Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/04/02 8:26 p.m.76 views

ThreatList: Half of All Attacks Aim at Supply Chain

Increasingly sophisticated attacks that target supply chains, counter-incident response and lateral movement within a network are quickly becoming the new normal in the corporate security threat landscape. That’s according to Carbon Black’s latest quarterly Global Incident Response Threat Report,...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/21 6:51 p.m.76 views

Hackers Take Down Safari, VMware and Oracle at Pwn2Own

Hackers took down Apple Safari, VMware Workstation, and Oracle VirtualBox on Wednesday, the first day of Pwn2Own, the annual hacking competition held in tandem with the CanSecWest conference in Vancouver. Contestants with the team of Fluoroacetate Amat Cama and Richard Zhu were the first to hit p...

2.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/03/21 5:14 p.m.76 views

Facebook Stored Passwords in Plain Text For Years

Hundreds of millions of Facebook user passwords have been stored in plain text for years, the social media giant acknowledged on Thursday. KrebsOnSecurity, which first reported the news, said that specifically between 200 and 600 million passwords were stored in plain text as early as 2012, and...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/05 3:15 p.m.76 views

EU Recalls Children's Smartwatch That Leaks Location Data

UPDATE The European Commission has issued a recall for a popular smartwatch for children, citing “serious” privacy issues that could allow a bad actor to track or communicate with kids remotely. The issues exist in Safe-KID-One, an IoT watch made by German company Enox Group that allows parents t...

7.6AI score
Exploits0References17
ThreatPost
ThreatPost
added 2017/03/13 10:27 a.m.76 views

Cody Pierce on the Future of Exploit Development

Mike Mimoso talks to Cody Pierce, director of vulnerability research and prevention with Endgame, at RSA Conference 2017 about how attackers are changing their techniques in the face of mitigations and continuing to base exploits around legitimate APIs and functions to thwart detection. Download:...

9.3CVSS4.1AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2014/07/04 9:0 a.m.76 views

Dennis Fisher and Mike Mimoso Discuss This Week's Microsoft Takedown

Dennis Fisher and Mike Mimoso discuss the Microsoft malware takedown, its legal and security implications and the revelation of a massive financial fraud campaign in Brazil. Download: digitalunderground157.mp3 Music by Chris Gonsalves...

9.3CVSS2.8AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2014/06/05 2:30 p.m.76 views

June 2014 Microsoft Patch Tuesday Security Updates

Prompted by the disclosure of a zero-day vulnerability in Internet Explorer 8 more than six months after it was reported, Microsoft next Tuesday will finally issue a patch. HP’s Zero Day Initiative ZDI released on May 21 some detail on a previously unreported use-after-free bug in IE 8. No public...

9.3CVSS0.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2012/11/20 4:13 p.m.76 views

Gong Da Exploit Kit Bundling Numerous Java Attacks

Don’t expect any relief from the current assault on Java. A new sandbox-escape exploit targeting a vulnerability in the Java Runtime Environment has been integrated into both the Black Hole and Gong Da exploit kits, setting the stage for additional attacks, researchers said. The exploit was...

10CVSS9.9AI score0.98113EPSS
Exploits40References6
ThreatPost
ThreatPost
added 2012/04/09 6:33 p.m.76 views

Navy Hires Contractor to Data-Mine Gaming Consoles

The U.S. Navy recently hired an outside contractor, Obscure Technologies, to develop computer forensics tools capable of analyzing network traffic and stored data on gaming consoles. The contract, valued at $177,237.50, calls on Obscure Technologies to create hardware and software tools that can ...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/06/23 12:21 p.m.75 views

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

Advanced persistent threat group Fancy Bear is behind a phishing campaign that uses the specter of nuclear war to exploit a known one-click Microsoft flaw. The goal is to deliver malware that can steal credentials from the Chrome, Firefox and Edge browsers. The attacks by the Russia-linked APT ar...

9.3CVSS8.3AI score0.99374EPSS
Exploits62References14
ThreatPost
ThreatPost
added 2022/02/02 1:58 p.m.75 views

Charming Kitten Sharpens Its Claws with PowerShell Backdoor

The Iranian advanced persistent threat APT Charming Kitten is sharpening its claws with a new set of tools, including a novel PowerShell backdoor and related stealth tactics, that show the group evolving yet again. The new tools may signal that it’s getting ready to pounce on new victims,...

7.5AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/11/30 1:56 p.m.75 views

Yanluowang Ransomware Tied to Thieflock Threat Actor

A threat actor previously tied to the Thieflock ransomware operation may now be using the emerging Yanluowang ransomware in a series of attacks against U.S. corporations, researchers have found. Researchers from Symantec, a division of Broadcom Software, found ties between Thieflock and Yanluowan...

