Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/01/03 6:22 p.m.83 views

Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline

Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. In the meantime though, cybercriminals will be targeting pay-at-the-pump point-of-sale mechanisms with a vengeance, researche...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/03 5:48 p.m.83 views

Travelex Knocked Offline by System-Wide Malware Attack

A “computer virus” has forced foreign currency exchange giant Travelex to shut down its online services and its app – leaving its retail locations to carry out tasks manually and many customers stranded without travel money. Its global banking partners have also been left adrift with no way to bu...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/01/02 4:53 p.m.83 views

TikTok Banned By U.S. Army Over China Security Concerns

With backlash swelling around TikTok’s relationship with China, the United States Army this week announced that U.S. soldiers can no longer have the social media app on government-owned phones. TikTok, a social media app used to create and share short form videos, is owned by Beijing-based parent...

7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/12/20 5:40 p.m.83 views

Top Zero Days, Data Breaches and Security Stories of 2019: News Wrap

From data breaches and the ransomware epidemic to new regulation and an outcry around data privacy, 2019 has been a wild ride for the infosec community. Threatpost breaks down the top news stories, trends and topics for this year. Listen to the full podcast or download direct. For a lightly-edite...

7.2AI score
Exploits0References35
ThreatPost
ThreatPost
added 2019/11/27 7:41 p.m.83 views

NSO Group President Defends Controversial Tactics

In a rare public appearance by Shiri Dolev, the president of the secretive NSO Group Technologies, the company leader vented over what she called “false myths” about the firm. Dolev also took indirect aim at secure messaging platforms, offered by the likes of Facebook, explaining surveillance...

6.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/11/27 3:26 p.m.83 views

Federal Data Privacy Bill Takes Aim at Tech Giants

A new digital privacy bill has been introduced to the the Senate, which would give the Federal Trade Commission FTC more teeth when it comes to providing oversight on tech companies’ use of consumer data. Sen. Maria Cantwell D-Wash., ranking member on the Senate Commerce Committee, led the...

6.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/11/08 9:35 p.m.83 views

Platinum APT Shines Up New Titanium Backdoor

APT threat group Platinum has a shiny new plaything: A custom trojan backdoor dubbed Titanium. The backdoor’s name, aside from keeping with the silvery metal theme, comes from password to one of the self-executable archives found in the code. According to Kaspersky researchers who analyzed the...

0.7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/30 12:43 p.m.83 views

City of Johannesburg, on Second Hit, Refuses to Pay Ransom

The city of Johannesburg, South Africa, is refusing to pay a ransom of four Bitcoins to a hacker group who accessed the city’s network and stole sensitive data, threatening to release it if the ransom wasn’t paid. It’s the second time in several months that the city has been hit with a cyberattac...

6.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/10/10 2:31 p.m.83 views

China's Sway Over Tech Companies Tested with Apple, Blizzard

At least two American tech companies, Apple and gaming giant Blizzard, have come under fire – from different quarters – for wading into waters surrounding the Hong Kong protests that have been ongoing since June. The situation is shaping up to be a test for the American tech sector’s commitment t...

0.1AI score
Exploits0References24
ThreatPost
ThreatPost
added 2019/09/27 5:31 p.m.83 views

Masad Spyware Uses Telegram Bots for Command-and-Control

A freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” is using Telegram bots as its command-and-control C2 hub. Masad harvests information from Windows and Android users and also comes with a full cadre of other malicious capabilities, including the ability to steal...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/27 3:24 p.m.83 views

Dunkin’ Donuts Gets Hit with Lawsuit Over 2015 Attack

Dunkin’ Donuts is being sued for violating New York state data breach notification laws. The lawsuit alleges that Dunkin’ parent company, Dunkin’ Brands, failed to disclose a breach in 2015 that affected nearly 20,000 customers who were part of the company’s DD Perks loyalty program. New York...

0.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/25 5:27 p.m.83 views

'Narrator' Windows Utility Trojanized to Gain Full System Control

A suspected Chinese advanced persistent threat APT group has been spotted attacking tech companies using a trojanized screen-reader application, replacing the built-in Narrator “Ease of Access” feature in Windows. According to BlackBerry Cylance, the attackers also deploy a version of the...

2.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/09/12 2:25 p.m.83 views

1B Mobile Users Vulnerable to Ongoing ‘SimJacker’ Surveillance Attack

A vulnerability discovered in mobile SIM cards is being actively exploited to track phone owners’ locations, intercept calls and more – all merely by sending an SMS message to victims, researchers say. Researchers on Thursday disclosed what they said is a widespread, ongoing exploit of a SIM...

