Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/07/14 5:2 p.m.88 views

Adobe Discloses Critical Code-Execution Bugs in July Update

Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion. Four of the bugs are rated critical in severity, with the others ranked as important. Most of the...

10CVSS0.0552EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2020/04/15 2:41 p.m.88 views

Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module

Intel has stomped out high-severity flaws in its Next Unit Computing NUC mini PC firmware, and in its Modular Server MFS2600KISPP Compute Module. Overall, Intel addressed nine vulnerabilities across six products in its April security update – two of those being high-severity, and the rest being...

5.8CVSS7.4AI score0.00633EPSS
Exploits0References20
ThreatPost
ThreatPost
added 2020/04/10 10:46 p.m.88 views

SFO Websites Hacked: Airport Discloses Data Breach

The San Francisco International Airport SFO disclosed this week two of its websites had been hacked and lead to the disclosure of some users’ login credentials at both sites. The attacks occurred in March and compromised were SFOConnect.com and SFOConstruction.com, both relatively low-traffic...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/03/20 8:28 p.m.88 views

Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/01/17 4:56 p.m.88 views

FBI Plans to Inform States of Election Breaches

The FBI has changed its policy around election cybersecurity and said it will now notify state officials in the event that local election systems are hacked. The move—revealed in a media briefing Thursday and then published online later that day—extends the number of election officials who are...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/01/15 8:47 p.m.88 views

Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft

A major Microsoft crypto-spoofing bug impacting Windows 10 made waves this Patch Tuesday, particularly as the flaw was found and reported by the U.S. National Security Agency NSA. Microsoft’s January Patch Tuesday security bulletin disclosed the “important”-severity vulnerability, which could all...

0.2AI score0.0552EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2019/12/20 2:46 p.m.88 views

Apple's Bug Bounty Opens for Business, $1M Payout Included

Apple has officially opened its historically private bug-bounty program to the public, while boosting its top payout to $1 million. Bounty hunters seeking that $1 million will need to provide a working exploit for a zero-click remote chain with full kernel execution and persistence on Apple’s...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/11/20 2:3 p.m.88 views

Hackers Dump 2.2M Gaming, Cryptocurrency Passwords Online

The passwords and other personal data of more than 2.2 million users of two websites were revealed online as the result of data breaches that happened earlier this year, a notable security researcher warned. Personal information belonging to the users of cryptocurrency wallet service GateHub and...

Exploits0References18
ThreatPost
ThreatPost
added 2019/08/27 5:43 p.m.88 views

Malicious App on Google Play Tallies 100 Million Downloads

Call it the case of a good app gone bad! For some time, a handy PDF creator and optical character recognition OCR app available via Google Play offered users utility and convenience. The app, downloaded more than 100 million times, is called CamScanner and allows Android phone owners to snap a...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/22 4:27 p.m.88 views

Building a Mobile Defense: 5 Key Questions to Ask

How often do we hear Willie Sutton’s famous but probably apocryphal quote about robbing banks because “that’s where the money is?” This gets invoked in the context of information security in general and mobile devices in particular, and there’s a reason: Given the estimates from institutions like...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/19 7:49 p.m.88 views

Post GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware

Ransomware continues to be a top threat, with Friday’s ransomware attack on 23 Texas local government and agencies and two in June on dual Florida cities – Lake City and Riviera Beach, resulting in a decision to pay off the hackers — acting as perfect examples of just how lucrative this type of...

6.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/10 1:56 p.m.88 views

Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads

Researchers are warning of a new breed of Android malware, dubbed “Agent Smith,” that they claim has infected 25 million handsets in order to replace legitimate apps with doppelgangers that display rogue ads. The malware is tied to a China-based firm, according to Check Point researchers, and is...

0.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/05/21 9:21 p.m.88 views

Mozilla Tackles Two Critical Flaws with Firefox 67 Release

Mozilla patched several critical vulnerabilities with the release of its Firefox 67 browser on Tuesday. The worst of the bugs patched are two memory safety flaws that could allow attackers to exploit the vulnerabilities to take control of an affected system, according to a security bulletin issue...

7.5CVSS10AI score0.01775EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/18 8:21 p.m.88 views

Weather Channel Knocked Off-Air in Dangerous Precedent

On Thursday, The Weather Channel – a trusted cable network source of meteorological data across the U.S. – was knocked off the air by what it said was a “malicious software attack” on its network. The Weather Channel hack – not to be confused with the Weather Channel’s own hacks – affected its li...

