Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/09/11 8:48 p.m.82 views

ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users

While macOS is often touted as “safer” on the cybersecurity front compared to Windows-based systems, cybercriminals are in fact increasingly targeting Apple’s ecosystem. The number of attacks on macOS users through malicious and potentially unwanted programs has been increasing annually since 201...

0.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/09/04 2:33 p.m.82 views

Android Zero-Days Now Worth More Than iPhone Exploits

An Android zero-day exploit is now worth more than one for the iPhone on the global cyberweapons market. Exploit acquisition vendor Zerodium said Tuesday that it is willing to pay a whopping $2.5 million for a zero-click Android zero-day with persistence. That number significantly increases the...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/03 9:38 p.m.82 views

Facebook Drops Default Facial Recognition Tag Suggestions

Facebook is giving users more control over a facial recognition feature used by the company to help identify, or Tag, people on its platform. Starting Tuesday, the company said it would allow its users to opt-out of the Tag Suggestions feature, while at the same time the company is attempting to...

6.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/08/12 5:22 p.m.82 views

Tips for Successful Zero-Trust Implementation

The zero-trust concept is often and pithily summarized as “trust no one, verify everything.” No enterprise can stave off the myriad of cyberthreats as long as they assume that any individual element can be trusted as secure. No traffic, whether internal or external, can automatically be deemed...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/06/20 3:12 p.m.82 views

Cisco DNA Center Critical Flaw Opens Access to Internal Services

Cisco is urging customers to update after discovering a critical vulnerability in its Digital Network Architecture DNA Center, which could allow an unauthenticated attacker to access critical internal services. Overall, Cisco issued fixes for 25 vulnerabilities across its various products: Two...

9CVSS1.5AI score0.04334EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2019/04/01 3:15 p.m.82 views

Google Play Boots Italian Spyware Apps That Infected Hundreds

Google has removed more than a dozen malicious apps harboring Android spyware from its Google Play marketplace. The spyware appears to have been developed by an Italian firm, which is now under investigation for its development. Researchers allege that the apps have infected several hundred – up ...

7.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/03/20 4:5 p.m.82 views

Uber Deployed 'Surfcam Spyware' in Australia to Crush the Competition – Report

A rogue employee at rideshare behemoth Uber created and deployed a piece of information-gathering software in order to help his company get a leg up on the local competition in Australia, according to a report. The so-called “secret spyware program” was dubbed Surfcam, and was developed by the...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/05 11:40 a.m.82 views

RSA Conference 2019: Picking Apart the Foreshadow Attack

SAN FRANCISCO – Starting off with a bang with Spectre and Meltdown, 2018 was the year of speculative execution vulnerabilities in CPUs, which wreaked havoc in the IT industry. One of these attacks, dubbed Foreshadow, could allow unauthorized disclosure of information. Foreshadow impacts the Intel...

1.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2017/06/28 2:52 p.m.82 views

Microsoft Issues 'Important' Security Fix for Azure AD Connect

Microsoft is warning customers of a bug in its Azure Active Directory Connect product that could allow an adversary to escalate privileges and reset passwords and gain unauthorized access to user accounts. The advisory 4033453 was issued Tuesday via Microsoft’s TechNet website for the vulnerabili...

9.3CVSS8.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2014/09/17 12:4 p.m.82 views

FreeBSD Patches TCP Processing DoS Vulnerability

FreeBSD has patched a denial-of-service vulnerability that could affect a host of third-party packages built atop the UNIX-like operating system. The vulnerability—found in the way FreeBSD processes TCP packets—was discovered by a member of Juniper Networks’ incident response team. FreeBSD’s...

5CVSS8.8AI score0.80855EPSS
Exploits3References4
ThreatPost
ThreatPost
added 2014/04/02 3:1 p.m.82 views

Amazon Web Services Combing Third Parties for Credentials

Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk. A week ago, a security consultant in Australia said that as many as 10,000 secret Amazon Web...

1.5AI score0.99993EPSS
Exploits41References3
ThreatPost
ThreatPost
added 2022/01/13 11:8 p.m.81 views

Microsoft Yanks Buggy Windows Server Updates

Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable...

9.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2022/01/05 7:0 p.m.81 views

FTC to Go After Companies that Ignore Log4j

The Federal Trade Commission FTC will muster its legal muscle to pursue companies and vendors that fail to protect consumer data from the risks of the Log4j vulnerabilities, it warned on Tuesday. “The FTC intends to use its full legal authority to pursue companies that fail to take reasonable ste...

