15946 matches found
Covid-19 Poll Results: One in Four Prioritize Health Over Privacy
One in four respondents to a Threatpost reader poll said they were okay with sacrificing a portion of their personal privacy in exchange for some form of cellphone tracking that could – in theory – reduce coronavirus infection rates and save lives. While the majority of Threatpost readers were...
This Stalkerware Delivers Extra-Creepy Features
Researchers are sending up a red flag over the distribution of an aggressive stalkerware app called Monitor Minor. In a report released Monday, researchers said the Android version of the app gives stalkers near absolute control of targeted devices, going so far as allowing them to capture the...
DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla
A company that provides custom parts to aerospace giants Lockheed Martin, SpaceX and Boeing, has been the target of an attack by an emerging type of ransomware that can both encrypt files and exfiltrate data. Colorado-based Visser Precision said it was targeted by a “cyber incident” that involved...
Iranian APT Targets Govs With New Malware
SAN FRANCISCO – A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat APT group. The emails distributing ForeLord were uncovered as part of a...
500 Malicious Chrome Extensions Impact Millions of Users
Researchers say that 500 Google Chrome browser extensions were discovered secretly uploading private browsing data to attacker-controlled servers, and redirecting victims to malware-laced websites. The browser extensions, all of which have now been removed, were downloaded millions of times from...
Apple iPhone Users Bombarded with Bogus Dating App for Valentine's Day
A malicious email campaign aimed at iPhone owners is making the rounds this week, using a bouquet of different themes to scam victims, just in time for Valentine’s Day – including a fake dating app. The gambit begins far afield from romance however, with an email from “Nerve Renew,” claiming to...
FBI: $3.5B Lost in 2019 to Known Cyberscams, Ransomware
Cybercriminals are focusing on previously successful internet scams to defraud businesses and individuals in the United States out of more money than ever before, according to the FBI’s annual report on cybercrime. Meanwhile, ransomware continues to take a big financial toll on victims. Businesse...
Feds Cut Off Access to Billions of Breached Records with Site Takedown
The feds and international law enforcement have taken down a website that was selling access to billions of stolen personal records. The FBI and the Department of Justice said on Thursday that they, in conjunction with the Dutch police, the United Kingdom’s National Crime Agency and Germany’s...
Global Crime Ring Bilks U.S. Military Members, Vets Out of Millions
Operators of a widespread identity-theft and fraud scheme have bilked thousands of U.S. servicemembers and veterans out of millions of dollars in stolen funds and Veterans Affairs VA benefits payments. Fredrick Brown pled guilty this week, revealing that in his role as a civilian medical records...
Raccoon Malware Scavenges 100,000+ Devices to Steal Data
A new information stealer, dubbed Raccoon, is rapidly gaining popularity with cybercriminals. In just a few months, researchers say the malware has already infected hundreds of thousands of devices across the world to rove through victims’ credit card data, email credentials and more. The malware...
Three Service Account Secrets Straight from Hackers and Security Pros
Barbara Hoffman, Product Marketing Manager, Thycotic Nearly 19,000 infosec experts travel from all over the world to attend the annual Black Hat Conference. They come to share, educate and disclose their security research on the latest vulnerabilities and cyberthreats. We here at Thycotic love to...
Google Assistant Audio Privacy Controls Updated After Outcry
Google is unveiling new privacy controls for the Google Assistant virtual assistant, after the company came under fire earlier this year for eavesdropping on users’ personal audio snippets – without their permission. The tech giant on Monday promised more transparency around the audio data that i...
Millions of Android Smartphones Vulnerable to Trio of Qualcomm Bugs
UPDATE Security researchers from Tencent’s Blade Team are warning Android smartphone and tablet users of flaws in Qualcomm chipsets, called QualPwn. The bugs collectively allow hackers to compromise Android devices remotely simply by sending malicious packets over-the-air – no user interaction...
Cloud Security Concerns Loom for 93% of Businesses Adopting Apps and BYOD
With the increasing popularity of bring-your-own-device BYOD policies and public cloud offerings, enterprises are moving from on-premises applications to cloud apps – but they still lack faith in cloud security. A recent July Bitglass study found that 67 percent of respondents believe cloud apps...
Old Tech Spills Digital Dirt on Past Owners
In a test of how well businesses wipe data on old devices, Rapid7 researcher Josh Frantz purchased 85 old gadgets from businesses. In total, he paid $600 for an aging collection of old computers, flash drives, phones and hard drives. What he discovered was that despite decades of the infosec...
Google Gives Users More Choice with Location-Tracking Apps
Anyone who uses a mobile app knows how convenient the features that use location data can be, from getting turn-by-turn directions and finding nearby restaurants to fitness-tracking and weather integration. But these rich mobile “experiences” – as app developers call them – can be a double-edged...