7.5CVSS9.7AI score0.9927EPSS
Exploits45References11
ThreatPost
ThreatPost
added 2013/06/18 10:0 a.m.88 views

NetTraveler Attackers Using PRISM Program as Bait

Never let it be said that attackers don’t keep up with the news. The crew behind the NetTraveler cyberespionage attacks is now using the news about the NSA’s PRISM surveillance program as bait in a new spear-phishing campaign. Security researcher Brandon Dixon of 9bplus came across a malicious...

9.3CVSS0.1AI score0.99966EPSS
Exploits12References5
ThreatPost
ThreatPost
added 2012/05/16 1:14 p.m.88 views

Microsoft's SDL Expands Beyond Redmond

It’s been more than 10 years now since Microsoft began the initiative that would eventually become Trustworthy Computing, and while the effects it’s had inside the company have been well documented, the utility and adoption of the Security Development Lifecycle by outside organizations and...

9.3CVSS8.8AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2021/09/27 2:59 p.m.87 views

3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale

On its own, the database of 3.8 billion phone numbers leaked from social-media platform Clubhouse didn’t have much value on the underground market. In fact, they were eventually dumped in a hacker forum for free. But an enterprising threat actor has reportedly combined those phone numbers with 53...

9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/08/30 3:14 p.m.87 views

LockBit Gang to Publish 103GB of Bangkok Airways Customer Data

The LockBit ransomware gang has apparently struck again, having purportedly stolen 103GB worth of files from Bangkok Airways and promising to release them tomorrow, on Tuesday. A Dark Web intelligence firm calling itself DarkTracer apparently a separate intel firm than the better-known DarkTrace...

7.6AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/07/30 9:6 p.m.87 views

NSA Warns Public Networks are Hacker Hotbeds

The U.S. National Security Agency is offering advice to security teams looking for wireless best practices to protect corporate networks and personal devices. The recommendations, while pedestrian in scope, do offer system administrators a solid cheat sheet to share with their work-from-home crow...

6.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/12/11 7:41 p.m.87 views

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

An innovative Linux-based cryptocurrency mining botnet has been uncovered, which exploits a disputed PostgreSQL remote code-execution RCE vulnerability to compromise database servers. The malware is unusual and completely novel in a host of ways, researchers said. According to researchers at Palo...

9CVSS7.5AI score0.91877EPSS
Exploits17References5
ThreatPost
ThreatPost
added 2020/11/24 12:59 p.m.87 views

Tesla Hacked and Stolen Again Using Key Fob

Researchers have demonstrated for the third time how hacking into the key fob of a Tesla can allow someone to access and steal the car in minutes. The new attack again shows a security vulnerability in the keyless entry system of one of the most expensive electric vehicles EVs on the market...

0.4AI score0.65907EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/09/18 4:29 p.m.87 views

Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach

The operators of the Maze ransomware have added a fresh trick to their bag of badness: Distributing ransomware payloads via virtual machines VM. It’s a “radical” approach, according to researchers, meant to help the ransomware get around endpoint defense. That’s according to researchers with Soph...

0.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/03/19 3:50 p.m.87 views

Cisco Warns of High-Severity SD-WAN Flaws

Cisco Systems has fixed three high-severity vulnerabilities in its software-defined networking for wide-area network SD-WAN solutions for business users. If exploited, the flaws could enable bad actors to execute commands with root privileges on affected systems. To exploit the vulnerabilities...

7.2CVSS3AI score0.00727EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2020/03/13 8:53 p.m.87 views

WordPress Plugin Bug in Popup Builder Threatens 100K Websites

Two vulnerabilities – including a high-severity flaw – have been patched in a popular WordPress plugin called Popup Builder. The more severe flaw could enable an unauthenticated attacker to infect malicious JavaScript into a popup – potentially opening up more than 100,000 websites to takeover...

7.3AI score0.01421EPSS
Exploits2References8
ThreatPost
ThreatPost
added 2020/03/10 9:58 p.m.87 views

Critical Bugs in Rockwell, Johnson Controls ICS Gear

Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...

10CVSS7.6AI score0.04226EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2020/03/03 4:28 p.m.87 views

Have I Been Pwned No Longer For Sale

After announcing last year that he was looking to sell Have I Been Pwned HIPB, Troy Hunt said this week that the popular service has been pulled off the market and will instead continue to be run independently. HIBP offers a free service for consumers to check if their usernames and passwords hav...