1AI score0.00786EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2019/09/06 11:48 a.m.83 views

Facebook, Microsoft Challenge Industry to Detect, Prevent ‘Deepfakes’

Facebook, Microsoft and a number of universities have joined forces to sponsor a contest promoting research and development to combat deepfakes, or videos altered through artificial intelligence AI to mislead viewers. The two tech giants—along with the Partnership on AI and academics from Cornell...

0.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/21 1:47 p.m.83 views

Adult Content Site Exposed Personal Data of 1M Users

The personal information more than a million users of popular adult website Luscious, including email addresses that sometimes indicated full names, were found exposed in an unsecured Elasticsearch database. The website, which focuses on anime-themed, user-uploaded adult content, has over 1 milli...

6.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/25 9:2 p.m.83 views

Streamlining Patch Management: Expert Advice

Patch management has been a song of constant sorrows for system administrator. There have been improvements. But still, 80 percent of enterprise systems feature unpatched CVE vulnerabilities, according CA Veracode’s State of Software Security. The good news is, software patching has gotten better...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/07/15 3:53 p.m.83 views

Researcher Bypasses Instagram 2FA to Hack Any Account

A researcher earned a $30,000 bug bounty from Facebook after discovering a weakness in the Instagram mobile recovery process that would allow account takeover for any user, via mass brute-force campaigns. Independent researcher Laxman Muthiyah took a look at Instagram’s mobile recovery flow, whic...

8.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/15 3:24 p.m.83 views

Authentication Bypass Bug Hits Top Enterprise VPNs

UPDATE VPN apps built by four vendors — Cisco, F5 Networks, Palo Alto Networks and Pulse Secure — improperly store authentication tokens and session cookies without encryption on a user’s computer, according to an alert from the U.S. government’s Cybersecurity and Infrastructure Security Agency...

7.5CVSS5.4AI score0.01699EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2019/04/09 12:6 p.m.83 views

SAS 2019: 4 Stuxnet-Related APTs Form Gossip Girl, an 'Apex Threat Actor'

SINGAPORE – The infamous Stuxnet family of industrial sabotage malware is likely the work of a mysterious “supra-group” that Chronicle researchers Juan Andres Guerrero Saad and Silas Cutler have dubbed Gossip Girl; and it’s a group that turns out to be larger and far busier than previously known...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/03/04 11:0 a.m.83 views

Visitor Kiosk Access Systems Riddled with Bugs

Visitor-management systems protect business against physical threats such as unwanted and unidentified guests. But many of these lobby-based perimeter checkpoints are opening up companies to a bevy of cyber-threats. On Monday, IBM’s penetration testing team, X-Force Red, released a report that...

7.2CVSS0.6AI score0.00384EPSS
Exploits0References20
ThreatPost
ThreatPost
added 2017/06/13 4:23 p.m.83 views

Microsoft Patches Two Critical Vulnerabilities Under Attack

Microsoft’s Patch Tuesday update today included a massive 95 fixes that tackle vulnerabilities in Windows, Office, Skype, Internet Explorer and its Edge browser. Twenty-seven of Microsoft’s patches fix remote code execution issues, allowing attackers to remotely take control of a victim’s PC...

10CVSS0.9AI score0.90026EPSS
Exploits20References12
ThreatPost
ThreatPost
added 2017/03/21 11:54 a.m.83 views

Latest Tax Scams Include Phishing Lures, Malware

Microsoft warned Monday this year’s crop of tax scams are using social engineering attacks based on fear to spread Zdowbot and Omaneat banking Trojans and collect personal info via spoofed tax sites linked to from phishing campaigns. The warning comes with less than a month before the April 18 ta...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2013/04/18 11:11 a.m.83 views

Move Over Conficker, Web Threats are Top Enterprise Risk

Microsoft is ready to officially declare network worms passé for the enterprise. In its latest Security Intelligence Report, released Wednesday, Microsoft said that risks posed by Web-based threats to large, distributed network environments have surpassed malware such as Conficker. The report is...

9.3CVSS0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2013/01/17 7:20 p.m.83 views

Inside the 1,000 Red October Cyberespionage Malware Modules

The Red October espionage malware campaign is providing security researchers with a deep dive into the complexity of targeted attacks, which in this case made use of more than 1,000 malware modules for everything from reconnaissance on targets to exfiltration of data to command and control server...