Project Zero Discloses High-Severity Apple macOS Flaw
Researchers have disclosed what they say is a high-severity security flaw in Apple’s MacOS operating system – which has not yet been patched. The flaw gives an attacker privileges to perform malicious actions on a mounted filesystem – without the victim knowing. The Google Project Zero team...
When Cyberattacks Pack a Physical Punch
More than one in 10 data breaches now involve “physical actions,” according to a recent report. These include leveraging physical devices to aid an attack, but also hacks that involve breaking into hardware and remote attacks on physical infrastructure. The stat underscores the realities of a...
Major Container Security Flaw Threatens Cascading Attacks
runc, a building-block project for the container technologies used by many enterprises as well as public cloud providers, has patched a vulnerability that would allow root-level code-execution, container escape and access to the host filesystem. Discovered by researchers Adam Iwaniuk and Borys...
Monero: Cybercrime's Top Choice for Mining Malware
An academic analysis of cryptomining malware has determined that the Monero virtual currency XMR is “by far” the most popular cryptocurrency to mine among cybercriminals. And, it would appear that cryptomining as a criminal enterprise is unlikely to wane anytime soon. After examining approximatel...
Google Patches 11 Critical RCE Android Vulnerabilities
Remote code-execution RCE vulnerabilities dominated Google’s December Android Security Bulletin. The flaws are part of a total of 53 unique bugs patched by the Android security team, with a total number of 11 critical bugs – six of which are RCE flaws tied to the operating system’s Media Framewor...
Critical Flaws in Syringe Pump, Device Gateways Threaten Patient Safety
Two previously undocumented, critical vulnerabilities in widely deployed medical devices have sparked patient-safety and data-privacy concerns. Flaws in the Qualcomm Life Capsule Datacaptor Terminal Server and the Becton Dickinson BD Alaris TIVA Syringe Pump have been acknowledged by the vendors...
Google Patches Critical 'Broadpwn' Bug in July Security Update
Google released a security patch Wednesday that addresses a critical vulnerability dubbed “Broadpwn” found in millions of Android devices that could allow remote attackers to execute code on targeted devices. The so-called Broadpwn bug is tied to a vulnerability in Broadcom’s BCM43xx family of Wi...
Apache Attack Traffic Dropping, Limited to Few Sources
Malicious traffic stemming from exploits against the Apache Struts 2 vulnerability disclosed and patched this week has tapered off since Wednesday. Researchers at Rapid7 published an analysis of data collected from its honeypots situated on five major cloud providers and a number of private...
Patching Bash Vulnerability a Challenge for ICS, SCADA
While the most urgent focus where the Bash vulnerability is concerned is around Internet-facing web servers, embedded systems and industrial control systems are not exempt from worry. Experts are concerned about Linux-based industrial control systems and SCADA equipment, in particular, that may b...
Bash Botnet Exploit Found, Bash Patches Incomplete
The urgency to patch systems against the Bash zero-day vulnerability has been cranked to 10 after reports of an exploit in the wild have been made public by AusCERT, the Computer Emergency Response Team of Australia. This seems to reflect a similar finding posted by a researcher who goes by the...
Mixed Reviews on Microsoft myBulletins Patch Service
Microsoft today released its new myBulletins service, an interface where IT administrators can customize security patch update information. While providing users with a slick GUI that allows for extensive filtering of patch information by the products in use inside an enterprise or small company,...
Microsoft to Give Security Guidelines for Agile
Microsoft will release on Tuesday guidelines for developers building online applications and for those using the Agile code-development process. The Agile guidelines apply principles from Microsoft’s Security Development Lifecycle SDL to Agile, an umbrella term for a development model frequently...
Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code
Footage of opposition leaders calling for the assassination of Iran’s Supreme Leader ran on several of the nation’s state-run TV channels in late January after a state-sponsored cyber-attack on Iranian state broadcaster IRIB. The incident – one of a series of politically motivated attacks in Iran...
PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE
Tens of thousands of WordPress sites are at risk from critical vulnerabilities in a widely used plug-in that facilitates the use of PHP code on a site. One of the bugs allows any authenticated user of any level – even subscribers and customers – to execute code that can completely take over a sit...
HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform
Hewlett Packard Enterprise HPE is warning a vulnerability in Sudo, an open-source program used within its Aruba AirWave management platform, could allow any unprivileged and unauthenticated local user to gain root privileges on a vulnerable host. Rated high in severity, HPE warns the Sudo flaw...
Phish Swims Past Email Security with Milanote Pages
The Milanote app, billed as the “Evernote for creatives” by reviewers, has attracted the notice of cybercriminals who are abusing it to carry out credential-stealing campaigns that skate past secure email gateways SEGs, researchers said. Milanote is a tool for organizing and collaborating on...
Cyber Polygon 2021
On June 9, 2021, the III annual international online training event Cyber Polygon took place. It connects various global organisations to train their competencies, exchange best practices and bring tangible results to the world community. 200 organizations from 48 countries tested their skills in...
