Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/07/26 9:8 p.m.70 views

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn

The Babuk ransomware gang’s new rebrand isn’t going so well. It seems the cybercriminal group has been a victim of a ransomware attack of its own. Babuk’s latest endeavor, a Dark Web ransomware forum called RAMP, was crippled by a spammer over the weekend who overloaded the site with same-sex...

6.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/07/22 8:53 p.m.70 views

Phish Swims Past Email Security with Milanote Pages

The Milanote app, billed as the “Evernote for creatives” by reviewers, has attracted the notice of cybercriminals who are abusing it to carry out credential-stealing campaigns that skate past secure email gateways SEGs, researchers said. Milanote is a tool for organizing and collaborating on...

6.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/07/10 1:0 p.m.70 views

Cyber Polygon 2021

On June 9, 2021, the III annual international online training event Cyber Polygon took place. It connects various global organisations to train their competencies, exchange best practices and bring tangible results to the world community. 200 organizations from 48 countries tested their skills in...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/17 12:50 p.m.70 views

Akamai’s DDoS Mitigation Service Triggers Outages

UPDATE Major financial institutions, airlines and the Hong Kong stock exchange were knocked offline by a backfiring distributed denial-of-service DDoS mitigation service Thursday. The hour-long outage, which was triggered at approximately 1 a.m. EST Thursday, is tied to Akamai Technology’s...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/06/16 6:1 p.m.70 views

Exclusive Ransomware Poll: 80% of Victims Don’t Pay Up

Ransomware is on the rise, but what toll does it take on the real world? Threatpost set out to answer that question in an exclusive poll aimed at taking the pulse of organizations wrestling with attacks, including looking at mitigations and the defenses organizations have in place. When viewed...

7.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/05/21 6:25 p.m.70 views

Building SIEM for Today’s Threat Landscape

It’s easy to see how the changing security landscape has shaped the evolution of the security information and event management SIEM practice area — and how it continues to. But architecting an effective SIEM approach requires a well-thought-out strategy. A combination of security information...

6.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/04/16 7:19 p.m.70 views

iOS Kids Game Morphs into Underground Crypto Casino

A kids’ game called “Jungle Run” that, until recently, was available in the Apple App store, was secretly a cryptocurrency-funded casino set up to scam people out of money. Join experts from Digital Shadows Austin Merritt, Malwarebytes Adam Kujawa and Sift Kevin Lee to find out how cybercrime...

6.7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/01/26 10:11 p.m.70 views

Nvidia Squashes High-Severity Jetson DoS Flaw

Nvidia has patched three vulnerabilities affecting its Jetson lineup, which is a series of embedded computing boards designed for machine-learning applications, in things like autonomous robots, drones and more. A successful exploit could potentially cripple any such gadgets leveraging the affect...

7.2CVSS7.1AI score0.01777EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/01/03 3:0 p.m.70 views

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud

After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and application monitoring will top the list of CISO budget and cybersecurity priorities. According to experts, these are just a few of the themes to dominate the ye...

7.2AI score
Exploits0References21
ThreatPost
ThreatPost
added 2020/11/16 10:9 p.m.70 views

Dating Site Bumble Leaves Swipes Unsecured for 100M Users

After a taking closer look at the code for popular dating site and app Bumble, where women typically initiate the conversation, Independent Security Evaluators researcher Sanjana Sarda found concerning API vulnerabilities. These not only allowed her to bypass paying for Bumble Boost premium...

7.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/09/28 7:9 p.m.70 views

Mac, Linux Users Now Targeted by FinSpy Variants

The FinSpy commercial spyware is back in recently observed campaigns against organizations and activists in Egypt. While the spyware previously targeted Windows, iOS and Android users, researchers have discovered these campaigns using new variants that target macOS and Linux users. FinSpy is a...

7.2CVSS0.8AI score0.05088EPSS
Exploits14References8
ThreatPost
ThreatPost
added 2020/08/13 10:3 p.m.70 views

NSA, FBI Warn of Linux Malware Used in Espionage Attacks

UPDATE The U.S. government is warning of new malware, dubbed Drovorub, that targets Linux systems. It also claims the malware was developed for a Russian military unit in order to carry out cyber-espionage operations. The malware, Drovorub, comes with a multitude of espionage capabilities,...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/06/03 8:37 p.m.70 views

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...

7.5CVSS0.9AI score0.55008EPSS
Exploits10References10
ThreatPost
ThreatPost
added 2020/05/14 3:53 p.m.70 views

Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders

Microsoft has announced the first testable version of DNS-Over-HTTPS DoH support, available for its Windows 10 operating system. Support for the DoH protocol, which Microsoft first announced in November, is available in the Windows 10 Insider Preview Build 19628. This is accessible for members of...