9.3CVSS0.6AI score0.99966EPSS
Exploits35References8
ThreatPost
ThreatPost
added 2022/06/30 5:20 p.m.82 views

ZuoRAT Can Take Over Widely Used SOHO Routers

A novel multistage remote access trojan RAT that’s been active since April 2020 is exploiting known vulnerabilities to target popular SOHO routers from Cisco Systems, Netgear, Asus and others. The malware, dubbed ZuoRAT, can access the local LAN, capture packets being transmitted on the device an...

10CVSS9.1AI score0.42479EPSS
Exploits4References8
ThreatPost
ThreatPost
added 2022/05/25 1:2 p.m.82 views

Zoom Patches ‘Zero-Click’ RCE Bug

Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their client software to version 5.10.0. The Google Project Zero security researcher Ivan Fratric noted in a report that an attacker can exploit a victim’s machine over a zoom chat. The bug, tracked as...

9.1CVSS6.7AI score0.04033EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/07/09 5:31 p.m.82 views

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation BPA application and Cisco’s Web Security Appliance WSA and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs CVE-2021-1574 and...

9CVSS8.1AI score0.01879EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/05/18 8:48 p.m.82 views

Scammers Pose as Meal-Kit Services to Steal Customer Data

Attackers are piggybacking off the booming market for meal-kit delivery services since the pandemic, and sending SMS phishing messages doctored up to look like they’re legitimate correspondence from popular brand names — including HelloFresh and Gousto. This is just another example of why the wor...

8.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/04/16 12:57 p.m.82 views

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

Google Project Zero will now give organizations a 30-day grace period to patch zero-day flaws it discovers in a new disclosure policy revealed this week aimed at speeding up the time it takes for patches to be adopted. Known for discovering a number of high-profile zero days—in Google’s own...

6.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/03/04 9:42 p.m.82 views

Cyberattackers Target Top Russian Cybercrime Forums

Maza, a place online for fraudsters and extorters to connect to pull off their operations, has been breached by an unknown attacker, in just the latest in a series of attacks targeting elite Russian-language cybercrime forums. Members are worried that their data is being used by researchers and l...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/02/08 9:12 p.m.82 views

Billions of Passwords Offered for $2 on Dark Web

A “compilation of many breaches” – COMB for short – has been leaked on the cyber-underground, according to researchers. The so-called COMB contains a staggering 3.27 billion unique combinations of cleartext email addresses and passwords. The trove is an aggregate database that brings together old...

7.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/01/28 3:52 p.m.82 views

Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball

The Mimecast certificate compromise reported earlier in January is part of the sprawling SolarWinds supply-chain attack, the security firm has confirmed. Mimecast joins other cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys in being targeted in...

0.1AI score
Exploits0References26
ThreatPost
ThreatPost
added 2020/10/05 3:15 p.m.82 views

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

Two former Tenda router zero-days are anchoring the spread of a Mirai-based botnet called Ttint. In addition to denial-of-service DoS attacks, this variant also has remote-access trojan RAT and spyware capabilities. According to 360Netlab, the botnet is unusual in a few ways. For one, on the RAT...

10CVSS0.6AI score0.79673EPSS
Exploits3References11
ThreatPost
ThreatPost
added 2020/07/23 7:43 p.m.82 views

UPDATED: Garmin Suffers Reported Ransomware Attack

Garmin, maker of fitness trackers, smartwatches and GPS-related products, has reportedly suffered a widespread ransomware attack — though the facts around the cause remain unconfirmed for now. The manufacturer tweeted on Thursday that its Garmin Connect service is down; Garmin is a free app for...

0.4AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/07/14 1:0 p.m.82 views

Most companies are ignoring your most vulnerable endpoint…and it’s not the laptop

It’s an open secret that mobile devices are your weakest security link. We pretend not to know how vulnerable they are to attack, nor how exposed they leave your business. A 2019 study found that most companies allow mobile devices to access between 1/3 and 3/4 of their most business-critical...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/03/26 9:49 a.m.82 views

Tokyo Olympics Postponed, But 5G Security Lessons Shine

The 2020 Summer Olympics in Tokyo were officially postponed this week amid the ongoing, pandemic spread of the coronavirus that causes COVID-19. The Games will be moved to 2021, but in the meantime, technological innovation around the event will continue. More specifically, postponed or not, the...

6.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/20 8:3 p.m.82 views

Defying Covid-19’s Pall: Pwn2Own Goes Virtual

Covid-19 has brought the world to grinding halt, but for the hacking competition Pwn2Own, that wasn’t the case. The event, planned for CanSecWest this week in Vancouver, went virtual along with the conference itself. Faced with travel restrictions and new social-distancing guidelines, contestants...