DOJ: Creep Coach Finagles Nude Athlete Photos
A former track-and-field coach who worked at several universities has been arrested and is facing up to five years in prison for attempting to solicit nude photos of his athletes through sham social-media accounts and cyberstalking. The Department of Justice alleged that Steve Waithe, while...
Network Detection & Response: The Next Frontier in Fighting the Human Problem
Last year, Gartner published a market guide on network detection and response NDR. Formerly known as network-traffic analytics, which I’ve spoken about in the past at length, NDR has adapted to not only play a major role in helping network and security teams identify threats, but it has enabled...
Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut
Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, researchers have found. This is largely driven by cybercriminals who sell access to what they call “clouds of logs,” which are caches of stolen...
IBM Settles Lawsuit Over Weather Channel App Data Privacy
IBM, the owner of the Weather Channel mobile app, has reached a settlement with the Los Angeles city attorney’s office after a 2019 lawsuit alleged that the app was deceiving its users in how it was using their geolocation data. The 2019 lawsuit claimed, the app’s permission prompt for users to...
Black Hat 2020: Open-Source AI to Spur Wave of 'Synthetic Media' Attacks
An abundance of deep-learning and open-source technologies are making it easy for cybercriminals to generate fake images, text and audio called “synthetic media”. This type of media can be easily leveraged on Facebook, Twitter and other social media platforms to launch disinformation campaigns wi...
BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks
Business email compromise BEC attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitaliz...
FIN6 and TrickBot Combine Forces in 'Anchor' Attacks
Researchers say, two cybercriminal groups, FIN6 and the operators of the TrickBot malware, have paired up together to target several organizations with TrickBot’s malware framework called “Anchor.” The two threat groups joining forces is a “new and dangerous twist” in an existing trend of...
Cloud Providers, CDNs Team Up to Battle Internet Routing Attacks
A group of tech giants – including Akamai, Amazon Web Services, Cloudflare, Facebook, Google, Microsoft and Netflix – are banding together to battle route hijacking, route leaks and IP address-spoofing attacks targeting internet users. They’re coming together under a program was introduced this...
Bruce Schneier Proposes 'Hacking Society' for a Better Tomorrow
SAN FRANCISCO – Cybersecurity experts have long stayed in their problem-solving lane when it comes to finding vulnerabilities, patching bugs and keeping networks safe. But maybe it is time they applied their defensive skillsets and adversarial understanding of cyberthreats to help solve some of...
Amazon Fixes Ring Video Doorbell Flaw That Leaked Wi-Fi Credentials
UPDATE Amazon has patched a vulnerability in its Ring smart doorbell device that could allow attackers to access the owner’s Wi-Fi network credentials and potentially reconfigure the device to launch an attack on the home network, researchers have found. Researchers discovered the problem in...
Murky Details Surround Bed, Bath and Beyond Breach
Housewares and home furnishings purveyor Bed, Bath and Beyond has disclosed a data-thieving cyber attack that allowed the adversaries to access customers’ online accounts. According to a Tuesday SEC filing, the company “discovered that a third party acquired email and password information from a...
Apple Removes 17 Malicious iOS Apps From App Store
Researchers have uncovered 17 apps on Apple’s official App Store infected with malware. Apple has since removed the apps from the App Store – but a “significant” number of iOS users could have installed them, researchers said. Once downloaded, the malicious apps infect victims with a trojan...
IoT Security Challenges in a 5G Era: Expert Advice
When it comes to what we can expect with 5G mobile networks, they promise a more IoT friendly ecosystem, with vast improvements over the current capabilities of the 4G. Providing ultra low-latency and exponentially faster throughput along with sensors that will boast a 10-year battery life 5G pav...
4 Dating Apps Pinpoint Users' Precise Locations – and Leak the Data
Four popular dating apps that together can claim 10 million users have been found to leak precise locations of their members. “By simply knowing a person’s username we can track them from home, to work,” explained Alex Lomas, researcher at Pen Test Partners, in a blog on Sunday. “We can find out...
Microsoft Lab Offers $300K For Working Azure Exploits
Las Vegas – In an attempt to sniff out bugs in its Azure cloud platform, Microsoft announced at Black Hat USA 2019 on Monday that it will offer rewards of up to $300,000 for researchers who launch successful test exploits for the platform. Microsoft has launched a dedicated Azure cloud host testi...
SAS 2019 to Tackle APTs, Supply Chains and More
Kaspersky Lab’s Security Analyst Summit kicks off in Singapore next week, where elite researchers, top cybersecurity firms and global law-enforcement agencies will discuss today’s biggest cybersecurity threats and how best to squash them. This year marks the first time the global security...
Fin7 Ramps Up Campaigns With Two Fresh Malware Samples
Despite the arrest of several Fin7 members in 2018, the cybercrime group has ramped up its efforts in a series of widespread campaigns hitting businesses with two never-before-seen malware samples. Researchers with Flashpoint said Wednesday that they have discovered a new administrative panel and...