6.9AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/05/14 12:38 p.m.70 views

BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks

Business email compromise BEC attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitaliz...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/04/16 9:51 p.m.70 views

Poorly Secured Docker Image Comes Under Rapid Attack

In a vivid example of why cloud infrastructure needs strong security, a simple Docker container honeypot was used for four different criminal campaigns in the span of 24 hours, in a recent lab test. Akamai security researcher Larry Cashdollar set up the Docker image to see what kind of notice it...

7.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/20 1:27 p.m.70 views

New Mirai Variant 'Mukashi' Targets Zyxel NAS Devices

Another variant of the shape-shifting Mirai botnet is attacking Zyxel network-attached storage NAS devices using a critical vulnerability that was only recently discovered, according to security researchers. The variant, dubbed Mukashi, takes advantage of a pre-authentication command injection...

10CVSS10AI score0.99988EPSS
Exploits2References22
ThreatPost
ThreatPost
added 2020/03/19 3:50 p.m.70 views

Cisco Warns of High-Severity SD-WAN Flaws

Cisco Systems has fixed three high-severity vulnerabilities in its software-defined networking for wide-area network SD-WAN solutions for business users. If exploited, the flaws could enable bad actors to execute commands with root privileges on affected systems. To exploit the vulnerabilities...

7.2CVSS3AI score0.00727EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2020/02/28 8:6 p.m.70 views

Bruce Schneier Proposes 'Hacking Society' for a Better Tomorrow

SAN FRANCISCO – Cybersecurity experts have long stayed in their problem-solving lane when it comes to finding vulnerabilities, patching bugs and keeping networks safe. But maybe it is time they applied their defensive skillsets and adversarial understanding of cyberthreats to help solve some of...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/12/27 2:0 p.m.70 views

Facebook Security Debacles: 2019 Year in Review

Facebook Security: 2019 Year in Review Facebook spent the past year both trying to deal with the consequences of the Cambridge Analytica scandal that rocked its public relations in 2018, as well as other issues afflicting the social media platform – from data security challenges to political...

0.2AI score
Exploits0References27
ThreatPost
ThreatPost
added 2019/11/25 4:35 p.m.70 views

PoS Malware Exposes Customer Data of Catch Restaurants

Popular NYC restaurants Catch NYC, Catch Roof and Catch Steak discovered and removed malware on their point-of-sale PoS systems — but not before it exposed credit-card information from unknowing diners. Catch Hospitality Group, which owns the three NYC hotspots, said in a data-breach notice this...

6.9AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/11/19 4:27 p.m.70 views

Fake 'Windows Update' Installs Cyborg Ransomware

A malicious spam campaign that informs victims it contains a “critical Windows update” instead leads to the installation of Cyborg ransomware, researchers have found. Further, they were able to access its builder, which can be used to create malware variants. The email-based threat, discovered...

Exploits0References5
ThreatPost
ThreatPost
added 2019/11/07 3:32 p.m.70 views

Gamers Hit with Nvidia GPU Driver, GeForce Flaws

Nvidia has issued fixes for high-severity flaws in two popular gaming products, including its graphics driver for Windows and GeForce Experience. The flaws can be exploited to launch an array of malicious attacks – from denial-of-service efforts DoS to escalation of privileges. The majority of th...

1.2AI score0.00546EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/16 1:0 p.m.70 views

Podcast: Departing Employees Could Mean Departing Data

With so many malicious adversaries trying to penetrate companies’ networks, companies are forgetting to watch out for a dangerous threat from within their own ranks – insider threats. Threatpost talks to Tim Bandos, vice president of cybersecurity at Digital Guardian, about the top types of insid...

6.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/10/08 8:55 p.m.70 views

Intimate Details on Healthcare Workers Exposed as Cloud Security Lags

Yet another non-password protected cloud database has come to light, this time exposing a raft of highly personal information on healthcare workers and traveling nurses – including drug tests and arrest records. The incident showcases the unfortunate reality that cloud data security remains a...

Exploits0References7
ThreatPost
ThreatPost
added 2019/09/16 5:48 p.m.70 views

Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs

More than a hundred vulnerabilities have been found in small office/home office SOHO routers and network-attached storage devices NAS from vendors that include Asus, Zyxel, Lenovo, Netgear and other top names, which open them up to remote attackers. That’s according to Independent Security...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/03 4:20 p.m.70 views

WordPress Plugins Anchor Widespread Malvertising, Rogue Backdoor Campaign

A malvertising campaign redirecting website visitors and surfacing popups is plaguing the WordPress ecosystem, according to researchers, using known vulnerabilities in WordPress plugins as the attack vector. The campaign has been ongoing all summer, with cybercrooks bent on redirecting website...

