Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/07/16 9:10 p.m.73 views

Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers

For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red. On Wednesday, MalwareHunterTeam disclosed its discovery of numerous Linux ELF-64 versions of the HelloKitty...

7AI score
Exploits0References18
ThreatPost
ThreatPost
added 2021/07/13 12:58 p.m.73 views

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack

SolarWinds has issued a hotfix for a zero-day remote code execution RCE vulnerability already under active, yet limited, attack on some of the company’s customers. Microsoft alerted the company about the flaw, which affects its Serv-U Managed File Transfer Server and Serv-U Secured FTP products...

10CVSS9.6AI score0.9116EPSS
Exploits2References12
ThreatPost
ThreatPost
added 2021/05/05 9:3 p.m.73 views

New Crypto-Stealer ‘Panda’ Spreads via Discord

Yet another new information stealer – Panda Stealer – is being spread through a worldwide spam campaign. On Tuesday, Trend Micro researchers said that they first spotted the new stealer in April. The most recent wave of the spam campaign has had the biggest impact in Australia, Germany, Japan and...

5.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/12/10 4:9 p.m.73 views

Zero-Click Wormable RCE Vulnerability in Cisco Jabber Gets Fixed, Again

Cisco Systems released an updated patch for a critical vulnerability in its video and instant messaging platform Jabber, originally patched in September. The cross-site scripting bug could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and...

9CVSS0.1AI score0.02517EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/07/31 9:5 p.m.73 views

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

UPDATE Multiple high-severity vulnerabilities in the Grandstream HT800 series of Analog Telephone Adaptors ATAs threaten home office and midrange users alike, with outages, eavesdropping and device takeover. The HT800 series of ATAs is designed for everyone from home or small-office users to...

9.3CVSS8.9AI score0.0547EPSS
Exploits4References12
ThreatPost
ThreatPost
added 2020/07/16 1:0 p.m.73 views

Amazon-Themed Phishing Campaigns Swim Past Security Checks

Amazon in the era of COVID-19 has become a staple of many people’s lives, as they order everything from sourdough starter to exercise equipment. Cybercrooks have latched onto the delivery behemoth as a lure for phishing emails, knowing that plenty of legitimate delivery messages are also making i...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/06/05 4:1 p.m.73 views

WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?

UPDATE A researcher is warning that a WhatsApp feature called “Click to Chat” puts users’ mobile phone numbers at risk — by allowing Google Search to index them for anyone to find. But WhatsApp owner Facebook says it is no big deal and that the search results only reveal what the users have chose...

6.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/05/20 1:47 p.m.73 views

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested

A hacker accused of selling hundreds of millions of stolen credentials from last year’s “Collection 1” data dump on the dark web has been arrested in the Ukraine. The Security Service of Ukraine SSU took into custody a threat actor known as “Sanix,” who they claim posted 773 million e-mail...

0.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/04/27 9:15 p.m.73 views

GDPR Compliance Site Leaks Git Data, Passwords

A website that gives advice on privacy regulation compliance has fixed a security issue that was exposing MySQL database settings — including passwords — to anyone on the internet. The website, GDPR.EU, is an advice site for organizations that are struggling to comply with the General Data...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/04/27 1:0 p.m.73 views

Eight Common OT / Industrial Firewall Mistakes

Most industrial sites deploy firewalls as the first line of defense for their Operations Technology OT / industrial networks. However, configuring and managing these firewalls is a complex undertaking. Configuration and other mistakes are easy to make. This article explores eight common mistakes...

0.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/04/23 5:45 p.m.73 views

Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak

The discovery of leaked source code for two popular games – Counter-Strike: Global Offensive CS:GO and Team Fortress 2 – has led to security concerns and even calls for gamers to uninstall the software from their computers. The developer and publisher of the two games, Valve, is downplaying the...

7.3AI score
Exploits0References21
ThreatPost
ThreatPost
added 2020/03/31 3:14 p.m.73 views

Millions of Guests Impacted in Marriott Data Breach, Again

For the second time in two years, the Marriott hotel empire has suffered a major data breach. This time, approximately 5.2 million guests have been affected. The attack was carried out via third-party software that Marriott’s hotel properties use to provide guest services, according to an online...

7AI score
Exploits0References21
ThreatPost
ThreatPost
added 2020/03/23 8:35 p.m.73 views

Hackers Actively Exploit 0-Day in CCTV Camera Hardware

Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found. The company, an IP video solution provider, was being targeted by hackers hijacking the company’s DVR hardware. Once commandeered, hackers then planted...

