Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/06/17 8:46 p.m.68 views

Clop Raid: A Big Win in the War on Ransomware?

Yesterday’s noisy raid of the Clop ransomware gang in Ukraine was a major win according to most experts throughout the cybersecurity community, who said the moment marks a shift in the international war on ransomware. The raid, according to Ukrainian reports translated by eSpire analysts, include...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/04/15 8:9 p.m.68 views

Biden Races to Shore Up Power Grid Against Hacks

President Biden is putting the final details on a plan to encourage American electric utilities to strengthen their cybersecurity protections against hackers in the next 100 days, amid increasing cyberattacks. The White House push to boost electrical grid security comes in the wake of a report th...

7.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/04/09 3:40 p.m.68 views

Network Detection & Response: The Next Frontier in Fighting the Human Problem

Last year, Gartner published a market guide on network detection and response NDR. Formerly known as network-traffic analytics, which I’ve spoken about in the past at length, NDR has adapted to not only play a major role in helping network and security teams identify threats, but it has enabled...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/11 6:58 p.m.68 views

NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic

A spate of malicious emails with attachments delivering the NanoCore remote access trojan RAT is evading anti-malware and email scanners by abusing the .ZIPX file format. That’s according to researchers at Trustwave, who found that the campaign is effectively hiding a malicious executable by givi...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/03/08 5:4 p.m.68 views

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of...

0.2AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/03/05 5:24 p.m.68 views

Critics Blast Google’s Aim to Replace Browser Cookie with ‘FLoC’

This month Google begins a public test of a technology it says will eventually replace browser cookies in an effort to boost Chrome browser user privacy. However, critics say the switch is a half-measure and does not protect the web movements of Chrome users adequately. The Google solution–called...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/09/25 8:17 p.m.68 views

Industrial Cyberattacks Get Rarer but More Complex

Cyberattacks against the oil and gas industry inched up only slightly compared to the second half of 2019. Security experts say they are encouraged by the anemic growth, but at the same time are expressing concern that attacks are now becoming more potent, targeted and complex. According to new...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/05/19 5:0 p.m.68 views

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger

UPDATE A new Android malware family has been discovered, which targets popular messaging apps like WhatsApp and Facebook Messenger to gather intelligence on Android victims. The malware, dubbed WolfRAT, is under active development, and was recently identified in campaigns targeting Thai users...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/10 4:6 p.m.68 views

Apple App Store Riddled With Money-Sucking Fleeceware Apps

Researchers are warning iPhone users of fleeceware apps after finding more than 30 examples of them on Apple’s App Store. Fleeceware is jargon for apps that trick users into paying excessive fees for basic applications and functionality that is available free elsewhere. Many of these fleeceware...

6.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/04/10 12:18 p.m.68 views

Travelex Pays $2.3M in Bitcoin to Hackers Who Hijacked Network in January

Travelex has paid out $2.3 million in Bitcoin to hackers to regain access to its global network after a malware attack at the new year knocked the global currency exchange offline and crippled its business during the month of January. The move—reported by the Wall Street Journal—may seem...

7.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/04/06 9:49 a.m.68 views

Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?

As the coronavirus pandemic continues to worsen, remote-collaboration platforms – now fixtures in many workers’ “new normal” – are facing more scrutiny. Popular video-conferencing app Zoom may currently be in the cybersecurity hot seat, but other collaboration tools, such as Slack, Trello, WebEx...

7.5AI score
Exploits0References25
ThreatPost
ThreatPost
added 2020/04/03 12:50 p.m.68 views

Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization WHO with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure. Researchers at FortiGuard Labs on Marc...

6.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/27 2:43 p.m.68 views

Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers

An unpatched bug in the latest version of Apple’s iOS is blocking virtual private network VPN applications from cloaking some private data transmitted between a device and the servers they are requesting data from. While the bug remains unpatched, Apple is suggesting steps users can take to reduc...

7.3AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/03/06 4:53 p.m.68 views

Critical Zoho Zero-Day Flaw Disclosed

UPDATE A zero-day vulnerability has been disclosed in the IT help desk ManageEngine software made by Zoho Corp. The serious vulnerability enables an unauthenticated, remote attacker to launch attacks on affected systems. Zoho has now released a security update addressing the vulnerability. As of...

