Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2022/02/10 4:39 p.m.77 views

SAP to Give Threat Briefing on Uber-Severe ‘ICMAD’ Bugs

There’s a trio of critical vulnerabilities, fixed on Tuesday, in SAP business applications that use the ubiquitous Internet Communication Manager ICM: the component that gives SAP products the HTTPS web server they need to connect to the internet or talk to each other. The vulnerabilities,...

9.3CVSS0.3AI score0.99999EPSS
Exploits359References24
ThreatPost
ThreatPost
added 2022/02/07 10:39 p.m.77 views

CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug

CISA is putting the thumbscrews on federal agencies to get them to patch an actively exploited Windows vulnerability. On Friday, the U.S. Cybersecurity and Infrastructure Security Agency CISA announced that it added the vulnerability – tracked as CVE-2022-21882 and with a CVSS criticality rating ...

7.8CVSS9.2AI score0.55711EPSS
Exploits7References14
ThreatPost
ThreatPost
added 2021/08/13 9:19 p.m.77 views

Amazon’s Plan to Track Worker Keystrokes: A Sign of Controls to Come?

Data theft, insider threats and imposters accessing sensitive customer data have apparently gotten so bad inside Amazon, the company is considering rolling out keyboard-stroke monitoring for its customer-service reps. A confidential memo from inside Amazon explained that customer service credenti...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/01/25 5:4 p.m.77 views

SonicWall Breach Stems from ‘Probable’ Zero-Days

UPDATE SonicWall is investigating “probable” zero-day flaws in its remote access security products that have been targeted by “highly-sophisticated” attackers. The company says it is investigating the attack and will update customers within 24 hours. The security company said it is currently...

1.2AI score0.00836EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/11/17 3:17 p.m.77 views

Cisco Patches Critical Flaw After PoC Exploit Code Release

A day after proof-of-concept PoC exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. Cisco Security Manager is an end-to-end security management application for enterprise administrators, which gives them the ability to enforce various security...

9AI score0.87719EPSS
Exploits0References16
ThreatPost
ThreatPost
added 2020/04/28 8:20 p.m.77 views

Critical Adobe Illustrator, Bridge and Magento Flaws Patched

Adobe is warning of critical flaws in Adobe Bridge, Adobe Illustrator and the Magento e-commerce platform. If exploited, the most severe vulnerabilities could enable remote code execution on affected systems. Adobe’s out-of-band security update, released on Tuesday, addressed vulnerabilities tied...

9.3CVSS0.7AI score0.0572EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2020/03/03 9:50 p.m.77 views

Cobalt Ulster Strikes Again With New ForeLord Malware

A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat APT group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/02/26 5:35 p.m.77 views

Hackers Cashing In On Healthcare Industry Security Weaknesses

SAN FRANCISCO – Cybercriminals are pushing boundaries in looking for new ways to cash in on the healthcare space – whether it is persuading desperate patients to download health information apps that actually infect their devices with malware, attacking hospitals with ransomware attacks or even...

10CVSS0.2AI score0.03633EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/07 2:27 p.m.77 views

Facebook Cracks Down on Deepfake Videos

Facebook is banning deepfake videos, which stem from a technique of human-image synthesis based on artificial intelligence AI to create fake content. Over the past year, security experts and lawmakers have voiced concerns about malicious deepfake applications, particularly as a vessel for...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/11/05 4:0 p.m.77 views

Trump, Putin and Politics Name-Dropped to Peddle Malware

With the U.S. presidential elections looming, bad actors are tapping into the political craze with several malware distribution campaigns, using high-profile political names to tap into victims’ emotions and convince them to click on malicious links. Researchers have uncovered hundreds of...

0.7AI score
Exploits0References15
ThreatPost
ThreatPost
added 2019/10/07 8:31 p.m.77 views

Vulnerable Twitter API Leaves Tens of Thousands of iOS Apps Open to Attacks

Researchers are warning that an old Twitter API still used by popular iOS mobile apps that could be abused as part of a man-in-the-middle attack. It could be used to hijack Twitter accounts and compromise other third-party apps that are linked to the same “login with Twitter” feature. According t...

5.8CVSS0.01025EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2019/09/23 7:21 p.m.77 views

More U.S. Utility Firms Targeted in Evolving LookBack Spearphishing Campaign

A spearphishing campaign, first spotted in July targeting three U.S. utility companies with a new malware variant, has evolved its tactics and extended its targeting to include nearly 20 companies. The campaign was first discovered in phishing emails, sent between July 19 and 25, which targeted...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/20 9:27 p.m.77 views

Microsoft Offers $30K Rewards For Chromium Edge Beta Flaws

Microsoft is calling on researchers to help sniff out any security glitches in the beta version of its new Chromium-based Edge browser before officially pushing it live. The tech company has been working to build a new version of Edge based on Google’s open-source Chromium code, as opposed to its...