7.6AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/10/25 8:51 p.m.75 views

BillQuick Billing App Rigged to Inflict Ransomware

Threat actors have been caught exploiting a now-patched zero-day critical vulnerability in a popular timeclock and billing system, to take over vulnerable servers and inflict companies’ networks with ransomware. Discovered by Huntress Labs earlier this month, the ongoing attacks focus on an...

10AI score0.73269EPSS
Exploits3References12
ThreatPost
ThreatPost
added 2021/09/17 12:7 p.m.75 views

Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang

Criminals behind the Ryuk ransomware were early exploiters of the Windows MSHTML flaw, actively leveraging the bug in campaigns ahead of a patch released by Microsoft this week. Collaborative research by Microsoft and RiskIQ revealed campaigns by Ryuk threat actors early on that exploited the fla...

8.8CVSS7.8AI score0.96843EPSS
Exploits38References10
ThreatPost
ThreatPost
added 2021/08/06 2:44 p.m.75 views

Angry Affiliate Leaks Conti Ransomware Gang Playbook

An apparently vengeful affiliate of the Conti Gang has leaked the playbook of the ransomware group after alleging that the notorious cybercriminal organization underpaid him for doing its dirty work. A security researcher shared a comment from an online forum allegedly posted by someone who did...

7AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/07/27 3:43 p.m.75 views

Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers

There are three new, unpatched zero-day vulnerabilities in Kaseya Unitrends that include remote code execution RCE and authenticated privilege escalation on the client-side. The Dutch Institute for Vulnerability Disclosure DIVD on Monday issued a public advisory warning that the service and clien...

8.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/07/20 12:39 p.m.75 views

MosaicLoader Malware Delivers Facebook Stealers, RATs

A never-before-documented Windows malware strain dubbed MosaicLoader is spreading worldwide, acting as a full-service malware-delivery platform that’s being used to infect victims with remote-access trojans RATs, Facebook cookie stealers and other threats. That’s according to Bitdefender...

7.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/05/14 2:3 p.m.75 views

Scheme Flooding Allows User Tracking Across Browsers

A security researcher has discovered a vulnerability that allows websites to track users across a number of different desktop browsers — including Apple Safari, Google Chrome, Microsoft Edge, Mozilla Firefox and Tor — posing a threat to cross-browser anonymity. Called “scheme flooding,” the flaw...

5.8AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/04/29 8:4 p.m.75 views

F5 Big-IP Vulnerable to Security-Bypass Bug

F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center KDC spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads. Join Threatpost for “Fortifying Your Business Against...

0.2AI score0.01326EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2020/12/15 9:4 p.m.75 views

Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome

A Mozilla Foundation update to the Firefox web browser, released Tuesday, tackles one critical vulnerability and a handful of high-severity bugs. The update, released as Firefox version 84, is also billed by Mozilla as boosting the browser’s performance and adding native support for macOS hardwar...

8.9AI score0.01876EPSS
Exploits1References20
ThreatPost
ThreatPost
added 2020/11/12 10:19 p.m.75 views

Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software

ModPipe, a previously unknown backdoor, has been purpose-built to attack restaurant point-of-sale PoS solutions from Oracle. It’s notable for its unusual sophistication, according to researchers, evidenced by its multiple modules. The code is specifically taking aim at the Oracle MICROS Restauran...

7.5CVSS0.3AI score0.9927EPSS
Exploits9References8
ThreatPost
ThreatPost
added 2020/09/28 3:21 p.m.75 views

Joker Trojans Flood the Android Ecosystem

More variants of the Joker Android malware are cropping up in Google Play as well as third-party app stores, in a trend that researchers say points to a relentless targeting of the Android mobile platform. Researchers at Zscaler have found 17 different samples of Joker being regularly uploaded to...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/09/03 1:46 p.m.75 views

India Blocks High-Profile Chinese Apps on Political, Privacy Concerns

India has blocked 118 more mobile apps in its continued crackdown on the use mobile apps from China, citing concerns that they transmit user data out of the country and threaten its “sovereignty and integrity” as political tensions between the two countries rise. Though not all of the apps banned...

0.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/07/30 1:32 p.m.75 views

Vermont Taxpayers Warned of Data Leak Over the Past Three Years

The Vermont Department of Taxes may have been exposing taxpayer data that could be used in credential scams for more than three years due to a vulnerability in its online tax filing system. A notice PDF posted on the department’s website warned taxpayers who filed a Property Transfer Tax return...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/06/16 1:0 p.m.75 views

Shadow IT: Why It’s Still a Major Risk in Today’s Environments

Shadow IT is nothing new. Employees have long adopted software applications or cloud services without the knowledge or approval of their organization’s IT department, most often in search of easier ways to get their jobs done. People typically utilize unsanctioned apps not because they’re seeking...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/04/30 10:0 a.m.75 views

Critical WordPress e-Learning Plugin Bugs Open Door to Cheating

Researchers have disclosed critical-severity flaws in three popular WordPress plugins used widely by colleges and universities: LearnPress, LearnDash and LifterLMS. The flaws, now patched, could allow students to steal personal information, change their grades, cheat on tests and more. The...