0.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/31 12:1 p.m.73 views

Microsoft Offers Rewards of Up to $20,000 in New Xbox Bug Bounty Program

Microsoft is offering rewards of up to $20,000 for finding vulnerabilities in its Xbox gaming platform through its latest bug bounty program unveiled this week. The Xbox Bounty Program is open to gamers, security researchers and basically anyone who can help the tech giant identify security...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/22 11:50 p.m.73 views

Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment

The very first Pwn2Own hacking competition that exclusively focuses on the industrial control systems ICS has kicked off in Miami. So far, a total of $180,000 has been awarded for pwning five different products. The contest hosts at Trend Micro’s Zero Day initiative ZDI have allocated more than...

1.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/10 12:58 p.m.73 views

Oil-and-Gas APT Pivots to U.S. Power Plants.

A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part...

0.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/09/25 9:37 p.m.73 views

Magecart Group Targets Routers Behind Public Wi-Fi Networks

A faction of the Magecart threat group is testing code that targets routers used to provide free or paid Wi-Fi services in public spaces and hotels. If successful, attackers would able to compromise these commercial-grade routers and be able to siphon payment data of users joining Wi-Fi networks ...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/09/11 2:37 p.m.73 views

198 Million Car-Buyer Records Exposed Online for All to See

Over 198 million records containing information on prospective car buyers, including loan and finance data, vehicle information and IP addresses for website visitors, has been found exposed on the internet for anyone to see. The non-password protected Elasticsearch database belonged to Dealer...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/09/04 1:0 p.m.73 views

MSP or System Integrator? Add Incident Response to Your Portfolio at No Cost

As breaches and cyberattacks grow in a steady upward trajectory, organizations are increasingly looking for ways to protect their assets, outsourcing critical Incident Response IR services to third-party providers. Cynet is now providing its IR services at no cost in a market-first offering which...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/08/06 3:48 p.m.73 views

Mass Spoofing Campaign Abuses Walmart Brand

An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information. The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/07/31 4:13 p.m.73 views

Chrome 76 Dumps Default Adobe Flash Player Support

Google has launched the latest iteration of the Chrome browser for Windows, Mac and Linux, which blocks Adobe Flash Player default support and comes with more than 40 security fixes. Though plans to deprecate Adobe Flash in Chrome have been brewing for years, Chrome 76 takes an official first ste...

6.8CVSS7.9AI score0.01009EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2019/07/09 5:7 p.m.73 views

1,300 Popular Android Apps Access Data Without Proper Permissions

Over 1,300 popular Android apps defy user permissions and gather sensitive data with no consent, according to a study by a coalition of academics from the International Computer Science Institute. The report examined popular mobile apps available through the U.S. version of the Google Play store,...

Exploits0References4
ThreatPost
ThreatPost
added 2019/05/21 2:22 p.m.73 views

Millions of Golfers Land in Privacy Hazard After Cloud Misconfig

Finding cloud databases with sensitive information left open to the internet has become par for the course these days – as a new exposure of millions of sensitive data points for the users of a golf app demonstrates. Millions of golfer records from the Game Golf app, including GPS details from...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/05/13 9:2 p.m.73 views

Twitter Leaks Apple iOS Users' Location Data to Ad Partner

Twitter has disclosed a security bug in its platform that it said inadvertently leaked iOS users’ location data. The Twitter for iOS bug leaked location data at the ZIP code or city level, according to the social media company’s announcement on Monday. Twitter stressed that it has fixed the bug,...

6.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/05 10:1 p.m.73 views

Podcast: Chris Vickery on UpGuard's Discovery of Millions of Facebook Records

Data collection and security was thrust to the forefront this week after researchers with UpGuard disclosed that hundreds of millions of Facebook records were found in two separate publicly-exposed app datasets. The two publicly-exposed datasets included one controlled by Mexican media company...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/18 5:41 p.m.73 views

Google Gives Users More Choice with Location-Tracking Apps

Anyone who uses a mobile app knows how convenient the features that use location data can be, from getting turn-by-turn directions and finding nearby restaurants to fitness-tracking and weather integration. But these rich mobile “experiences” – as app developers call them – can be a double-edged...