7.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/07/16 4:50 p.m.77 views

WhatsApp, Telegram Coding Blunders Can Expose Personal Media Files

Though WhatsApp and Telegram tout themselves as secure messaging services, faulty developer coding that allows cyberattackers to intercept media files sent on the Android versions of the services like photos and videos, documents and voice memos undercuts that claim. The security weakness, dubbed...

0.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/01 8:19 p.m.77 views

Facebook Removes Accounts Used to Infect Thousands With Malware

Facebook has shut down more than 30 accounts spreading malware through malicious links that purport to be news about the ongoing political situation in Libya. The campaign, ongoing since 2014, has infected tens of thousands of victims with remote access trojans RATs, according to researchers. The...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/06/03 7:8 p.m.77 views

WWDC 2019: Apple Takes Aim at Facebook on Privacy

Apple took a swipe at Facebook at its Worldwide Developers’ Conference WWDC on Monday, unveiling fresh privacy features for the upcoming version of its iOS operating system for iPhone and iPad iOS 13. Most notably, it took the wraps off of an authentication mechanism that will allow users to sign...

6.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/03/14 4:33 p.m.77 views

GlitchPOS Malware Appears to Steal Credit-Card Numbers

A new insidious malware bent on siphoning credit-card numbers from point-of-sale PoS systems has recently been spotted on a crimeware forum. Researchers at Cisco Talos said in a Wednesday analysis that they discovered the malware, dubbed “GlitchPOS,” being peddled on the Dark Web for $250. The...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2018/03/02 3:12 p.m.77 views

Equifax Says 2.4 Million More People Impacted By Massive 2017 Breach

Equifax said that an additional 2.4 million Americans have had their personal data stolen as part of the company’s massive 2017 data breach, including their names and some of their driver’s license information. The additional identified victims bring the total of those implicated in what has beco...

10CVSS0.2AI score0.99999EPSS
Exploits44References11
ThreatPost
ThreatPost
added 2018/02/02 1:32 p.m.77 views

JenX Botnet Has Grand Theft Auto Hook

Researchers at Radware have discovered a new botnet that uses vulnerabilities linked with the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect IoT devices. Satori is a derivative of Mirai, the notorious botnet that in 2016 infamously managed to take down Dyn, a D...

10CVSS9.3AI score0.99975EPSS
Exploits8References9
ThreatPost
ThreatPost
added 2015/09/08 3:19 p.m.77 views

September 2015 Microsoft Patch Tuesday Security Bulletins

Microsoft today patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked, and is one of five vulnerabilities patched this month that have been publicly disclosed. Microsoft released a dozen bulletins today, five of them it rates critica...

9.3CVSS0.8AI score0.99945EPSS
Exploits35References12
ThreatPost
ThreatPost
added 2014/09/19 11:43 a.m.77 views

Era Ends With Break Up of Trustworthy Computing Group at Microsoft

In a move that has surprised many in the security community, Microsoft has disbanded its Trustworthy Computing unit, the group that was responsible for the pioneering work that helped reverse the company’s security reputation and make Windows a much more secure and reliable computing platform. Th...

9.3CVSS8.4AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/05/28 6:56 p.m.77 views

Ruby on Rails Exploit Harvests IRC Botnet

Developers who have not updated their Ruby on Rails installations with a five-month-old security patch would do well to secure the Web development framework now. Exploit code has surfaced for CVE-2013-0156 that is being used to build a botnet of compromised servers. Exploit code has been publicly...

7.5CVSS0.5AI score0.99449EPSS
Exploits21References6
ThreatPost
ThreatPost
added 2010/01/18 5:21 p.m.77 views

Botnets Hit Perl Testers With Denial of Service Attack

According to a posting on the CPAN Testers’ blog, the CPAN Testers’ server has been being aggressively scanned by “20-30 bots every few seconds” in what they call “a dedicated denial of service attack”; these bots “completely ignore the rules specified in robots.txt”. Read the full article. The H...

9.3CVSS2.9AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/04/19 2:7 p.m.76 views

Protect Your Executives’ Cybersecurity Amidst Global Cyberwar

It’s been roughly two months since Russia first launched its unprovoked invasion of Ukraine. Since then, the world has borne witness to unspeakable tragedy. While damaged and destroyed property can and will be rebuilt; the death and despair incurred by Ukrainians will leave a lasting imprint acro...

