Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/12/16 4:16 p.m.67 views

Sextortionist Campaign Targets iOS, Android Users with New Spyware

New spyware is targeting iOS and Android frequenters of adult mobile sites by posing as a secure messaging application in yet another twist on sextortionist scams. The spyware, dubbed Goontact, targets users of escort-service sites and other sex-oriented services – particularly in Chinese-speakin...

6.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/12/14 8:45 p.m.67 views

Spotify Changes Passwords After Another Data Breach

Spotify has alerted users that some of their registration data was inadvertently exposed to a third-party business partner, including emails addresses, preferred display names, passwords, gender and dates of birth. This is at least the third breach in less than a month for the world’s largest...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/03 5:23 p.m.67 views

Two Chrome Browser Updates Plug Holes Actively Targeted by Exploits

Flaws in Google’s Chrome desktop and Android-based browsers were patched Monday in an effort to prevent known exploits from being used by attackers. Two separate security bulletins issued by Google warned that it is aware of reports that exploits for both exist in the wild. Google’s Project Zero...

7.5CVSS9.1AI score0.9927EPSS
Exploits24References12
ThreatPost
ThreatPost
added 2020/09/30 9:29 p.m.67 views

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks

An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services without entering a...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/06/15 7:11 p.m.67 views

WFH Alert: Critical Bug Found in Old D-Link Router Models

D-Link is urging customers to replace its now obsolete line of DIR-865L Wireless Routers in reaction to a recently discovered critical command-injection bug that leaves users open to a denial-of-service attack. The routers, first introduced in 2013, reached end-of-life support in Feb. 2016. In Au...

7.5CVSS9AI score0.27057EPSS
Exploits3References11
ThreatPost
ThreatPost
added 2020/05/08 1:0 p.m.67 views

Podcast: Shifting Cloud Security Left With Infrastructure-as-Code

Companies are increasingly dealing with a slew of security and compliance issues across cloud services and containers – from AWS to Azure to Google Cloud. Infrastructure-as-Code IaC security capabilities can help companies shift their cloud security “left” to improve developer productivity, avoid...

0.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/05/07 4:43 p.m.67 views

Zoom Beefs Up End-to-End Encryption to Thwart 'Zoombombers'

Video calling platform Zoom is boosting its security profile via the acquisition of a small startup called Keybase. The 25-person, New York-based company will provide more robust encryption for Zoom calls on paid subscriptions by implementing an end-to-end architecture. “Logged-in users will...

6.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/02/27 10:59 p.m.67 views

Google’s War on Android App Permissions, 60 Percent Successful

Overzealous Android apps that needlessly ask for permissions to handset resources such as contact lists and location data are not only obnoxious, but also potential privacy threats. To address this hot-button issue with Android users Google implemented a strict permission policy designed to curb...

6.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/02/24 9:49 p.m.67 views

Apple Takes Heat Over 'Vulnerable' iOS Cut-and-Paste Data

Any cut-and-paste data temporarily stored to an iPhone or iPad’s memory can be accessed by all apps installed on the specific device – even malicious ones. That data can then reveal private information such as a user’s GPS coordinates, passwords, banking data or a spreadsheet copied into an email...

6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/02/21 5:29 p.m.67 views

Burning Man Tickets for $225? Yep, Too Good to Be True

Burning Man aficionados anxious to get their tickets squared away for the 2020 “experience” should beware: Fake concert organizers are offering passes in what researchers say is a very convincing and sophisticated scam effort. Burning Man, which bills itself as a “vibrant participatory metropolis...

Exploits0References4
ThreatPost
ThreatPost
added 2020/02/04 9:59 p.m.67 views

Ransomware Attack Hinders Toll Group Operations

Australian transportation and logistics giant Toll Group said a ransomware attack is to blame for several key services being debilitated and delivery operations being delayed over the past week. Toll Group, a subsidiary of Japan Post Holdings, is a freight and delivery service company operating...

0.4AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/01/30 9:49 p.m.67 views

200K WordPress Sites Vulnerable to Plugin Flaw

A high-severity vulnerability exists in a popular WordPress plugin, potentially opening up 200,000 websites to takeover. The WordPress plugin in question in Code Snippets, which allows users to run small chunks of PHP code on their websites. This can be used to extend the functionality of the...

6.8CVSS0.7AI score0.11905EPSS
Exploits2References6
ThreatPost
ThreatPost
added 2020/01/14 9:0 p.m.67 views

Intel Fixes High-Severity Flaw in Performance Analysis Tool

Intel is warning of a high-severity vulnerability in its performance analysis tool called Intel VTune Profiler. If exploited the flaw allows an adversary to perform a privilege escalation attack, giving them elevated and unauthorized system access to a targeted system. The VTune Profiler, formerl...