2.1CVSS5.2AI score0.00154EPSS
Exploits4References10
ThreatPost
ThreatPost
added 2019/03/07 9:11 p.m.73 views

RSA Conference 2019: Firms Continue to Fail at IoT Security

SAN FRANCISCO – Low prices and firms racing products to market are two of the biggest factors when it comes to why Internet of Things devices are not getting the type of security do diligence they deserve. According to Checkmarx researcher Erez Yalon, despite years of the infosec community soundi...

7.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/02/13 10:24 p.m.73 views

Lenovo Watch X Riddled with Security Vulnerabilities

Researchers are raking the Lenovo Watch X over the security coals in a report that blasts the device for shipping with a half dozen “disturbing” privacy and security vulnerabilities. The budget $50 smartwatch was introduced in June 2018 and was initially praised for its design, features and...

7.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/01/31 6:10 p.m.74 views

U.S. Government Goes After North Korea's Joanap Botnet

The U.S. Justice Department is looking to retaliate against North Korea-linked hackers who have built up a massive global network of infected computers. The department announced on Wednesday that it would seek to map out the Joanap botnet, which has been built and controlled by North Korea-linked...

1.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2018/12/05 3:18 p.m.73 views

Adobe Patches Zero-Day Vulnerability in Flash Player

Adobe on Wednesday released several unscheduled fixes for Flash Player, including a critical vulnerability that it said is being exploited in the wild. The critical vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code-execution in Flash. “Adobe has released security...

10CVSS1.3AI score0.89618EPSS
Exploits32References5
ThreatPost
ThreatPost
added 2018/12/04 4:56 p.m.73 views

Google Patches 11 Critical RCE Android Vulnerabilities

Remote code-execution RCE vulnerabilities dominated Google’s December Android Security Bulletin. The flaws are part of a total of 53 unique bugs patched by the Android security team, with a total number of 11 critical bugs – six of which are RCE flaws tied to the operating system’s Media Framewor...

9.3CVSS0.5AI score0.01246EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2018/03/13 6:25 p.m.73 views

Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update

Microsoft patched 15 critical vulnerabilities this month as part of its March Patch Tuesday roundup of fixes. In all, the company issued 75 fixes, with 61 rated important. Products receiving the most urgent patches included Microsoft browsers and browser-related technologies such as the company’s...

7.6CVSS0.3AI score0.82334EPSS
Exploits4References7
ThreatPost
ThreatPost
added 2015/01/27 12:55 p.m.73 views

GHOST glibc Linux Remote Code Execution Vulnerability

A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the nsshostnamedigitsdots...

10CVSS9.1AI score0.94859EPSS
Exploits29References7
ThreatPost
ThreatPost
added 2014/09/25 4:30 p.m.73 views

Bash Vulnerability Exploits Dropping DDoS Bots

A honeypot run by researchers at AlienVault Labs has snared two separate pieces of malware attempting to exploit the Bash vulnerability. One sample is a repurposed IRC bot written in Perl that is trying to build a botnet to be used in distributed denial of service attacks DDoS, said Jaime Blasco,...

10CVSS0.99999EPSS
Exploits132References6
ThreatPost
ThreatPost
added 2014/06/17 10:47 a.m.73 views

Android Root Access Vulnerability Affecting Most Devices

A recently disclosed vulnerability in version 3.14.5 of the Linux kernel is also present in most versions of Android and could give attackers the ability to acquire root access on affected devices. Researchers at Lacoon Mobile Security are calling the bug “TowelRoot,” because it is the very same...

7.2CVSS0.5AI score0.37233EPSS
Exploits15References3
ThreatPost
ThreatPost
added 2014/04/15 3:7 p.m.73 views

Microsoft Releases Free Threat Modeling Tool 2014

Threat modeling has been part of the security culture at Microsoft for the better part of a decade, an important piece of the Security Development Lifecycle that’s at the core of Trustworthy Computing. Today, Microsoft updated its free Threat Modeling Tool with a number of enhancements that bring...

9.3CVSS8.6AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2014/03/13 7:33 p.m.73 views

IE 11 Stands Up to Pwn2Own Exploit Attempt

VANCOUVER – Successful exploits at the Pwn2Own contest get all the glitz, but the rarities are the exploits that fail. A group of four young South Korean hackers from ASRT, all of them well shy of their thirtieth birthdays, stood in proxy for Jung Hoon Lee. Lee was home fulfilling a military...