6.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/08/08 2:33 p.m.70 views

Researchers Bypass Apple FaceID Using Biometrics 'Achilles Heel'

LAS VEGAS – Vulnerabilities have been uncovered in the authentication process of biometrics technology that could allow bad actors to bypass various facial recognition applications – including Apple’s FaceID. But there is a catch. Doing so requires the victim to be out cold. Researchers on...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/05 5:39 p.m.70 views

Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections

An odd botnet has been spotted targeting Fiberhome routers, in a quest to add 200 of them per day to its botnet web. That’s a low number in the world of botnets, according to 360 Netlab researchers, which observed a previously unknown malware strain called Gwmndy after the attackers’ domain name...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/07/31 1:0 p.m.70 views

Black Hat USA 2019 Preview

Las Vegas – Despite bizarre reports of a grasshopper infestation, Black Hat USA 2019 and DEF CON are set to kick off next week in Las Vegas, bringing on a wave of sessions, keynotes and security-themed villages. The Threatpost team, which will be on the frontlines of next week’s shows, discuss wh...

6.6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/06/03 12:28 p.m.70 views

MacOS Zero Day Allows Trusted Apps to Run Malicious Code

A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code. macOS researcher Patrick Wardle revealed the...

0.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/05/03 2:58 p.m.70 views

Retefe Banking Trojan Resurfaces, Says Goodbye to Tor

The Retefe banking trojan resurfaced in April after going dormant for months, with a makeover that includes a move away from Tor to secure its communications as well as the abuse of a legitimate shareware application. Retefe has always stood out from other banking trojans, with a consistent...

Exploits0References8
ThreatPost
ThreatPost
added 2019/04/12 4:56 p.m.70 views

Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers

A Romanian duo has been convicted for infecting hundreds of thousands of computers with malware that scooped up credentials and financial information, and scamming victims out of millions of dollars. The two, Bogdan Nicolescu, 36, and Radu Miclaus, 37, were convicted by a federal jury in Ohio on...

1.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/04/10 2:10 p.m.70 views

The Anatomy of Threat Hunting: What You Need to Know and Why

No big surprise here: cybercrime will keep causing a major slowdown in the years to come as the business world proceed with digitalization. Despite implementing all traditional measures to stay protected, organizations keep falling prey to impersonation, phishing, and malware. Scary enough? What’...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/03 2:44 p.m.70 views

OceanLotus APT Uses Steganography to Shroud Payloads

The advanced persistent threat APT group OceanLotus has switched up its tactics to use steganography to cloak encrypted payloads within .png image files. Researchers said that they discovered the OceanLotus APT group – a Vietnam-linked cyber-espionage group also known as APT32 – using the tactic ...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/03/11 3:51 p.m.70 views

Facebook Alleges Two Ukrainians Scraped Data From 63K Profiles

Facebook has sued two Ukrainian men that it says used quiz apps and malicious browser extensions to scoop up private data from 63,000 platform users, and then use that data for advertising purposes. A lawsuit filed Friday by Facebook alleged that the two men, Gleb Sluchevsky and Andrey Gorbachov,...

0.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/06 2:12 p.m.70 views

Modern Cybercrime: It Takes a Village

LAS VEGAS – Contrary to the pop-culture image of the hoodie-clad lone hacker with mad keyboard “skillz” siphoning off funds and making people’s lives miserable with a few lines of brilliant code, increasingly cybercrime “takes a village”. The true face of cybercrime today is a more democratic one...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/01/23 4:34 p.m.70 views

6 Signs of Successful Threat Hunting

When a threat hunting program is established by an organization, their goal is to proactively hunt threats, with a focus on newer, more sophisticated attacks for which reliable signatures or indicators are not yet available. However, without an effective threat hunting program, the attacker is...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/10/21 11:21 a.m.70 views

Serious Dirty Cow Linux Vulnerability Under Attack

A nine-year-old Linux vulnerability that affects most of the major distributions has been recently used in public attacks. The flaw, nicknamed Dirty Cow because it lives in the copy-on-write COW feature in Linux, is worrisome because it can give a local attacker root privileges. While the Linux...

