 a.m.89 views

Swagger Vulnerability Leads to Arbitrary Code Injection

An unexpected behavior in a relatively new and popular open source API framework called Swagger could lead to code execution, researchers at Rapid7 said. The company today disclosed some details on the vulnerability, and released a Metasploit exploit module and a proposed patch written by...

1.3AI score
Exploits3References3
ThreatPost
ThreatPost
added 2016/01/08 1:41 p.m.89 views

End of Life Internet Explorer 8, 9, 10 Security Support

Anxiety was high around April 8, 2014 when Microsoft officially closed the door on security support for Windows XP. Many envisioned black hats worldwide stockpiling exploits waiting for the day when XP machines would be left permanently exposed. The anticipated malware apocalypse, however, never...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2015/05/08 12:12 p.m.89 views

Dennis Fisher and Mike Mimoso on the End of the Patch Tuesday Era, Section 215 and More

Dennis Fisher and Mike Mimoso talk about the end of the Patch Tuesday era for most Microsoft customers, the appeals court ruling on Section 215 metadata collection and Dennis’s idea for a security industry commission. Download: digitalunderground201.mp3 Music by Chris Gonsalves...

9.3CVSS3.4AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/06/10 4:17 p.m.89 views

Free Beacon Article Redirects to ZeroAccess Rootkit, Fake AV

Update: Aaron Harison, president of the Center for American Freedom, told Threatpost this morning that the issue has been resolved and the site is no longer serving malware. Hackers have latched on to the NSA surveillance story—literally. A news story on the outing of whistleblower Edward Snowden...

10CVSS1.6AI score0.97612EPSS
Exploits64References4
ThreatPost
ThreatPost
added 2011/08/24 11:45 a.m.89 views

Katie Moussouris on the Microsoft Blue Hat Prize

Dennis Fisher talks with Katie Moussouris of Microsoft about the company’s new Blue Hat Prize for innovative defensive security technology, why Microsoft didn’t start a bug bounty program and whether this will become an annual contest. Podcast audio courtesy of sykboy65 Subscribe to the Digital...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/08/22 1:59 p.m.88 views

Fake Reservation Links Prey on Weary Travelers

A longtime threat group identified as TA558 has ramped up efforts to target the travel and hospitality industries. After a lull in activity, believed tied to COVID-related travel restrictions, the threat group has ramped up campaigns to exploit an uptick in travel and related airline and hotel...

9.3CVSS8.7AI score0.99945EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2022/03/16 4:0 a.m.88 views

Phony Instagram ‘Support Staff’ Emails Hit Insurance Company

A phishing campaign used the guise of Instagram technical support to steal login credentials from employees of a prominent U.S. life insurance company headquartered in New York, researchers have revealed. According to a report published by Armorblox on Wednesday, the attack combined brand...

8.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2022/02/22 9:0 p.m.88 views

Gaming, Banking Trojans Dominate Mobile Malware Scene

The number of cyberattacks launched against mobile users was down last year, researchers have found — but don’t pop the champagne just yet. The decline was offset by jacked-up, more sophisticated, more nimble mobile nastiness. In a Monday report, Kaspersky said that its researchers have observed ...

9AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/08/27 4:49 p.m.88 views

Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover

A critical security vulnerability in Microsoft’s Azure cloud database platform – Cosmos DB – could have allowed full remote takeover of accounts, with admin rights to read, write and delete any information to a database instance. According to researchers at Wiz, any Azure customer could access...

8.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/05/25 12:25 p.m.88 views

Apple Patches Zero-Day Flaw in MacOS that Allows for Sneaky Screenshots

Apple has patched a critical bug in macOS that could be exploited to take screenshots of someone’s computer and capture images of their activity within applications or on video conferences without that person knowing. Apple addressed the vulnerability—discovered by researchers at enterprise...

7.8CVSS8AI score0.0658EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2020/09/01 4:23 p.m.88 views

Magecart Credit-Card Skimmer Adds Telegram as C2 Channel

The e-commerce card-skimming landscape has a new wrinkle: Cybercriminals affiliated with the Magecart collective are using encrypted messaging service Telegram as a channel for sending stolen credit-card information back to its command-and-control C2 servers. That’s according to researchers who...

0.2AI score
Exploits0References10
Total number of security vulnerabilities5000