7.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/01/21 9:3 p.m.76 views

The Internet’s Most Tempting Targets

The number of exposed assets keeps climbing, but existing security strategies aren’t keeping up. Attack surfaces are getting more complex, and the excruciatingly hard part is figuring out where to focus. For every 1,000 assets on an attack surface, there is often only one that’s truly interesting...

10CVSS9.3AI score0.19087EPSS
Exploits1References13
ThreatPost
ThreatPost
added 2021/09/08 12:24 p.m.76 views

Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows

Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution RCE vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. Microsoft has not revealed much about the MSHTML bug,...

8.8CVSS7.4AI score0.96843EPSS
Exploits38References7
ThreatPost
ThreatPost
added 2021/08/27 12:0 p.m.76 views

‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast

Systems actively encrypted? Are they showing a screen that says “pay the ransom?” Too late: At that point, you’re probably toast. A few options, none great: 1. The painful and problematic process of recovery-via-backups if you have them and they work. You’ve tested them, right? No? Sorry: You can...

6.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/07/22 5:46 p.m.76 views

Industrial Networks Exposed Through Cloud OT

The benefits of using a cloud-based management platform to monitor and configure industrial control systems ICS devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be used to paralyz...

9.8CVSS8.7AI score0.01418EPSS
Exploits2References6
ThreatPost
ThreatPost
added 2021/07/15 3:41 p.m.76 views

SonicWall Warns Firewall Hardware Bugs Under Attack

Security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an “imminent ransomware campaign using stolen credentials” that’s exploiting security holes in current models and those running legacy firmware. Targeted are the company’s Secure Mobile Access SMA...

7.5CVSS8.2AI score0.99906EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2021/04/05 7:10 p.m.76 views

Apple Mail Zero-Click Security Vulnerability Allows Email Snooping

A zero-click security vulnerability in Apple’s macOS Mail would allow a cyberattacker to add or modify any arbitrary file inside Mail’s sandbox environment, leading to a range of attack types. According to Mikko Kenttälä, founder and CEO of SensorFu, exploitation of the bug could lead to...

6.4CVSS8.1AI score0.01489EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/02/02 9:38 p.m.76 views

TrickBot Continues Resurgence with Port-Scanning Module

The TrickBot trojan is continuing its bounce-back from an autumn takedown, recently adding a network-scanning module that uses the Masscan open-source tool to look for open ports. Masscan is a mass TCP/IP port scanner, which can scan the entire internet in under five minutes according to its...

1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/12/15 2:0 p.m.76 views

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

Healthcare cybersecurity threats have been under the spotlight this past year, in particular with the rise of COVID-19 and the budgetary and resource strains that has put on hospitals. Beau Woods, a Cyber Safety Innovation Fellow with the Atlantic Council, founder and CEO of Stratigos Security an...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/11/12 10:19 p.m.76 views

Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software

ModPipe, a previously unknown backdoor, has been purpose-built to attack restaurant point-of-sale PoS solutions from Oracle. It’s notable for its unusual sophistication, according to researchers, evidenced by its multiple modules. The code is specifically taking aim at the Oracle MICROS Restauran...

7.5CVSS0.3AI score0.9927EPSS
Exploits9References8
ThreatPost
ThreatPost
added 2020/11/06 2:5 p.m.76 views

Apple Patches Bugs Tied to Previously Identified Zero-Days

Apple has patched three previously identified zero-day vulnerabilities in its iPhone, iPod and iPad devices potentially related to a spate of related flaws recently discovered by the Google Project Zero team that also affect Google Chrome and Windows. Apple this week released iOS 14.2 and iPadOS...

7.6AI score0.22178EPSS
Exploits2References18
ThreatPost
ThreatPost
added 2020/09/25 9:10 p.m.76 views

FortiGate VPN Default Config Allows MitM Attacks

Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle MitM attacks, according to researchers, where threat actors could intercept important data. According to the SAM IoT Security Lab, the FortiGate SSL-VPN client only verifies that the...

1.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/08/07 8:24 p.m.76 views

Attackers Horn in on MFA Bypass Options for Account Takeovers

An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication MFA and conditional access controls, according to researchers. While brute-forcing and password spraying techniques are the most common way to mount account takeovers, more...

1.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/04/13 8:29 p.m.76 views

Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update

Oracle admins are staring down the barrel of a massive quarterly Critical Patch Update that includes 405 patches. Business software giant Oracle Corp. revealed 286 of those vulnerabilities are remotely exploitable across nearly two dozen product lines. Impacted with multiple critical flaws, rated...

