Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/03/20 4:5 p.m.82 views

Uber Deployed 'Surfcam Spyware' in Australia to Crush the Competition – Report

A rogue employee at rideshare behemoth Uber created and deployed a piece of information-gathering software in order to help his company get a leg up on the local competition in Australia, according to a report. The so-called “secret spyware program” was dubbed Surfcam, and was developed by the...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/05 11:40 a.m.82 views

RSA Conference 2019: Picking Apart the Foreshadow Attack

SAN FRANCISCO – Starting off with a bang with Spectre and Meltdown, 2018 was the year of speculative execution vulnerabilities in CPUs, which wreaked havoc in the IT industry. One of these attacks, dubbed Foreshadow, could allow unauthorized disclosure of information. Foreshadow impacts the Intel...

1.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2017/06/28 2:52 p.m.82 views

Microsoft Issues 'Important' Security Fix for Azure AD Connect

Microsoft is warning customers of a bug in its Azure Active Directory Connect product that could allow an adversary to escalate privileges and reset passwords and gain unauthorized access to user accounts. The advisory 4033453 was issued Tuesday via Microsoft’s TechNet website for the vulnerabili...

9.3CVSS8.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2017/06/13 4:23 p.m.82 views

Microsoft Patches Two Critical Vulnerabilities Under Attack

Microsoft’s Patch Tuesday update today included a massive 95 fixes that tackle vulnerabilities in Windows, Office, Skype, Internet Explorer and its Edge browser. Twenty-seven of Microsoft’s patches fix remote code execution issues, allowing attackers to remotely take control of a victim’s PC...

10CVSS0.9AI score0.90026EPSS
Exploits20References12
ThreatPost
ThreatPost
added 2017/03/21 11:54 a.m.82 views

Latest Tax Scams Include Phishing Lures, Malware

Microsoft warned Monday this year’s crop of tax scams are using social engineering attacks based on fear to spread Zdowbot and Omaneat banking Trojans and collect personal info via spoofed tax sites linked to from phishing campaigns. The warning comes with less than a month before the April 18 ta...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2014/09/17 12:4 p.m.82 views

FreeBSD Patches TCP Processing DoS Vulnerability

FreeBSD has patched a denial-of-service vulnerability that could affect a host of third-party packages built atop the UNIX-like operating system. The vulnerability—found in the way FreeBSD processes TCP packets—was discovered by a member of Juniper Networks’ incident response team. FreeBSD’s...

5CVSS8.8AI score0.80855EPSS
Exploits3References4
ThreatPost
ThreatPost
added 2014/04/02 3:1 p.m.82 views

Amazon Web Services Combing Third Parties for Credentials

Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk. A week ago, a security consultant in Australia said that as many as 10,000 secret Amazon Web...

1.5AI score0.99993EPSS
Exploits41References3
ThreatPost
ThreatPost
added 2022/06/30 5:20 p.m.81 views

ZuoRAT Can Take Over Widely Used SOHO Routers

A novel multistage remote access trojan RAT that’s been active since April 2020 is exploiting known vulnerabilities to target popular SOHO routers from Cisco Systems, Netgear, Asus and others. The malware, dubbed ZuoRAT, can access the local LAN, capture packets being transmitted on the device an...

10CVSS9.1AI score0.42479EPSS
Exploits4References8
ThreatPost
ThreatPost
added 2022/01/13 11:8 p.m.81 views

Microsoft Yanks Buggy Windows Server Updates

Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable...

9.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2022/01/05 7:0 p.m.81 views

FTC to Go After Companies that Ignore Log4j

The Federal Trade Commission FTC will muster its legal muscle to pursue companies and vendors that fail to protect consumer data from the risks of the Log4j vulnerabilities, it warned on Tuesday. “The FTC intends to use its full legal authority to pursue companies that fail to take reasonable ste...

10CVSS10AI score0.99999EPSS
Exploits351References27
ThreatPost
ThreatPost
added 2021/10/20 7:45 p.m.81 views

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on the ripped-off channels. In a Wednesday post, Ashley Shen, with Google’s Threat Analysis Group TAG, said that TAG attributes the assaults to a group of attackers recruit...

7.2AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/09/17 5:16 p.m.81 views

Porn Problem: Adult Ads Persist on US Gov’t, Military Sites

U.S. military and government website subdomains have a sticky problem: They’re “quite vulnerable” to blackhat SEO tactics that result in persistent redirects to spammy Viagra ads and porn videos. An example is one that showed up on a dot.mil subdomain on the Minnesota National Guard site you can...