10CVSS10AI score0.99999EPSS
Exploits351References27
ThreatPost
ThreatPost
added 2021/10/20 7:45 p.m.81 views

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on the ripped-off channels. In a Wednesday post, Ashley Shen, with Google’s Threat Analysis Group TAG, said that TAG attributes the assaults to a group of attackers recruit...

7.2AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/09/17 5:16 p.m.81 views

Porn Problem: Adult Ads Persist on US Gov’t, Military Sites

U.S. military and government website subdomains have a sticky problem: They’re “quite vulnerable” to blackhat SEO tactics that result in persistent redirects to spammy Viagra ads and porn videos. An example is one that showed up on a dot.mil subdomain on the Minnesota National Guard site you can...

6.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/07/15 3:41 p.m.81 views

SonicWall Warns Firewall Hardware Bugs Under Attack

Security vendor SonicWall is warning customers to patch its enterprise firewall hardware to thwart an “imminent ransomware campaign using stolen credentials” that’s exploiting security holes in current models and those running legacy firmware. Targeted are the company’s Secure Mobile Access SMA 1...

5CVSS1AI score0.99906EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2021/03/04 10:19 p.m.81 views

Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers

Researchers have uncovered more custom malware that is being used by the threat group behind the SolarWinds attack. Researchers with Microsoft and FireEye identified three new pieces of malware that the companies said are being used in late-stage activity by the threat actor previously called...

7.5AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/01/13 5:15 p.m.81 views

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

On the heels of a previously-reported cyberattack on the European Medicines Agency EMA, cybercriminals have spilled compromised data related to COVID-19 vaccinations onto the internet. The EMA is an agency of the European Union in charge of the evaluation and supervision of medicinal products in...

0.2AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/10/07 3:50 p.m.81 views

Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables

Google’s latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes – including a critical bug – and a feature that checks if users have any compromised passwords. As of Tuesday, Chrome 86 is being promoted to the stable channel for Windows, Mac and Linux and will ro...

9.8AI score0.02553EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2020/05/19 3:44 p.m.81 views

Adobe Patches Critical RCE Flaw in Character Animator App

Adobe has issued an out-of-band patch for a critical flaw in Adobe Character Animator, its application for creating live motion-capture animation videos. The flaw can be exploited by a remote attacker to execute code on affected systems. The flaw CVE-2020-9586 is found in versions 3.2 and earlier...

9.3CVSS0.3AI score0.07871EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2020/03/10 10:0 a.m.81 views

Spear-Phishing Attack Lures Victims With 'HIV Results'

Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/02/19 12:3 p.m.81 views

Small Tax-Preparation Firms at Higher Risk this Tax Season, Report

This tax season crooks are targeting users with a new crop of scams that include leveraging remote desktop software and compromising small tax-prep company websites. “If you have the word ‘tax’ in your domain name; you’re a target this year,” warns Sherrod DeGrippo, senior director of threat...

Exploits0References5
ThreatPost
ThreatPost
added 2020/01/22 3:1 p.m.81 views

Microsoft Leaves 250M Customer Service Records Open to the Web

UPDATE Misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account info dates back as far as 2005 and is as recent as December 2019 — and exposes Microsoft customers to phishing and tech scams...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/01/15 11:0 a.m.81 views

Oski Data-Stealing Malware Emerges to Target North America, China

An emergent and effective data-harvesting tool dubbed Oski is proliferating in North America and China, stealing online account credentials, credit-card numbers, cryptowallet accounts and more. Oski, likely a Finnish or Nordic variant of the word Oska, meaning “Viking warrior or god” in Samoan,...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/09/09 5:43 p.m.81 views

Telnet Backdoor Opens More Than 1M IoT Radios to Hijack

Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio...

10CVSS9.3AI score0.04448EPSS
Exploits6References5
ThreatPost
ThreatPost
added 2019/09/05 9:7 p.m.81 views

Joker Spyware Found in 24 Google Play Apps

A new spyware has been making the rounds in Android apps on Google Play, infecting victims post-download to steal their SMS messages, contact lists and device information. In addition to stealing victims’ information, the malware also stealthily signs them up for premium service subscriptions tha...

Exploits0References14
ThreatPost
ThreatPost
added 2019/09/04 6:3 p.m.81 views

Critical Bugs Open Food-Safety Systems to Remote Attacks

Two critical vulnerabilities in a food-quality management software package would allow adversaries to completely compromise the system. The issues affect the AK-EM 800 product from SCADA vendor Danfoss. It’s an enterprise management solution for the food retail industry that provides a central...