7.5CVSS9.2AI score0.49231EPSS
Exploits11References17
ThreatPost
ThreatPost
added 2020/04/23 3:27 p.m.75 views

Public Sector Ransomware Attacks Rage On: Can Your Organization Repel Them?

To pay or not to pay? That is the question many public-sector organizations must grapple with when faced with a complex ransomware attack – even while the COVID-19 pandemic rages on around them. Ransomware attacks to municipal, local, and state government agencies are on the rise. Places as...

0.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/19 9:49 p.m.75 views

Coronavirus Poll Results: Cyberattacks Ramp Up, WFH Prep Uneven

As the COVID-19 pandemic continues to sweep the globe and Americans are told to isolate from others, many organizations are sending employees home to work. While most respondents in a Threatpost poll this week said they feel prepared from a security standpoint for this transition, a fifth of them...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/03/11 3:34 p.m.75 views

New TrickBot Variant Updates Anti-Analysis Tricks

Researchers uncovered a new variant of the TrickBot malware that relies on new anti-analysis techniques, an updated method for downloading its payload as well as adopting minor changes to the integration of its components. TrickBot is a module-based malware that, while first identified as a banki...

0.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/02/26 10:27 p.m.75 views

RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks

SAN FRANCISCO – As companies quickly adopt machine learning systems, cybercriminals are close behind scheming to compromise them. That worries legal experts who say a lack of laws swing open the door for bad guys to attack systems. During a panel session at RSA Conference 2020 this week, Cristin...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/02/21 8:50 p.m.75 views

Active Attacks Target Popular Duplicator WordPress Plugin

Active exploits are targeting a recently patched flaw in the popular WordPress plugin Duplicator, which has more than 1 million active installations. So far, researchers have seen 60,000 attempts to harvest sensitive information from victims. Researchers at Wordfence who discovered the in-the-wil...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/31 8:42 p.m.75 views

Iranian Hackers Target U.S. Gov. Vendor With Malware

Iran-linked threat actor APT34 has been observed sending targeted, malicious email attachments to customers and employees of a company that works closely with U.S. government agencies. The company in question is U.S.-based Westat, a professional services company that provides research services to...

1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/01/21 3:2 p.m.75 views

FTCODE Ransomware Now Steals Chrome, Firefox Credentials

FTCODE, a PowerShell-based ransomware that targets Italian-language users, has added new capabilities, including the ability to swipe saved web browser and email client credentials from victims. Samples of the ransomware, which has been around since 2013, were recently observed in September 2019...

1.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/12/23 2:0 p.m.75 views

Top 10 IoT Disasters of 2019

IoT Disasters 2019 Though more light was shed around insecure Internet of Things IoT devices in 2019 – consequently leading to more calls for regulation– connected devices themselves seemingly stayed just as insecure. From privacy concerns in smart home devices, to botnets evolving to launch...

1AI score
Exploits0References34
ThreatPost
ThreatPost
added 2019/12/16 4:44 p.m.75 views

Echobot IoT Botnet Casts a Wide Net with Raft of Exploit Additions

A variant of the Mirai Internet of Things IoT botnet known as “Echobot” has added 13 more vulnerability exploits to its bag of infiltration tricks, according to researchers. These target a range of devices, including routers, firewalls, IP cameras, server management utilities, a programmable logi...

10CVSS0.58879EPSS
Exploits3References11
ThreatPost
ThreatPost
added 2019/12/09 2:40 p.m.75 views

Reddit Says Influence Campaign is Behind Leaked U.S.-U.K. Trade Documents

Reddit has revealed that key U.S.-U.K. trade documents posted on its site were likely done so as part of a broader political-influence campaign that first appeared on Facebook and tied to Russia-based operatives. The online media aggregator says it has linked documents that were leaked on its sit...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/12/05 9:8 p.m.75 views

Ransomware Attack Hits Data Center Provider CyrusOne: Report

U.S. data center provider CyrusOne has been hit by a ransomware attack, which has impacted six of its managed services customers, a report has found. CyrusOne, which is based in Texas and is one of the biggest data center providers in the U.S., serves more than 185 of Fortune 1000 customers...