6.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/03/04 10:19 p.m.81 views

Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers

Researchers have uncovered more custom malware that is being used by the threat group behind the SolarWinds attack. Researchers with Microsoft and FireEye identified three new pieces of malware that the companies said are being used in late-stage activity by the threat actor previously called...

7.5AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/01/13 5:15 p.m.81 views

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

On the heels of a previously-reported cyberattack on the European Medicines Agency EMA, cybercriminals have spilled compromised data related to COVID-19 vaccinations onto the internet. The EMA is an agency of the European Union in charge of the evaluation and supervision of medicinal products in...

0.2AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/10/19 2:24 p.m.81 views

Game Titles Watch Dogs: Legion, Albion Both Targeted by Hackers

A ransomware gang that just emerged this month dubbed Egregor claims to have hacked the source code to the upcoming gaming release, Watch Dogs: Legion. And in separate gaming news, a popular fantasy title called Albion — a massive multiplayer online role-playing game MMORPG — has been hacked...

7.4AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/10/07 3:50 p.m.81 views

Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables

Google’s latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes – including a critical bug – and a feature that checks if users have any compromised passwords. As of Tuesday, Chrome 86 is being promoted to the stable channel for Windows, Mac and Linux and will ro...

9.8AI score0.02553EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2020/10/05 3:15 p.m.81 views

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

Two former Tenda router zero-days are anchoring the spread of a Mirai-based botnet called Ttint. In addition to denial-of-service DoS attacks, this variant also has remote-access trojan RAT and spyware capabilities. According to 360Netlab, the botnet is unusual in a few ways. For one, on the RAT...

10CVSS0.6AI score0.79673EPSS
Exploits3References11
ThreatPost
ThreatPost
added 2020/05/19 3:44 p.m.81 views

Adobe Patches Critical RCE Flaw in Character Animator App

Adobe has issued an out-of-band patch for a critical flaw in Adobe Character Animator, its application for creating live motion-capture animation videos. The flaw can be exploited by a remote attacker to execute code on affected systems. The flaw CVE-2020-9586 is found in versions 3.2 and earlier...

9.3CVSS0.3AI score0.07871EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2020/03/10 10:0 a.m.81 views

Spear-Phishing Attack Lures Victims With 'HIV Results'

Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/02/19 12:3 p.m.81 views

Small Tax-Preparation Firms at Higher Risk this Tax Season, Report

This tax season crooks are targeting users with a new crop of scams that include leveraging remote desktop software and compromising small tax-prep company websites. “If you have the word ‘tax’ in your domain name; you’re a target this year,” warns Sherrod DeGrippo, senior director of threat...

Exploits0References5
ThreatPost
ThreatPost
added 2020/01/22 3:1 p.m.81 views

Microsoft Leaves 250M Customer Service Records Open to the Web

UPDATE Misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account info dates back as far as 2005 and is as recent as December 2019 — and exposes Microsoft customers to phishing and tech scams...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/01/15 11:0 a.m.81 views

Oski Data-Stealing Malware Emerges to Target North America, China

An emergent and effective data-harvesting tool dubbed Oski is proliferating in North America and China, stealing online account credentials, credit-card numbers, cryptowallet accounts and more. Oski, likely a Finnish or Nordic variant of the word Oska, meaning “Viking warrior or god” in Samoan,...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/12/13 9:45 p.m.81 views

GitLab Doles Out Half a Million Bucks to White Hats

GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...

8.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/09/09 5:43 p.m.81 views

Telnet Backdoor Opens More Than 1M IoT Radios to Hijack

Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio...

10CVSS9.3AI score0.04448EPSS
Exploits6References5
ThreatPost
ThreatPost
added 2019/09/05 9:7 p.m.81 views

Joker Spyware Found in 24 Google Play Apps

A new spyware has been making the rounds in Android apps on Google Play, infecting victims post-download to steal their SMS messages, contact lists and device information. In addition to stealing victims’ information, the malware also stealthily signs them up for premium service subscriptions tha...

Exploits0References14
ThreatPost
ThreatPost
added 2019/09/04 6:3 p.m.81 views

Critical Bugs Open Food-Safety Systems to Remote Attacks

Two critical vulnerabilities in a food-quality management software package would allow adversaries to completely compromise the system. The issues affect the AK-EM 800 product from SCADA vendor Danfoss. It’s an enterprise management solution for the food retail industry that provides a central...