8.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/04 2:50 p.m.81 views

Half of Android Handsets Susceptible to Clever SMS Phishing Attack

Over half of all Android handsets are susceptible to a clever over-the-air SMS phishing attack that could allow an adversary to route all internet traffic through a rogue proxy, as well as hijack features such as a handset’s homepage, mail server and directory servers for synchronizing contacts a...

2.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/09/04 2:43 p.m.81 views

CEO 'Deep Fake' Swindles Company Out of $243K

In the first known case of successful financial scamming via audio deep fakes, cybercrooks were able to create a near-perfect impersonation of a chief executive’s voice – and then used the audio to fool his company into transferring $243,000 to their bank account. A deep fake is a plausible video...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/09/03 3:10 p.m.81 views

Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers

UPDATE Cosmetics giant Yves Rocher is warning that a giant data leak exposed the personal data of millions of its customers and reams of sensitive internal company information to the public. The data exposure stems from a database left unprotected by a third-party consultant to the firm...

0.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/29 1:0 p.m.81 views

Innovation on the Dark Web: How Bad Actors Are Keeping Pace

By now, the vast majority of consumers have heard of the dark web. Even if they aren’t exactly sure how it works, they know that it’s the deep corner of the internet where “bad things happen.” Ever since the highly publicized seizure of large dark markets like AlphaBay and Hansa, It’s become comm...

7.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/07/23 7:30 p.m.81 views

WordPress Plugin Flaws Exploited in Ongoing Malvertising Campaign

A widespread and ongoing malicious advertising campaign is exploiting several recently-disclosed WordPress plugin vulnerabilities to redirect website visitors to booby-trapped landing pages. Researchers at Wordfence said that they recently discovered bad actors injecting code into websites with t...

6.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/05/24 6:33 p.m.81 views

Snapchat Privacy Blunder Piques Concerns About Insider Threats

Snap, the company behind the popular Snapchat social media app, has found itself in hot water after a recent report revealed that Snap employees were abusing their access to private user data – which includes location data, saved Snaps and phone numbers. According to a Thursday Motherboard report...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/05/21 8:16 p.m.81 views

Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter

With businesses continuing their digital migrations to cloud services and applications, IT is finding itself wrestling with how to keep companies’ data safe. The challenge? The cloud has created a next-generation, virtual perimeter. Businesses are using infrastructure-as-a-service IaaS, cloud...

6.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/04/16 2:34 p.m.81 views

Malspam Campaigns Distribute HawkEye Keylogger, Post Ownership Change

The HawkEye malware kit and information-stealer has been spotted in a newfound slew of campaigns after a recent ownership change. While the keylogger has been in continuous development since 2013, in December a thread on a hacking site noted an ownership change, after which posts on hacking forum...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2019/04/09 1:0 p.m.81 views

Verizon Router Command Injection Flaw Impacts Millions

UPDATE Three vulnerabilities have been discovered in the Verizon Fios Quantum Gateway which, when exploited together, could give an attacker complete control of a victim’s network. The device is used by millions of Verizon home customers and functions as a home’s wireless router and digital...

9CVSS0.29885EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2019/03/29 4:26 p.m.81 views

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 vulnerabilities on Thursday, including a host of critical flaws in the e-commerce platform that could have let attackers perform a range of malicious activities, such as take over a site and create new admin accounts. The most serious of the bugs is a remote code-execution RCE...

1.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/06 3:24 p.m.81 views

Microsoft Confirms Serious 'PrivExchange' Vulnerability

Microsoft acknowledged an elevated privilege flaw in its Exchange Server could allow a remote attacker with a simple mailbox account to gain administrator privileges. Both a Microsoft advisory and a US-CERT alert were issued on Tuesday warning users of the elevation of privilege flaw, dubbed...

1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/01/31 2:0 p.m.81 views

Mac "CookieMiner" Malware Aims to Gobble Crypto Funds

A newly-discovered malware is targeting Mac users’ web cookies and credentials in hopes of withdrawing funds on their cryptocurrency exchange accounts. The malware, discovered this month and aptly named “CookieMiner,” collects cryptocurrency-related cookies – in addition to compromised credential...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/10/17 5:8 p.m.81 views

libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers

The libssh open-source project has issued an update to address an authentication bypass vulnerability in the server code — to say that it’s trivial to exploit is an understatement. The flaw CVE-2018-10933 exists in libssh versions 0.6 and above being used in server mode – and it allows anyone to...