10CVSS10AI score0.99941EPSS
Exploits6References16
ThreatPost
ThreatPost
added 2020/03/05 11:29 a.m.68 views

Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates

Let’s Encrypt said it will give users of its Transport Layer Security TLS certificates more time to replace 1 million certificates that are still active and potentially affected by a Certificate Authority Authorization CAA bug before it revokes them. The popular free certificate authority had giv...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/02/20 1:26 p.m.68 views

Critical Adobe Flaws Fixed in Out-of-Band Update

Adobe has issued unscheduled patches for two critical vulnerabilities that, if exploited, enable an attacker to execute remote code on targeted devices. The two apps affected by the critical flaws are Adobe After Effects, a visual effects and motion graphics app used for post-production film maki...

10CVSS9.3AI score0.05941EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2020/02/14 6:36 p.m.69 views

Apple iPhone Users Bombarded with Bogus Dating App for Valentine's Day

A malicious email campaign aimed at iPhone owners is making the rounds this week, using a bouquet of different themes to scam victims, just in time for Valentine’s Day – including a fake dating app. The gambit begins far afield from romance however, with an email from “Nerve Renew,” claiming to...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/30 6:20 p.m.68 views

Coronavirus Campaigns Spread Emotet, Malware

As the coronavirus originating in the Wuhan province of China continues to stir widespread fears about a global public health crisis, some see an opportunity in the outbreak. A recent spate of malicious, botnet-driven emails is using the coronavirus as a theme, according to telemetry from IBM...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/06 7:24 p.m.68 views

News Wrap: Authorities Target Evil Corp., Imminent Monitor, Money Mules

In this week’s Threatpost news wrap, editors Tara Seals and Lindsey O’Donnell break down the top infosec news, including: Authorities crack down on cybercrime group Evil Corp. with sanctions and charges against its leader, known for his lavish lifestyle. The developers behind a commodity...

1.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/11/18 3:5 p.m.68 views

Pipka Card Skimmer Removes Itself After Infecting eCommerce Sites

A new JavaScript payment card skimmer, dubbed Pipka, has been identified on at least seventeen merchant websites attempting to target site visitors’ payment data. Unlike other skimmers, Pipka removes itself from the HTML code of compromised websites after exfiltrating payment card data – a...

6.6AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/04 8:16 p.m.68 views

Alexa, Siri, Google Smart Speakers Hacked Via Laser Beam

Researchers have discovered a new way to hack Alexa and Siri smart speakers merely by using a laser light beam. No physical access of the victims’ device, or owner interaction, is needed to launch the hack, which allows attackers to send voice assistants inaudible commands such as unlocking doors...

7.6AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/22 12:27 p.m.68 views

Survey Finds People are Privacy Hypocrites

Even while people remain concerned about their own privacy in the workplace and online, most still admit to violations of their coworkers’ privacy by “creeping” on PC screens and “peeking” at documents found in printer trays, a new survey has found. The survey—commissioned by HP as part of Nation...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/10/07 8:33 p.m.68 views

California Bans Deepfakes in Elections, Porn

California has passed a law that bans the use of deepfake technology in political speech, and for non-consensual use in adult content. Deepfakes are a manipulation of images and recordings, created by artificial intelligence technology, that make it appear as if an individual is doing or saying...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/08/08 2:0 p.m.68 views

Ransomware Sees Triple-Digit Spike in Corporate Detections

LAS VEGAS — As cybercriminals continue to chase the most lucrative attack vectors they can find, ransomware attacks are migrating from consumer targets to organizations, businesses, municipalities and beyond. For the first time, consumer detections have fallen below organizational infections, as ...

Exploits0References6
ThreatPost
ThreatPost
added 2019/08/07 8:31 p.m.68 views

Black Hat 2019: Ethical Hackers Must Protect Digital Human Rights

LAS VEGAS – At a time when technology is being utilized for human-rights abuses, the security space needs to turn its focus to public interest defense technology, security stalwarts urged during Black Hat USA 2019. Security has long focused on protecting company data and providing cyber-defense f...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/08 8:18 p.m.68 views

Airbnb Superhost Secretly Recorded Guests with Hidden Bedroom Camera

An Airbnb “superhost” in China has been arrested after a guest staying in his house found a hidden camera recording her in the bedroom. The guest, an unnamed woman who was staying in the Airbnb in eastern China last week, said she discovered the camera after spotting a light that looked unusual i...

6.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/05/08 4:3 p.m.68 views

Google Touts Android Q's New Security Update Process and Better Privacy Controls for Apps

Google said its next-generation mobile operating system, Android Q, revamps the way it delivers direct over-the-air updates and will bolster individual app privacy controls. Google detailed Android Q 10.0 at the Google I/O 2019 developer conference on Tuesday. There it touted almost 50 changes to...