8.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/04 2:50 p.m.81 views

Half of Android Handsets Susceptible to Clever SMS Phishing Attack

Over half of all Android handsets are susceptible to a clever over-the-air SMS phishing attack that could allow an adversary to route all internet traffic through a rogue proxy, as well as hijack features such as a handset’s homepage, mail server and directory servers for synchronizing contacts a...

2.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/09/04 2:43 p.m.81 views

CEO 'Deep Fake' Swindles Company Out of $243K

In the first known case of successful financial scamming via audio deep fakes, cybercrooks were able to create a near-perfect impersonation of a chief executive’s voice – and then used the audio to fool his company into transferring $243,000 to their bank account. A deep fake is a plausible video...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/09/03 3:10 p.m.81 views

Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers

UPDATE Cosmetics giant Yves Rocher is warning that a giant data leak exposed the personal data of millions of its customers and reams of sensitive internal company information to the public. The data exposure stems from a database left unprotected by a third-party consultant to the firm...

0.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/29 1:0 p.m.81 views

Innovation on the Dark Web: How Bad Actors Are Keeping Pace

By now, the vast majority of consumers have heard of the dark web. Even if they aren’t exactly sure how it works, they know that it’s the deep corner of the internet where “bad things happen.” Ever since the highly publicized seizure of large dark markets like AlphaBay and Hansa, It’s become comm...

7.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/07/23 7:30 p.m.81 views

WordPress Plugin Flaws Exploited in Ongoing Malvertising Campaign

A widespread and ongoing malicious advertising campaign is exploiting several recently-disclosed WordPress plugin vulnerabilities to redirect website visitors to booby-trapped landing pages. Researchers at Wordfence said that they recently discovered bad actors injecting code into websites with t...

6.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/05/24 6:33 p.m.81 views

Snapchat Privacy Blunder Piques Concerns About Insider Threats

Snap, the company behind the popular Snapchat social media app, has found itself in hot water after a recent report revealed that Snap employees were abusing their access to private user data – which includes location data, saved Snaps and phone numbers. According to a Thursday Motherboard report...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/05/21 8:16 p.m.81 views

Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter

With businesses continuing their digital migrations to cloud services and applications, IT is finding itself wrestling with how to keep companies’ data safe. The challenge? The cloud has created a next-generation, virtual perimeter. Businesses are using infrastructure-as-a-service IaaS, cloud...

6.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/04/16 2:34 p.m.81 views

Malspam Campaigns Distribute HawkEye Keylogger, Post Ownership Change

The HawkEye malware kit and information-stealer has been spotted in a newfound slew of campaigns after a recent ownership change. While the keylogger has been in continuous development since 2013, in December a thread on a hacking site noted an ownership change, after which posts on hacking forum...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2019/04/09 1:0 p.m.81 views

Verizon Router Command Injection Flaw Impacts Millions

UPDATE Three vulnerabilities have been discovered in the Verizon Fios Quantum Gateway which, when exploited together, could give an attacker complete control of a victim’s network. The device is used by millions of Verizon home customers and functions as a home’s wireless router and digital...

9CVSS0.29885EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2019/03/29 4:26 p.m.81 views

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 vulnerabilities on Thursday, including a host of critical flaws in the e-commerce platform that could have let attackers perform a range of malicious activities, such as take over a site and create new admin accounts. The most serious of the bugs is a remote code-execution RCE...

1.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/06 3:24 p.m.81 views

Microsoft Confirms Serious 'PrivExchange' Vulnerability

Microsoft acknowledged an elevated privilege flaw in its Exchange Server could allow a remote attacker with a simple mailbox account to gain administrator privileges. Both a Microsoft advisory and a US-CERT alert were issued on Tuesday warning users of the elevation of privilege flaw, dubbed...

1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/01/31 2:0 p.m.81 views

Mac "CookieMiner" Malware Aims to Gobble Crypto Funds

A newly-discovered malware is targeting Mac users’ web cookies and credentials in hopes of withdrawing funds on their cryptocurrency exchange accounts. The malware, discovered this month and aptly named “CookieMiner,” collects cryptocurrency-related cookies – in addition to compromised credential...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/10/17 5:8 p.m.81 views

libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers

The libssh open-source project has issued an update to address an authentication bypass vulnerability in the server code — to say that it’s trivial to exploit is an understatement. The flaw CVE-2018-10933 exists in libssh versions 0.6 and above being used in server mode – and it allows anyone to...