7.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/02/11 7:46 p.m.87 views

Intel Patches High-Severity Flaw in Security Engine

Intel is warning of a high-severity flaw in the firmware of its converged security and management engine CSME, which if exploited could allow privilege escalation, denial of service and information disclosure. CSME powers Intel’s Active Management System hardware and firmware technology, used for...

4.6CVSS8AI score0.0552EPSS
Exploits1References18
ThreatPost
ThreatPost
added 2020/01/06 3:46 p.m.87 views

Hackers Deface U.S. Gov Website With Pro-Iran Messages

UPDATE A U.S. government website was vandalized late Saturday by hackers who posted images of a bloodied President Donald Trump being punched in the face and pro-Iran messages. The defaced website was the Federal Depository Library Program FDLP website, which makes U.S. federal government...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/21 7:15 p.m.87 views

Microsoft Outlook for Android Bug Opens Door to XSS

Users of the Microsoft Outlook for Android app should update their apps to avoid a range of attacks. The bug CVE-2019-1460 would allow an attacker to perform cross-site scripting XSS attacks on the affected systems and run scripts in the security context of the current user, according to...

3.5CVSS7.1AI score0.26869EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2019/11/18 12:18 p.m.87 views

Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked

Hackers over the weekend successfully compromised widely used software and hardware–including browsers Safari and Chrome, D-Link routers and the Office 365 suite–using zero-day vulnerabilities at the annual Tianfu Cup gathering. The hacking competition, held in Chengdu, China, is very similar to...

0.1AI score
Exploits0References21
ThreatPost
ThreatPost
added 2019/11/06 9:24 p.m.87 views

Rogue Trend Micro Employee Sold Customer Data for 68K Accounts

Trend Micro said that a rogue employee sold the data of 68,000 customers to a malicious third party, who then used that data to target customers with scam calls. The employee, who gained unauthorized access to a customer-support database, has since been terminated. Trend Micro said that the...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/10/16 4:50 p.m.87 views

.WAVs Hide Malware in Their Depths in Innovative Campaign

UPDATE Audio .WAV files are the latest hiding place for obfuscated malicious code; a campaign has been spotted in which malicious content was secretly woven throughout the file’s audio data. The embedded code consists of two different payloads: A XMRig/Monero CPU cryptominer and Metasploit code...

1.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/09/27 6:54 p.m.87 views

iOS Exploit 'Checkm8' Could Allow Permanent iPhone Jailbreaks

A researcher is warning of an un-patchable bug affecting hundreds of millions of iPhones that gives attackers system-level access to handsets via an unblockable jailbreak hack. Right now, the scope of the attack is limited. The exploit is dubbed “checkm8” by a security researcher who goes by the...

7.6AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/08/27 4:58 p.m.88 views

Imperva Firewall Breach Exposes Customer API Keys, SSL Certificates

UPDATE Imperva, the security vendor, has made a security breach public that affects customers using the Cloud Web Application Firewall WAF product. Formerly known as Incapsula, the Cloud WAF analyzes requests coming into applications, and flags or blocks suspicious and malicious activity. Users’...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/12 8:17 p.m.87 views

AT&T, T-Mobile, Sprint, Verizon Blasted For Data Privacy Policies

A U.S. senator has put telecommunication companies – AT&T, T-Mobile, Sprint and Verizon – on notice for their data-collection and retention policies. Last week, U.S. senator Ron Wyden D-Ore. sent an open letter to the CEOs of the four major telecom providers urging them to limit the data they...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/08/07 10:57 p.m.87 views

Black Hat 2019: 5G Security Flaw Allows MiTM, Targeted Attacks

LAS VEGAS — 5G commercial networks are starting to roll out, promising exciting new use cases like automated cars, and smart sensor networks where the nodes have 10-year battery lives. To go along with these possibilities are new security requirements; notably, improvements in device...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/07 11:30 a.m.87 views

Black Hat: LeapFrog Tablet Flaws Let Attackers Track, Message Kids

LAS VEGAS – Serious vulnerabilities have been disclosed in LeapFrog’s tablet for kids, the LeapPad Ultimate, once again throwing child data privacy into the spotlight. The LeapPad Ultimate is a rugged tablet made by LeapFrog that targets children with an array of education, game and eBook apps...