9.3CVSS8.7AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2014/02/26 2:14 p.m.73 views

Threat Modeling, Legos and Dancing Babies

SAN FRANCISCO–The concept of threat modeling has evolved quite a lot in the last few years, moving from an activity that massive software companies such as Microsoft and Google use to anticipate and defend against potential threats to their products to something that many smaller organizations...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2012/07/27 1:57 p.m.73 views

Vasillis Pappas Wins $200,000 Microsoft Blue Hat Prize

LAS VEGAS–Microsoft on Thursday handed out three rather large checks to a trio of security researchers, the largest one–$200,000–going to Vasillis Pappas who won the company’s first Blue Hat Prize competition for defensive technologies. Pappas’s kBouncer ROP mitigation technology edged out...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2010/09/21 3:4 p.m.73 views

Microsoft Warns of Attacks Against ASP.NET Flaw

Microsoft is warning customers that it has seen ongoing attacks against the recently disclosed padding oracle vulnerability in ASP.NET and is encouraging them to implement a workaround that will help protect against the publicly disclosed exploit for the bug. The workaround that Microsoft has...

9.3CVSS0.2AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2009/06/22 10:33 a.m.73 views

Microsoft Security Intelligence Report: The Vinny and Tim Show

This video features Tim Rains and Vinny Gullotto of Microsoft discussing the major threats from the second half of 2008...

9.3CVSS1.3AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2009/06/19 6:13 p.m.73 views

Microsoft Takes the Lead in Security

From InfoWorld Roger Grimes Talk about a turnaround. It’s always hard to recognize the larger, slow-moving paradigm shifts as they happen. But after a decade of bad press regarding its commitment to software security, Microsoft seems to have turned the tide. Redmond is getting consistent security...

9.3CVSS0.5AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/02/18 1:46 p.m.72 views

Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code

Footage of opposition leaders calling for the assassination of Iran’s Supreme Leader ran on several of the nation’s state-run TV channels in late January after a state-sponsored cyber-attack on Iranian state broadcaster IRIB. The incident – one of a series of politically motivated attacks in Iran...

9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/01/06 4:47 p.m.72 views

Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover

A security vulnerability in VMware’s Cloud Foundation, ESXi, Fusion and Workstation platforms could pave the way for hypervisor takeover in virtual environments – and a patch is still pending for some users. The issue affects a wide swath of the virtualization specialist’s portfolio and affects...

9.8CVSS9.2AI score0.99999EPSS
Exploits11References10
ThreatPost
ThreatPost
added 2021/12/13 7:0 p.m.72 views

Where the Latest Log4Shell Attacks Are Coming From

Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution RCE flaw CVE-2021-44228 in the Apache Log4j tool, discovered just days ago. Now under active exploit, the “Log4Shell” bug allows complete server takeover. Researche...

10CVSS9.8AI score0.99999EPSS
Exploits354References10
ThreatPost
ThreatPost
added 2021/07/23 4:24 p.m.72 views

FIN7 Liquor Lure Compromises Law Firm with Backdoor

Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoade...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/07/21 3:19 p.m.72 views

Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows

Kubernetes clusters are being attacked via misconfigured Argo Workflows instances, security researchers are warning. Argo Workflows is an open-source, container-native workflow engine for orchestrating parallel jobs on Kubernetes – to speed up processing time for compute-intensive jobs like machi...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/07/14 4:18 p.m.72 views

Trickbot Malware Rebounds with Virtual-Desktop Espionage Module

The Trickbot trojan is in resurgence mode, with its operators filling out infrastructure globally and releasing an updated version of its “vncDll” module, used for monitoring and intelligence gathering, researchers said. According to an analysis this week from Bitdefender, there has been “a...

6.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/07/10 1:0 p.m.72 views

Cyber Polygon 2021

On June 9, 2021, the III annual international online training event Cyber Polygon took place. It connects various global organisations to train their competencies, exchange best practices and bring tangible results to the world community. 200 organizations from 48 countries tested their skills in...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/09 5:42 p.m.72 views

Microsoft Office Users Face Malware-Protection Bypass

Legacy users of Microsoft Excel are being targeted in a malware campaign that uses a novel malware-obfuscation technique to disable Office defenses and deliver the Zloader trojan. The attack, according to research published Thursday by McAfee, marries functions in Microsoft Office Word and Excel ...

6.9AI score
Exploits0References5
Total number of security vulnerabilities5000