4.6CVSS7.2AI score0.0552EPSS
Exploits1References19
ThreatPost
ThreatPost
added 2019/12/13 2:51 p.m.67 views

FIN8 Targets Card Data at Fuel Pumps

The notorious FIN8 cybercrime group has a new target when it comes to skimming payment-card details from consumers: Point-of-sale PoS systems used at fuel pumps at gas stations. Visa warned this week in a public alert posted online that its Payment Fraud Disruption PFD department has seen at leas...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/12/04 6:10 p.m.67 views

Iran Targets Mideast Oil with ZeroCleare Wiper Malware

A freshly-discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services IRIS, ZeroCleare so-named because of the program database pathname of its binary file was...

1.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/12/03 2:0 p.m.67 views

Supply Chain Account Takeover: How Criminals Exploit Third-Party Access

Empower Your Suppliers Against Attack The average business shares data with a complex network of third parties, depending on their operational needs. In a survey of security and risk professionals, Forrester learned that the average business has 4,700 third-party partners with some access to...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/25 10:36 p.m.68 views

TrickBot Evolves to Go After SSH Keys

The TrickBot info-stealing malware has updated its password grabber to target data from OpenSSH and OpenVPN applications. OpenSSH is a connectivity tool for remote login with the SSH protocol; it encrypts all traffic to eliminate eavesdropping. OpenVPN meanwhile is used for secure private...

1.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/10/31 1:11 p.m.67 views

Fake Voicemail/Office 365 Attack Targets Enterprise Execs

A phishing campaign is making the rounds that uses fake voicemail messages to lure victims into revealing their Office 365 email credentials. The targets are “high-profile companies,” according to researchers, mainly in the tourism, entertainment and real-estate industries. A wide range of...

0.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/09/25 2:52 p.m.67 views

Cybercrooks Target U.S. Veterans with Fake Hiring Website

Researchers are warning that a fake website – purporting to help U.S. military veterans search for jobs — actually links to installers that download malware onto victims’ systems. The website spoofs a legitimate website for U.S. military veterans offered by the U.S. Chamber of Commerce...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/18 1:0 p.m.67 views

New! RFP Template for Selecting EDR/EPP and APT Security

Once upon a time, only big organizations worried about Advanced Persistent Threats. But it soon became obvious that every organization could find itself under fire, regardless of size or industry, and whether as direct targets or collateral damage. Most security decision makers in these...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/30 2:7 p.m.67 views

News Wrap: Dentist Offices Hit By Ransomware, Venmo Faces Privacy Firestorm

In this week’s news wrap podcast, editor Lindsey O’Donnell and Tara Seals break down the top news of the week – from ransomware attacks to companies responding to outcry over privacy issues. Top stories include: Ring announced it is working with more than 400 US police departments to streamline...

6.7AI score
Exploits0References16
ThreatPost
ThreatPost
added 2019/08/19 1:38 p.m.67 views

Coordinated Ransomware Attack Hits 23 Texas Government Agencies

UPDATE Up to 22 Texas entities – the majority of which are local governments – were hit by a ransomware attack on Friday that Texas officials say is part of a targeted attack launched by a single threat actor. Details remain scant about the specific agencies hit by the ransomware attacks, which...

0.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/08/06 8:25 p.m.67 views

Democrats and Doctors Behind Latest Wave of Leaked Data

Data leakage via misconfigured Amazon storage buckets struck twice in the past few weeks. In July, almost 14,000 documents detailing patient social security numbers and medical data – such as mental illness or cancer – was exposed in a misconfigured storage bucket owned by healthcare vendor Medic...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/04/24 12:56 p.m.67 views

Facial Recognition is Here: But Are We Ready?

When MacKenzie Fegan was boarding her morning flight to Mexico City last Wednesday, she noticed something odd at her gate at the JFK International Airport. Instead of a JetBlue employee scanning her boarding pass or taking a look at her passport, she – and other passengers at the gate – was...

6.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/03/28 4:12 p.m.67 views

Lazarus Group Widens Tactics in Cryptocurrency Attacks

North Korea-linked APT Lazarus Group has been spotted targeting the cryptocurrency business again, adding Apple users to the mix by using PowerShell scripts to control macOS malware, and honing its Windows strategy. The campaign has been active since at least November 2018, according to an analys...