7.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/01 5:45 p.m.68 views

Google Warns of Growing Android Attack Vector: Backdoored SDKs and Pre-Installed Apps

Google is reporting an uptick in efforts by bad actors to plant potentially harmful applications PHAs on Android devices via pre-installed apps and by bundling them with system updates delivered over the air. The technique is especially troubling, Google said, because PHAs are often malicious and...

0.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/08/09 5:38 p.m.68 views

Black Hat 2018: Widespread Critical Flaws Found in Smart-City Gear

Smart-city technology continues to roll out in municipalities worldwide – everything from automated alerts about weather hazards and traffic issues to smart lighting and connected trash systems. However, like the rest of the Internet of Things IoT ecosystem, security is always a concern, as...

10CVSS0.4AI score0.02346EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2018/06/05 6:24 p.m.68 views

Drupalgeddon 2.0 Still Haunting 115K+ Sites

More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago. When it was first revealed, the bug, which has been dubbed Drupalgeddon 2.0, impacted an estimated 1+ million sites running Drupal – including major U.S. educational...

7.5CVSS0.99993EPSS
Exploits46References11
ThreatPost
ThreatPost
added 2018/05/10 3:37 p.m.68 views

Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked

Multiple operating system vendors issued coordinated patches this week to address a common vulnerability across their platforms, which was introduced thanks to widespread misinterpretation of Intel developer documentation. According to the CERT/CC team, most major players including Apple, FreeBSD...

7.2CVSS6.9AI score0.18262EPSS
Exploits9References8
ThreatPost
ThreatPost
added 2017/06/14 8:50 a.m.68 views

Rare XP Patches Fix Three Remaining Leaked NSA Exploits

The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak. The worst of the bunch, an attack called ExplodingCan CVE-2017-7269, targets older versions of...

10CVSS8.1AI score0.99823EPSS
Exploits46References14
ThreatPost
ThreatPost
added 2016/10/21 10:1 a.m.68 views

DYN Confirms DDoS Attack Knocking Out Twitter, Spotify Other Major Sites

Update DNS provider Dyn has confirmed two massive distributed denial of service attacks against its servers Friday impacting many of its customers including Twitter, Spotify and GitHub. The attacks came in two waves, one early Friday morning and a second just a few hours later. “This attack is...

0.3AI score0.99993EPSS
Exploits41References7
ThreatPost
ThreatPost
added 2014/09/09 1:17 p.m.68 views

Vulnerabilities in Android Apps That Allow Intercept of Messages, Photos Outlined

Researchers from the University of New Haven have taken to Youtube this week to publicize vulnerabilities in a dozen Android apps, including Instagram, Vine and OKCupid. Researchers at the University of New Haven’s Cyber Forensics Research and Education Group UNHcFREG have chosen to disclose the...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2013/08/08 3:28 p.m.68 views

August 2013 Microsoft Patch Tuesday Security Updates

Another month, another set of Microsoft Patch Tuesday security updates for Internet Explorer. For what seems to be the umpteenth month in a row, Microsoft will patch its browser, one of three critical updates expected to be shipped on Tuesday among eight bulletins. While IE patches remain a...

9.3CVSS9.2AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2012/05/08 1:49 p.m.68 views

Apple Fixes Serious Flaws in iOS 5.1.1

Apple has patched several serious security bugs in iOS with the release of version 5.1.1 of the mobile operating system. The most serious of the security vulnerabilities could be used for remote code execution. The highest severity vulnerability that’s fixed in iOS 5.1.1 is a WebKit flaw that can...

7.5CVSS0.8AI score0.99998EPSS
Exploits42References2
ThreatPost
ThreatPost
added 2011/09/28 6:7 p.m.68 views

Blowback: Microsoft, OnStar Pump the Brakes on Location Tracking

Redmond, Washington software giant, Microsoft, and Detroit based GM subsidiary, OnStar backtracked on policies widely seen as egregious privacy violations following lawsuits and public outcry. Here’s the news: Windows Phone Update Requires User Consent For Tracking Microsoft released their “Mango...

9.3CVSS0.99945EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2009/03/19 3:40 p.m.68 views

CanSecWest: Caution, community at play

CanSecWest, in beautiful Vancouver BC, is one of my favorite conferences each year. It’s a cozy little security con that brings together security researchers from all parts of the security ecosystem. Like a PhNeutral or a BlueHat, one never quite knows what to expect out of a CanSecWest, but we d...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2022/05/19 1:3 p.m.67 views

Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

A critical privilege escalation flaw found in two themes used by more than 90,000 WordPress sites can allow threat actors to take over the sites completely, researchers have found. WordFence Threat Intelligence Team researcher Ramuel Gall discovered the flaw, one of five vulnerabilities he found...