9.3CVSS0.7AI score0.07871EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2020/04/08 6:46 p.m.76 views

Dark_Nexus Botnet Compromises Thousands of ASUS, D-Link Routers

A new botnet has compromised hundreds of ASUS, D-Link and Dasan Zhone routers over the past three months, as well as Internet of Things IoT devices like video recorders and thermal cameras. The botnet, called darknexus based on a string it prints in its banner, uses processes similar to previous...

10CVSS0.97136EPSS
Exploits16References13
ThreatPost
ThreatPost
added 2020/04/07 5:6 p.m.76 views

xHelper: The Russian Nesting Doll of Android Malware

The “undeletable” xHelper malware – which ultimately results in the installation of the Triada trojan – has become a virulent scourge for Android devices this year, according to researcher analysis – bringing with it a hallmark of being virtually indestructible for the common user. xHelper is kno...

0.6AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/04/07 1:55 p.m.76 views

Official Government COVID-19 Mobile Apps Hide a Raft of Threats

A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. However, they’re also putting people’s privacy and the security of their data at risk, researchers have found. Security researchers at the ZeroFO...

4.3CVSS5.5AI score0.0151EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/13 8:56 p.m.76 views

Working from Home: COVID-19's Constellation of Security Challenges

As the threat of coronavirus continues to spread, businesses are sending employees home to work remotely, and students are moving to online classes. But with the social distancing comes a new threat – a cyber-related one. As organizations rush to shift their businesses and classes online,...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/25 10:36 p.m.76 views

Video: Ransomware a Growing Industrial Security Threat

SAN FRANCISCO – Today, Operational Technology OT and Information Technology systems are merging and changing security playbooks. Here at RSA Conference 2020, Waterfall Security‘s CEO and co-founder Lior Frenkel describes the front lines of the convergence. Frenkel maintains that just as more...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/02/03 12:15 p.m.76 views

TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection

The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control UAC to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs te...

1.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/01/16 2:35 p.m.76 views

‘Fleeceware’ Apps Downloaded 600M Times from Google Play

Google has made a concerted effort in recent months to try to eliminate bad apps for its Android mobile platform on the Google Play store—something the company historically has battled. However, fleeceware apps—which trick users into paying excessive amounts of money for simple apps with...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/12/19 9:47 p.m.76 views

267M Facebook Users’ Phone Numbers Exposed Online

A database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed. Security researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it...

0.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/12/17 2:0 p.m.76 views

Alexa, Google Home Eavesdropping Hack Not Yet Fixed

Months after researchers disclosed a new way to exploit Alexa and Google Home smart speakers to spy on users, those same researchers now warn that Amazon and Google have yet to create effective ways to prevent the eavesdropping hack. The researchers who in October disclosed the “Smart Spies” hack...

7.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/15 5:20 p.m.76 views

Podcast: Managing an Out-Of-Control Security Tech Stack

This podcast is sponsored by Arctic Wolf. In this sponsored podcast, Threatpost podcast host Cody Hackett and Sam McLane, chief technology officer with Arctic Wolf, discuss important considerations when building a multi-layered cybersecurity strategy and best practices when evaluating security...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/11/06 10:20 p.m.76 views

Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security

The headlines over the past few years have been consistent – enterprises are pouring more and more money into cybersecurity countermeasures. Indications are that 2020 will be no different, with reports that nearly three quarters of CISOs plan to ask their CFOs for increased cybersecurity investme...

9.3CVSS8.2AI score0.012EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2019/10/29 2:57 p.m.76 views

Fancy Bear Targets Sporting, Anti-Doping Orgs As 2020 Olympics Loom

At least 16 anti-doping authorities and sporting organizations around the world have been hit by cyberattacks as the world begins to gear up for the Tokyo Summer Olympic Games, which kick off July 2020. The attacks, which began Sept. 16, have been linked to infamous Russian threat group Fancy Bea...

9.3CVSS0.2AI score0.99512EPSS
Exploits75References15
ThreatPost
ThreatPost
added 2019/10/16 12:45 p.m.76 views

Cybercrime Tool Prices Bump Up in Dark Web Markets

Prices have been rising in the last two years for longstanding tools available on the Dark Web to help bad actors commit cyber attacks and fraud, alongside newer innovations that are emerging to bolster crimes like ransomware and SIM swapping, new research has found. Keeping track of these trends...

7.3AI score
Exploits0References6
Total number of security vulnerabilities5000