6.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/07/23 6:27 p.m.67 views

New Spectre-Level Flaw Targets Return Stack Buffer

Researchers have discovered yet another speculative execution side-channel flaw enabling attackers to access sensitive data at the CPU level. The new Spectre-class exploit, dubbed SpectreRSB, was detailed by researchers from the University of California at Riverside in a research paper on Friday...

4.7CVSS6.8AI score0.74041EPSS
Exploits9References6
ThreatPost
ThreatPost
added 2018/01/07 11:21 p.m.67 views

Experts Weigh In On Spectre Patch Challenges

The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices. Currently, vendors are focused on three main mitigation efforts. Patches that address the...

4.7CVSS7.2AI score0.93838EPSS
Exploits13References7
ThreatPost
ThreatPost
added 2017/03/28 5:12 p.m.67 views

Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group

Microsoft has released technical details on a zero-day vulnerability being exploited by a little-known APT group known as Zirconium. According to the company the vulnerability CVE-2017-0005 affects mostly older versions of Windows and can allow an adversary to execute remote code if a user either...

6.9CVSS0.1AI score0.821EPSS
Exploits2References6
ThreatPost
ThreatPost
added 2014/10/14 6:11 a.m.67 views

Sandworm APT Team Found Using Windows Zero Day Vulnerability

UPDATE–A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe. The vulnerability, which will be patched today by Microsoft, is...

9.3CVSS0.2AI score0.81628EPSS
Exploits22References5
ThreatPost
ThreatPost
added 2014/09/16 5:25 p.m.67 views

Archie Exploit Kit Spotted Leveraging Adobe, Silverlight Vulnerabilities

A relatively new exploit kit that borrows modules copied from the Metasploit Framework and exploits any older versions of Adobe Flash, Reader and, Silverlight the user may be using has begun to make the rounds. Jaime Blasco, the director of AlienVault Labs dug deeper into kit, known as Archie, on...

10CVSS0.2AI score0.99883EPSS
Exploits33References9
ThreatPost
ThreatPost
added 2014/06/20 9:28 a.m.67 views

Supermicro IPMI BMCs plaintext passwords exposed

Much has been written about the insecurity of the IPMI protocol present inside embedded baseboard management controllers BMCs. Serious vulnerabilities can be exploited to gain remote control over big servers running BMCs, in particular in hosting environments where the controllers help admins wit...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2014/04/16 12:32 p.m.67 views

April 2014 Oracle Critical Patch Update

Software maker and database management company Oracle yesterday released its quarterly Critical Patch Update. The release resolves more than 100 security vulnerabilities, many of which received high common vulnerability scoring system base scores and should be applied as soon as possible. Product...

5CVSS0.4AI score0.99999EPSS
Exploits88References5
ThreatPost
ThreatPost
added 2014/03/19 12:12 p.m.67 views

Exploits for Two-Year-Old PHP Security Vulnerability Found

Close to two years ago, a serious vulnerability in PHP was accidentally disclosed after it was discovered months prior during a hacking contest. A patch was released in relatively short order, and one would assume that given PHP’s prevalence as a web development framework, the fix would have been...

7.5CVSS10AI score0.99998EPSS
Exploits42References3
ThreatPost
ThreatPost
added 2013/03/01 4:34 p.m.67 views

The Java Zero-Day Procession Continues

After a glorious 72-hour stretch without one, security researchers confirmed yesterday that they found yet another zero-day vulnerability in Oracle’s thoroughly troubled Java platform. With a little help from Hermes Bojaxhi and his team at Cyber Engineering Services, researchers from the security...

10CVSS0.9AI score0.86151EPSS
Exploits10References4
ThreatPost
ThreatPost
added 2013/01/10 3:15 p.m.67 views

Nasty New Java Zero Day Found; Exploit Kits Already Have It

UPDATE – Security experts are urging users to disable Java immediately after the discovery of another zero-day exploit that has been incorporated into the Blackhole, Redkit, Cool and Nuclear Pack exploit kits. According to a French researcher who uses the handle Kafeine, the exploits target the...

10CVSS0.3AI score0.98536EPSS
Exploits10References6
ThreatPost
ThreatPost
added 2012/12/11 6:56 p.m.67 views

Microsoft Patches Critical Remote Flaws in Word, IE and Windows

A rare critical Microsoft Word vulnerability was patched today by Microsoft, one of seven security updates pushed out repairing 11 flaws in its December security update. The Word vulnerability earned a critical rating because the Outlook email client uses Word to display documents in the Outlook...