8.8CVSS6.2AI score0.01624EPSS
Exploits3References13
ThreatPost
ThreatPost
added 2022/04/28 1:14 p.m.67 views

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub revealed details tied to last week’s incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. “We do not believe the attacker obtained these tokens via a compromise of GitHub or its systems because the tokens in question are not stored by GitHub in thei...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2022/03/24 1:0 p.m.67 views

Top 3 Attack Trends in API Security – Podcast

In late July 2021, online retailers got hit with a jaw-dropping 2,800 percent increase in attack takeovers. Dead-set on gift card fraud via “scrape for resale” and other types of fraud, the attacks spiraled up to the rate of 700,000 attacks per day. In a separate case – of a loan application frau...

9.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/03/01 10:57 a.m.67 views

Microsoft Accounts Targeted by Russian-Themed Credential Harvesting

While legitimate concerns abound about the Russian-Ukrainian conflict sparking a far-reaching cyberwarfare conflagration around the globe, small-time crooks are also ramping up their efforts amid the crisis. Phishing emails to Microsoft users warning of Moscow-led account hacking have started to...

8.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/02/10 4:39 p.m.67 views

SAP Patches Severe ‘ICMAD’ Bugs

There’s a trio of critical vulnerabilities, fixed on Tuesday, in SAP business applications that use the ubiquitous Internet Communication Manager ICM: the component that gives SAP products the HTTPS web server they need to connect to the internet or talk to each other. The vulnerabilities,...

10CVSS9.1AI score0.97945EPSS
Exploits8References24
ThreatPost
ThreatPost
added 2022/01/26 5:52 p.m.67 views

Ubiquitous Linux Bug: ‘An Attacker’s Dream Come True’

UPDATE Every major Linux distribution has an easily exploited memory-corruption bug that’s been lurking for 12 years – a stunning revelation that’s likely to be followed soon by in-the-wild exploits, researchers warn. Successful exploitation gives full root access to any unprivileged user. The...

7.8CVSS8AI score0.94921EPSS
Exploits152References20
ThreatPost
ThreatPost
added 2021/09/14 8:5 p.m.67 views

2021’s Most Dangerous Software Weaknesses

Mitre Corp. recently updated its list of the top 25 most dangerous software bugs, and it’s little surprise that a number of them have been on that list for years. The Common Weakness Enumeration CWE list represents vulnerabilities that have been widely known for years, yet are still being coded...

7.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/08/31 3:8 p.m.67 views

QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout

On Monday, QNAP put out two security advisories about OpenSSL remote-code execution and denial-of-service DoS bugs, fixed last week, that affect its network-attached storage NAS devices. The vulnerabilities are tracked as CVE-2021-3711 – a high-severity buffer overflow related to SM2 decryption–...

10CVSS9.1AI score0.87816EPSS
Exploits1References28
ThreatPost
ThreatPost
added 2021/08/23 2:8 p.m.67 views

Attackers Actively Exploiting Realtek SDK Flaws

Threat actors zeroing in on command injection vulnerabilities reported in Realtek chipsets just days after multiple flaws were discovered in the software developers kits SDK deployed across at least 65 separate vendors. On Aug. 16 multiple Realtek vulnerabilities were disclosed by IoT Inspector...

10CVSS9.3AI score0.99861EPSS
Exploits4References9
ThreatPost
ThreatPost
added 2021/06/03 6:20 p.m.67 views

Google PPC Ads Used to Deliver Infostealers

Researchers have tracked down the origins of several increasingly prevalent info-stealers – including Redline, Taurus, Tesla and Amadey – that threat actors are delivering via pay-per-click PPC ads in Google’s search results. On Wednesday, breach prevention firm Morphisec posted an advisory in...

6.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/06/03 12:47 p.m.67 views

Exchange Servers Targeted by ‘Epsilon Red’ Malware

Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research. Researchers from security firm Sophos detected the new ransomware,...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/04/08 8:0 p.m.67 views

IcedID Banking Trojan Surges: The New Emotet?

The banking trojan known as IcedID appears to be taking the place of the recently disrupted Emotet trojan, according to researchers. IcedID a.k.a. BokBot, bears similarities to Emotet in that it’s a modular malware that started life as a banking trojan used to steal financial information...

0.1AI score
Exploits0References8
Total number of security vulnerabilities5000