0.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/18 10:43 p.m.75 views

Americans Concerned and Confused Over Privacy, Survey Reveals

Call it a case of Facebook privacy breach fatigue. When asked, Americans say companies do a worse job than the government when it comes to protecting data collected on their behalf. They also complain potential risks they face because of data collection by companies outweigh the benefits. The...

0.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/07 12:55 p.m.75 views

Google Enlists Help to Fight Bad Android Apps

After years of unsuccessfully battling malware and bad apps in the Google Play store and on more than 2.5 billion Android devices, Google is finally doing something about it. The tech giant this week unveiled an alliance with three companies with specific expertise in endpoint security to help...

7.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/10/08 6:9 p.m.75 views

Sextortionists Get Past Defenses with Cryptocurrency Shift

A sextortion campaign is making the rounds that attempts to evade detection by demanding payment in cryptocurrencies other than Bitcoin. Sextortion operators typically send emails out claiming to have harvested webcam footage or browser histories related to adult content from the recipient’s...

0.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/08/28 3:5 p.m.75 views

Google Squashes High-Severity Blink Browser Engine Flaw

Google is urging users of its Chrome browser to update after a high-severity vulnerability – which could enable remote attackers to execute code and carry out other malicious attacks – was uncovered. The vulnerability CVE-2019-5869, a use-after-free flaw, specifically exists in Blink, an...

4.3CVSS0.4AI score0.00765EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2019/08/07 6:20 p.m.75 views

Black Hat 2019: Security's Powerful Cultural Transformation

LAS VEGAS — “Start with yes.'” That’s the advice to security teams from Dino Dai Zovi, mobile security lead at Square, giving the keynote on Wednesday at the 23rd annual Black Hat conference in Las Vegas. Taking as a first principle the idea that security teams now have the ear of company boards...

7.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/05/03 9:16 p.m.75 views

Researchers Weigh in on Trump's Cyber Workforce Executive Order

Security researchers are reacting to a cybersecurity workforce executive order from the White House that came down Thursday, aimed at improving the level of cyber-expertise at federal agencies. While outlining no specific steps or actions, the order creates a directive to create “a superior...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/05/02 3:24 p.m.75 views

Cisco Warns of Critical Nexus 9000 Data Center Flaw

A critical vulnerability in Cisco’s software-defined networking SDN software could allow an unauthenticated, remote attacker to connect to a vulnerable data-center switch and take it over, with the privileges of the root user. The bug CVE-2019-1804, which has a CVSS severity rating of 9.8 out of...

10CVSS0.9AI score0.0348EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2019/04/08 10:0 a.m.75 views

SAS 2019: Exodus Spyware Found Targeting Apple iOS Users

SINGAPORE— The Exodus spyware that was recently found lurking in 25 different malicious apps on Google Play has been ported to the Apple iOS ecosystem. The surveillance package can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices. Earlier this...

Exploits0References8
ThreatPost
ThreatPost
added 2019/03/11 8:14 p.m.75 views

Google Patches Critical Bluetooth RCE Bug

Eleven critical Android bugs were patched as part of Google’s March Security Update. Three of them were tied to Android’s media framework and core system, while the others were related to faulty Qualcomm chip components. Out of those critical bugs, Google patched three critical remote...

9.3CVSS0.4AI score0.0137EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2018/10/19 2:22 p.m.75 views

Trivial Post-Intrusion Attack Exploits Windows RID

An novel post-intrusion attack technique allows hackers to hijack a Windows system component called RID, allowing the adversaries to assign administrative privileges to “guest” and other low-level accounts. The technique is simple and does not require a lot of sophistication, security researcher...

0.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2017/09/26 2:28 p.m.75 views

Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug

Oracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities, including a critical remote code execution vulnerability CVE-2017-9805 that could let an attacker take control of an affected system, late last week. The Apache Software Foundation patched the RCE...

10CVSS9.2AI score0.99999EPSS
Exploits90References10
ThreatPost
ThreatPost
added 2016/09/26 10:45 a.m.75 views

OpenSSL Fixes Critical Bug Introduced by Latest Update

OpenSSL today released an emergency security update after a patch in its most recent update issued last week introduced a critical vulnerability in the cryptographic library. The new flaw affects only OpenSSL 1.1.0a, which was made available last Thursday; users are urged to update to 1.1.0b...

5CVSS0.7AI score0.95707EPSS
Exploits7References3
ThreatPost
ThreatPost
added 2015/12/23 9:1 a.m.75 views

Microsoft Bans Superfish SSL Interception Adware

Microsoft has taken steps to impede the next Superfish from impacting users. Superfish was pre-installed adware found on new Lenovo laptops earlier this year. The software exposes users to man-in-the-middle attacks because of the way it injects advertisements into the browser. It comes with a...

9.3CVSS1.3AI score0.99945EPSS
Exploits33References3
Total number of security vulnerabilities5000