0.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2011/12/12 3:12 p.m.67 views

Adam Shostack on Methods of Compromise, the New School and Learning

Dennis Fisher talks with Adam Shostack of Microsoft about the taxonomy he helped develop for classifying how PCs are compromised, what he would and wouldn’t change in The New School of Information Security and who he’s learned the most from. Podcast audio courtesy of sykboy65 Subscribe to the...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2010/03/31 9:11 p.m.67 views

MS Discovers Over 1,800 Office 2010 Bugs

Microsoft uncovered more than 1,800 bugs in Office 2010 by tapping into the unused computing horsepower of idling PCs. Office developers found the bugs by running millions of “fuzzing” tests, said Tom Gallagher, senior security test lead with Microsoft’s Trustworthy Computing group. Read the full...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/09/08 11:59 a.m.67 views

Five Critical Bulletins Coming on MS Patch Tuesday

Microsoft’s September batch of security updates will include fixes for a multiple “critical” vulnerabilities affecting the Windows operating system. In all, the software maker will release five bulletins with patches for a range of flaws that could expose users to remote code execution attacks. T...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2021/08/06 3:1 p.m.66 views

Zoom Settlement: An $85M Business Case for Security Investment

Ransomware isn’t the only way lax security can cost a business eight figures in damage. Zoom just lost an $85 million class-action lawsuit this week for its cybersecurity missteps, proving that even the most essential and relied-upon brands can be tripped up by inadequate security. More...

6.9AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/06/22 8:41 p.m.66 views

BEC Losses Top $1.8B as Tactics Evolve

Business email compromise BEC attacks ramped up significantly in 2020, with more than $1.8 billion stolen from organizations with these types of attacks last year alone — and things are getting worse. BEC attacks are carried out by cybercriminals either impersonating someone inside an organizatio...

6.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/06/02 12:54 p.m.66 views

DoJ Charges Rhode Island Woman in Phishing Scheme Against Politicians

The Department of Justice DoJ has charged a woman in Rhode Island in a phishing campaign against candidates for political office and related associates that impersonated various individuals–including campaign workers and the Microsoft security team—in an attempt to trick victims into providing...

6.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/04/19 7:23 p.m.66 views

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The NitroRansomware malware strain is shaking up the ransomware norm by demanding Discord Nitro gift codes from victims instead of actual money. Discord is a VoIP, instant messaging and digital-distribution platform designed for creating communities. Users communicate with voice calls, video call...

7.7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/04/08 2:12 p.m.66 views

Azure Functions Weakness Allows Privilege Escalation

A privilege-escalation vulnerability Microsoft’s Azure Functions cloud container feature could ultimately allow a user to escape the container, according to researchers. Intezer researchers dubbed the bug “Royal Flush” after a flush-to-disk limitation that an exploit would need to evade. Flushing...

7.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/12 5:5 p.m.66 views

Singtel Suffers Zero-Day Cyberattack, Damage Unknown

Singtel, Tier 1 telecom carrier throughout Asia and owner of Australian telco Optus, has been impacted by a software security hole in a third-party file transfer appliance targeted by attackers. Singtel is one of multiple organizations affected by the bug, including an Australian medical research...

0.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/01/20 9:47 p.m.66 views

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks SD-WAN solutions for business users. Cisco issued patches addressing eight buffer-overflow and command-injection SD-WAN vulnerabilities. The most serious of these flaws could be...

2.2AI score0.04383EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/12/01 5:6 p.m.66 views

Zoom Impersonation Attacks Aim to Steal Credentials

A new Zoom-themed phishing attack is circulating through email, text and social media messages, aiming to steal credentials for the videoconferencing service. The Better Business Bureau BBB warned last week that the attack uses Zoom’s logo, and in a message tells recipients that their Zoom accoun...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/08 5:30 p.m.66 views

Cisco Fixes High-Severity Webex, Security Camera Flaws

Cisco has issued patches for high-severity vulnerabilities plaguing its popular Webex video-conferencing system, its video surveillance IP cameras and its Identity Services Engine network administration product. Overall, Cisco on Wednesday issued the three high-severity flaws along with 11...

8.3CVSS1AI score0.00881EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/04 5:24 p.m.66 views

Understanding the Payload-Less Email Attacks Evading Your Security Team

The traditional image of a successful email attack is that of a naive employee clicking the link in a crudely crafted spam email bent on phishing. But times have changed, and employees are much more security-educated than they used to be. So, today’s threat actors are creating increasingly...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/05/06 1:5 p.m.66 views

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials

A new phishing campaign is targeting investment brokers with fraudulent emails aimed at stealing their Microsoft SharePoint and Office credentials, by invoking the identity of a credible financial regulatory organization. The “widespread, ongoing phishing campaign” is using emails that claim to b...

0.2AI score
Exploits0References10
Total number of security vulnerabilities5000