6.4CVSS0.8AI score0.91789EPSS
Exploits11References6
ThreatPost
ThreatPost
added 2018/10/17 2:4 p.m.81 views

On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy

Google has lifted the curtain on its latest version of Chrome, which the tech giant has pledged touts more data privacy features, as well as fixes for high-priority vulnerabilities. The release comes after Google had promised updates in Chrome 70 to “better communicate our changes and offer more...

6.8CVSS0.8AI score0.83898EPSS
Exploits7References7
ThreatPost
ThreatPost
added 2017/04/11 9:47 a.m.81 views

Tools Used by Lamberts APT Found in Vault 7 Dumps

Links have emerged connecting targeted attacks going back a decade against high-profile government, industrial and financial targets around the world to hacking tools and documents leaked in the Vault 7 dump. Researchers at Kaspersky Lab today published a technical report on the activities of a...

9.3CVSS0.50703EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2017/03/09 12:25 p.m.81 views

Attacks Heating Up Against Apache Struts 2 Vulnerability

Public attacks and scans looking for exposed Apache webservers have ramped up dramatically since Monday when a vulnerability in the Struts 2 web application framework was patched and proof-of-concept exploit code was introduced into Metasploit. The vulnerability, CVE-2017-5638, was already under...

10CVSS9.7AI score0.99999EPSS
Exploits44References7
ThreatPost
ThreatPost
added 2016/12/06 1:58 p.m.81 views

Flash Exploit Found in Seven Exploit Kits

A nasty Adobe Flash zero-day vulnerability that was remediated in an emergency update in October 2015 was thereafter co-opted by seven exploit kits, according to an analysis published today by researchers at Recorded Future. The Adobe vulnerability, CVE-2015-7645, was also used by the Russian APT...

10CVSS9.5AI score0.94354EPSS
Exploits16References8
ThreatPost
ThreatPost
added 2014/11/11 2:7 p.m.81 views

November 2014 Microsoft Patch Tuesday Security Bulletins

A busy Microsoft Patch Tuesday arrived today with an extra sense of urgency and a complication. Among 14 bulletins, four of which are rated critical by Microsoft, is a patch for the OLE zero-day vulnerability being used in a number of targeted attacks. The zero-day is being spread via email...

9.3CVSS0.1AI score0.99945EPSS
Exploits83References19
ThreatPost
ThreatPost
added 2014/03/24 12:55 p.m.81 views

Microsoft Reads User Email without Warrant

Late last week it emerged that Microsoft had searched through the contents of a French blogger’s Hotmail account in order to track down the source of a leak of proprietary information from the Redmond, Wash., tech giant. The Electronic Frontier Foundation and transparency advocates have expressed...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/04/27 12:11 p.m.80 views

Millions of Java Apps Remain Vulnerable to Log4Shell

Four months after the discovery of the zero-day Log4Shell critical flaw, millions of Java applications still remain vulnerable to compromise, researchers have found. Rezilion expected that due to the “massive amount of media coverage” the bug unsurprisingly received, the majority of applications...

7.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/07/15 3:41 p.m.80 views

SonicWall Warns Firewall Hardware Bugs Under Attack

Security vendor SonicWall is warning customers to patch its enterprise firewall hardware to thwart an “imminent ransomware campaign using stolen credentials” that’s exploiting security holes in current models and those running legacy firmware. Targeted are the company’s Secure Mobile Access SMA 1...

5CVSS1AI score0.99906EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2021/02/03 3:40 p.m.80 views

Five Critical Android Bugs Patched, Part of Feb. Security Bulletin

Google patched five critical bugs in its Android operating system as part of its February Security Bulletin. Two of the flaws were remote code execution vulnerabilities found within the Android media framework and system. Three additional critical Qualcomm bugs were reported by Google and patched...

0.4AI score0.04707EPSS
Exploits1References15
ThreatPost
ThreatPost
added 2020/10/23 7:10 p.m.80 views

Election Security: Beyond Mail-In Voting

As a highly publicized event, every four years the U.S presidential election comes with inevitable security risks — and interest from high-level hackers and sophisticated cybercriminals looking to sway its results. The upcoming election ups the stakes — it has captured the attention of everyone...

0.1AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/08/20 12:43 p.m.80 views

Cisco Critical Flaw Patched in WAN Software Solution

Cisco patched a critical flaw in its wide area network WAN software solution for enterprises, which if exploited could give remote, unauthenticated attackers administrator privileges. The flaw exists in Cisco Virtual Wide Area Application Services vWAAS, which is software that Cisco describes as ...

8.3CVSS1.1AI score0.0552EPSS
Exploits1References9
Total number of security vulnerabilities5000