8.7AI score0.0552EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2020/01/09 11:0 a.m.82 views

TrickBot Adds Custom, Stealthy Backdoor to its Arsenal

The Russian-speaking cybercriminals behind the TrickBot malware have developed a stealthy backdoor dubbed “PowerTrick,” in order to infiltrate high-value targets. According to research from SentinelLabs, released on Thursday, PowerTrick is designed to execute commands and return the results in...

0.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/12/20 5:25 p.m.82 views

Greta Thunberg: Emotet's Person of the Year

There’s no doubt that teenage climate-change activist and Time Person of the Year Greta Thunberg inspires people around the world – and it turns out, this includes cybercriminals. More specifically, she’s inspiring as an opportunity: According to the Proofpoint Threat Insight team, a global...

6.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/12/13 9:45 p.m.82 views

GitLab Doles Out Half a Million Bucks to White Hats

GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...

8.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/12/06 7:34 p.m.82 views

Feds Crack Down on Money Mules, Warn of BEC Scams

The Justice Department said this week that it is cracking down on money mules, i.e., middlemen who assist in fraud schemes by receiving money from victims and forwarding proceeds to foreign-based perpetrators. So far, feds say they have halted more than 600 domestic money mules – exceeding the 40...

7.1AI score
Exploits0References16
ThreatPost
ThreatPost
added 2019/12/02 9:0 p.m.82 views

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

A vulnerability in the way Microsoft applications use OAuth for third-party authentication could allow an attacker to take over Azure cloud accounts. OAuth is a protocol that allows app users to share data about their accounts with third-party websites or apps, so that when they sign into the app...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/15 10:10 p.m.82 views

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers

As the holiday season looms, cybercrooks are going after shoppers with more than 100,000 lookalike domains mimicking legitimate retailers. The news comes as a new report shows that in tandem, the retail industry is experiencing more breaches than any other industry in 2019 as criminals consistent...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/10/15 12:4 p.m.82 views

Pitney Bowes Hit with Ransomware Attack

Shipping services company Pitney Bowes was hit with a ransomware attack that disrupted customer access to key services, the company said Monday. The attack comes on the heels of an FBI advisory on Oct. 2 that U.S. companies should be on alert for ransomware attacks, which are increasing in...

0.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/10/15 12:0 p.m.82 views

A Deepfake Deep Dive into the Murky World of Digital Imitation

About a year ago, top deepfake artist Hao Li came to a disturbing realization: Deepfakes, i.e. the technique of human-image synthesis based on artificial intelligence AI to create fake content, is rapidly evolving. In fact, Li believes that in as soon as six months, deepfake videos will be...

6.8AI score
Exploits0References27
ThreatPost
ThreatPost
added 2019/10/11 4:53 p.m.82 views

Fin7 Cybergang Retools With New Malicious Code

The Fin7 cybercrime group has ramped up its offensive capabilities by adding new malicious code to its malware arsenal. Researchers said that this is evidence that Fin7 is still a growing threat despite the arrest of several Fin7 members in 2018. The notorious group has adopted a new dropper samp...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/04 11:2 a.m.82 views

AG Barr, Officials to Facebook: Don't Encrypt Messaging

U.S. Attorney General William Barr is among government officials asking Facebook CEO Mark Zuckerberg to halt or at least delay a plan to add end-to-end encryption to its messaging services in an effort to bolster consumer privacy. The move, unveiled Thursday, once again sparked the privacy debate...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/26 12:0 p.m.82 views

Cyber-Risk Business Cases: Using Economic Impact to Justify TIG Investment

It sure is a difficult time to be a network defender. According to one industry report, as many as 85,000 malicious websites are launched daily, along with 8 million spam and phishing attacks; and, there are anywhere from 30-50 million malicious domains out there at any time. Scale seems to be...

6.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/09/17 3:24 p.m.82 views

Cisco Extends Patch for IPv6 DoS Vulnerability

Cisco has extended its patch for a high-severity IPv6 denial-of-service DoS vulnerability that was first addressed in 2016. The bug CVE-2016-1409 is a vulnerability in the IPv6 packet processing functions of multiple Cisco products, which could allow an unauthenticated, remote attacker to cause a...

5CVSS1.3AI score0.03823EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/11 8:48 p.m.82 views

ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users

While macOS is often touted as “safer” on the cybersecurity front compared to Windows-based systems, cybercriminals are in fact increasingly targeting Apple’s ecosystem. The number of attacks on macOS users through malicious and potentially unwanted programs has been increasing annually since 201...

0.7AI score
Exploits0References6
Total number of security vulnerabilities5000