7.2CVSS7.5AI score0.83524EPSS
Exploits81References6
ThreatPost
ThreatPost
added 2016/08/24 8:0 a.m.70 views

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

RC4 apparently is no longer the lone pariah among smaller cryptographic ciphers. Already broken and set for deprecation by the major browser and technology makers, RC4 could shortly have company in Triple-DES 3DES and Blowfish. Researchers are set to present new attacks against 64-bit ciphers tha...

5CVSS6.8AI score0.95707EPSS
Exploits7References5
ThreatPost
ThreatPost
added 2016/07/25 1:1 p.m.70 views

Pornhub Hack Earns Researchers $22,000

A PHP vulnerability that exposed adult website PornHub’s user data to hackers and allowed for code execution on servers hosting the site, earned a trio of German researchers $22,000 as part of a bug bounty program. PHP patched the vulnerability in June. The flaw is tied to a use-after-free memory...

7.5CVSS2.1AI score0.15484EPSS
Exploits6References1
ThreatPost
ThreatPost
added 2016/05/05 8:0 a.m.70 views

Old Android Flaw Elevates Privileges, Steals SMS, Call Logs

A five-year-old Android vulnerability disclosed today affects hundreds of different device models going back to Jelly Bean 4.3. Older devices are at the greatest risk; newer devices running Android with SE Android, the OS’ implementation of Security Enhanced Linux, are at a lesser risk. The...

9.3CVSS1.5AI score0.00466EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2014/11/10 10:48 a.m.70 views

Pidgin 2.10.10 Patches SSL MiTM, DoS Vulnerabilities

A handful of security vulnerabilities were patched in the most recent release of the Pidgin open source instant messaging client, Pidgin 2.10.10, including a SSL/TLS certificate validation issue that could be exploited in man-in-the-middle attacks. Reported by Jacob Appelbaum of the Tor Project,...

6.4CVSS0.1AI score0.03838EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2014/09/19 2:23 p.m.70 views

New Research Refines Security Vulnerability Metrics

Adequate security metrics have seemingly been an unattainable goal, especially when it comes to software security. Too often, organizations simply rely on vulnerability counts for flaws disclosed in an operating system or popular application as a measure of its security. But too often, variables...

0.4AI score
Exploits0References1
ThreatPost
ThreatPost
added 2014/08/07 10:0 a.m.70 views

Epic Operation Kicks Off Multistage Turla APT Campaign

The Turla APT campaign has baffled researchers for months as to how its victims are compromised. Peaking during the first two months of the year, Turla has targeted municipal governments, embassies, militaries and other high-value targets worldwide, with particular concentrations in the Middle Ea...

10CVSS1.5AI score0.78581EPSS
Exploits24References6
ThreatPost
ThreatPost
added 2010/07/22 8:54 p.m.70 views

Microsoft Says No to Paying Bug Bounties

Microsoft has no plans to follow in the footsteps of Mozilla and Google and pay researchers cash rewards for the bugs that they find in Microsoft’s products. In the wake of both Mozilla and Google significantly increasing their bug bounties to the $3,000 range, there have been persistent rumors i...

9.3CVSS1AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/04/14 3:57 p.m.69 views

Feds: APTs Have Tools That Can Take Over Critical Infrastructure

Threat actors have built and are ready to deploy tools that can take over a number of widely used industrial control system ICS devices, which spells trouble for critical infrastructure providers—particularly those in the energy sector, federal agencies have warned. In a joint advisory, the...

6.1CVSS6AI score0.01349EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2022/03/31 1:22 p.m.69 views

QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug

Customers of Taiwan-based QNAP Systems are in a bit of limbo, waiting until the company releases a patch for an OpenSSL bug that the company has warned affects most of its network-attached storage NAS devices. The vulnerability can trigger an infinite loop that creates a denial-of-service DoS...

9.8CVSS8.7AI score0.87816EPSS
Exploits3References16
ThreatPost
ThreatPost
added 2021/12/14 8:23 p.m.69 views

400 Banks’ Customers Targeted with Anubis Trojan

Customers of Chase, Wells Fargo, Bank of America and Capital One, along with nearly 400 other financial institutions, are being targeted by a malicious app disguised to look like the official account management platform for French telecom company Orange S.A. Researchers say this is just the...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/10/14 8:38 p.m.69 views

Rickroll Grad Prank Exposes Exterity IPTV Bug

UPDATE When Township High School District 214 in Illinois got rickrolled all at once across its six different schools just before graduation, it was more than a meticulously executed senior prank. Cybersecurity star-in-the-making and recent high-school graduate Minh Duong found, and was able to...

10CVSS8.1AI score0.01611EPSS
Exploits1References6
Total number of security vulnerabilities5000