7.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/30 3:6 p.m.87 views

POS Malware Found at 102 Checkers Restaurant Locations

The popular Checkers and Rally’s drive-through restaurant chain was attacked by Point of Sale POS malware impacting 15 percent of its stores across the U.S. Checkers is one of the largest drive-through restaurants in the U.S., operating in 28 states and headquartered in Tampa, Florida. The securi...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/05/28 6:45 p.m.87 views

200k Personal Records Exposed by Events Planning Firm

A database belonging to Australian event planning startup, Amazingco, was found leaking more than 200,000 records with personal details tied to children’s entertainment, wine tour events and more. Amazingco, which is based in Austrailia but offers services in New Zealand and the U.S., connects...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/05/09 2:49 p.m.87 views

Researchers in the Dark on Powerful LightNeuron Malware for Years

LightNeuron, a backdoor specifically designed to target Microsoft Exchange mail servers, has flown under the radar since at least 2014, despite being the malware linchpin at the center of several targeted campaigns. A fresh analysis of the recently uncovered code shows that it’s the first publicl...

7.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/04/05 2:1 p.m.87 views

LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files

A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways. According to Trustwave SpiderLabs, tha...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/05/03 4:57 p.m.87 views

Kitty Cryptomining Malware Cashes in on Drupalgeddon 2.0

Yet another bad actor has taken advantage of Drupal sites still vulnerable to “Drupalgeddon 2.0,” this time to mine cryptocurrency. The bad script, dubbed the “Kitty” cryptomining malware, takes advantage of the known critical remote-code execution vulnerability in Drupal CVE-2018-7600 to target...

7.5CVSS9.9AI score0.99993EPSS
Exploits46References8
ThreatPost
ThreatPost
added 2016/10/20 7:0 a.m.87 views

FruityArmor APT Group Used Recently Patched Windows Zero Day

One of the four zero-day vulnerabilities Microsoft patched last week was being used by an APT group called FruityArmor to carry out targeted attacks, escape browser-based sandboxes, and execute malicious code in the wild. Anton Ivanov, a researcher at Kaspersky Lab, was credited by Microsoft for...

10CVSS1.7AI score0.68684EPSS
Exploits3References10
ThreatPost
ThreatPost
added 2013/04/09 7:18 p.m.87 views

Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates

UPDATE – In an unexpected turn, Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago. The popular hacker contest attracted researchers from all over who were targeting all the...

9.3CVSS1AI score0.99945EPSS
Exploits33References12
ThreatPost
ThreatPost
added 2010/04/29 5:12 p.m.87 views

New Flaw Found in Microsoft SharePoint

There is a cross-site scripting flaw in SharePoint 2007, Microsoft’s collaboration product, which could give an attacker the ability to execute arbitrary JavaScript code on a machine through a browser. High-Tech Bridge, a Swiss security firm, published an advisory about the vulnerability on...

9.3CVSS1.1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/02/17 2:0 p.m.86 views

Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security - Podcast

Brought to you by Uptycs. Underwriters of Threatpost podcasts do not assert any editorial control over content. Applications are cybercriminals’ favorite ways to crack open targeted organizations. Yet no single team or process can assure the rollout of safe cloud applications. From code design to...

8.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/09/02 6:32 p.m.86 views

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution

Researchers have disclosed a group of 16 different vulnerabilities collectively dubbed BrakTooth, which impact billions of devices that rely on Bluetooth Classic BT for communication. According to an academic paper from the University of Singapore, the bugs are found in the closed commercial BT...

8.8CVSS7.6AI score0.0139EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/11/20 8:18 p.m.86 views

VMware Fixes Critical Flaw in ESXi Hypervisor

VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition. The use-after-free vulnerability CVE-2020-4004 has a CVSS score of 9.3 out of 10, making it critical. It exists in the eXtensible Host Controller...

1.4AI score0.00392EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2020/06/29 4:48 p.m.86 views

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

A popular Wi-Fi extender for the home has multiple unpatched vulnerabilities, including the use of a weak, default password, according to researchers. Also, two of the bugs could allow complete remote control of the device. The flaws have been found in Tenda PA6 Wi-Fi Powerline extender, version...

9CVSS0.9AI score0.26869EPSS
Exploits4References9
ThreatPost
ThreatPost
added 2020/04/20 8:51 p.m.86 views

Mootbot Botnet Targets Fiber Routers with Dual Zero-Days

The Mootbot botnet has been using a pair of zero-day exploits to compromise multiple types of fiber routers. According to researchers, other botnets have attempted to do the same, but have so far failed. According to researchers at NetLab 360, the operators of the Mootbot botnet in late February...

9.6AI score0.26869EPSS
Exploits0References7
Total number of security vulnerabilities5000