6.4CVSS0.8AI score0.91789EPSS
Exploits11References6
ThreatPost
ThreatPost
added 2018/10/17 2:4 p.m.81 views

On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy

Google has lifted the curtain on its latest version of Chrome, which the tech giant has pledged touts more data privacy features, as well as fixes for high-priority vulnerabilities. The release comes after Google had promised updates in Chrome 70 to “better communicate our changes and offer more...

6.8CVSS0.8AI score0.83898EPSS
Exploits7References7
ThreatPost
ThreatPost
added 2017/04/11 9:47 a.m.81 views

Tools Used by Lamberts APT Found in Vault 7 Dumps

Links have emerged connecting targeted attacks going back a decade against high-profile government, industrial and financial targets around the world to hacking tools and documents leaked in the Vault 7 dump. Researchers at Kaspersky Lab today published a technical report on the activities of a...

9.3CVSS0.50703EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2017/03/09 12:25 p.m.81 views

Attacks Heating Up Against Apache Struts 2 Vulnerability

Public attacks and scans looking for exposed Apache webservers have ramped up dramatically since Monday when a vulnerability in the Struts 2 web application framework was patched and proof-of-concept exploit code was introduced into Metasploit. The vulnerability, CVE-2017-5638, was already under...

10CVSS9.7AI score0.99999EPSS
Exploits44References7
ThreatPost
ThreatPost
added 2016/12/06 1:58 p.m.81 views

Flash Exploit Found in Seven Exploit Kits

A nasty Adobe Flash zero-day vulnerability that was remediated in an emergency update in October 2015 was thereafter co-opted by seven exploit kits, according to an analysis published today by researchers at Recorded Future. The Adobe vulnerability, CVE-2015-7645, was also used by the Russian APT...

10CVSS9.5AI score0.94354EPSS
Exploits16References8
ThreatPost
ThreatPost
added 2014/11/11 2:7 p.m.81 views

November 2014 Microsoft Patch Tuesday Security Bulletins

A busy Microsoft Patch Tuesday arrived today with an extra sense of urgency and a complication. Among 14 bulletins, four of which are rated critical by Microsoft, is a patch for the OLE zero-day vulnerability being used in a number of targeted attacks. The zero-day is being spread via email...

9.3CVSS0.1AI score0.99945EPSS
Exploits83References19
ThreatPost
ThreatPost
added 2014/03/24 12:55 p.m.81 views

Microsoft Reads User Email without Warrant

Late last week it emerged that Microsoft had searched through the contents of a French blogger’s Hotmail account in order to track down the source of a leak of proprietary information from the Redmond, Wash., tech giant. The Electronic Frontier Foundation and transparency advocates have expressed...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/04/27 12:11 p.m.80 views

Millions of Java Apps Remain Vulnerable to Log4Shell

Four months after the discovery of the zero-day Log4Shell critical flaw, millions of Java applications still remain vulnerable to compromise, researchers have found. Rezilion expected that due to the “massive amount of media coverage” the bug unsurprisingly received, the majority of applications...

7.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/02/03 3:40 p.m.80 views

Five Critical Android Bugs Patched, Part of Feb. Security Bulletin

Google patched five critical bugs in its Android operating system as part of its February Security Bulletin. Two of the flaws were remote code execution vulnerabilities found within the Android media framework and system. Three additional critical Qualcomm bugs were reported by Google and patched...

0.4AI score0.04707EPSS
Exploits1References15
ThreatPost
ThreatPost
added 2020/10/29 2:49 p.m.80 views

Oracle WebLogic Server RCE Flaw Under Active Attack

If an organization hasn’t updated their Oracle WebLogic servers to protect them against a recently disclosed RCE flaw, researchers have a dire warning: “Assume it has been compromised.” Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE...

10CVSS9.7AI score0.99997EPSS
Exploits83References15
ThreatPost
ThreatPost
added 2020/10/23 7:10 p.m.80 views

Election Security: Beyond Mail-In Voting

As a highly publicized event, every four years the U.S presidential election comes with inevitable security risks — and interest from high-level hackers and sophisticated cybercriminals looking to sway its results. The upcoming election ups the stakes — it has captured the attention of everyone...

0.1AI score
Exploits0References1
Total number of security vulnerabilities5000