Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/12/01 5:6 p.m.66 views

Zoom Impersonation Attacks Aim to Steal Credentials

A new Zoom-themed phishing attack is circulating through email, text and social media messages, aiming to steal credentials for the videoconferencing service. The Better Business Bureau BBB warned last week that the attack uses Zoom’s logo, and in a message tells recipients that their Zoom accoun...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/08 5:30 p.m.66 views

Cisco Fixes High-Severity Webex, Security Camera Flaws

Cisco has issued patches for high-severity vulnerabilities plaguing its popular Webex video-conferencing system, its video surveillance IP cameras and its Identity Services Engine network administration product. Overall, Cisco on Wednesday issued the three high-severity flaws along with 11...

8.3CVSS1AI score0.00881EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/26 8:18 p.m.66 views

8 U.S. City Websites Targeted in Magecart Attacks

Researchers are warning that the websites of eight U.S. cities – across three states – have been compromised with payment card-stealing Magecart skimmers. The websites all utilize Click2Gov municipality payment software, which was previously involved in data breaches. Unlike other skimmers, which...

8.3AI score0.0552EPSS
Exploits1References14
ThreatPost
ThreatPost
added 2020/06/04 5:24 p.m.66 views

Understanding the Payload-Less Email Attacks Evading Your Security Team

The traditional image of a successful email attack is that of a naive employee clicking the link in a crudely crafted spam email bent on phishing. But times have changed, and employees are much more security-educated than they used to be. So, today’s threat actors are creating increasingly...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/05/06 1:5 p.m.66 views

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials

A new phishing campaign is targeting investment brokers with fraudulent emails aimed at stealing their Microsoft SharePoint and Office credentials, by invoking the identity of a credible financial regulatory organization. The “widespread, ongoing phishing campaign” is using emails that claim to b...

0.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/31 2:34 p.m.66 views

Sodinokibi Ransomware Group Sponsors Hacking Contest

White hats aren’t alone in holding hacking contests. Russian-language cybercriminals are known for running similar competitions on underground forums. However, an analysis of Dark Web activity has uncovered a trend towards offering increasingly high-stakes prizes during such battles. At the same...

6.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/01/30 6:3 p.m.66 views

Bezos, WhatsApp Cyberattacks Show Growing Mobile Sophistication

NEW ORLEANS – Sophisticated nation-state groups are increasingly using mobile devices as an infection vector. Oded Vanunu, head of products vulnerability research at Check Point research, told Threatpost during CPX 360 this week that because mobile devices come equipped with varying technologies,...

0.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/27 2:16 p.m.66 views

Mandatory IoT Security in the Offing with U.K. Proposal

The U.K. government has unveiled a proposed law aimed at securing internet of things IoT devices, which have historically been riddled with basic security issues. The drafted law, announced on Monday, comprises three main mandates for IoT manufacturers. First, all consumer IoT device passwords mu...

0.5AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/01/16 6:44 p.m.66 views

Satan Ransomware Reborn to Torment Businesses

A ransomware with the un-snappy moniker of “5ss5c” has emerged on the scene and appears to be in active development. According to independent researcher Bart Blaze, the malware is the successor to the Satan ransomware, and its authors are still experimenting with focused targeting China, for now...

8.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/09 3:54 p.m.66 views

California's Tough New Privacy Law and Its Biggest Challenges

The California Consumer Privacy Act is being touted as one of the strongest privacy regulations in the U.S. enacted so far. However, though the CCPA was adopted on January 1, 2020, the act still has several loose ends and privacy loopholes that need to be fleshed out. At a high level ,the CCPA...

6.3AI score
Exploits0References16
ThreatPost
ThreatPost
added 2019/12/04 10:11 p.m.66 views

ThreatList: 90% SMBs Believe Nation-State Actors Are Targeting Them

While APT activity is generally considered to be aimed at large enterprises housing valuable intellectual property, military-industrial entities, dissidents and civil society, and organizations of strategic importance to governments, the vast majority of small- and medium-sized businesses SMBs ar...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/11/26 4:12 p.m.66 views

Managing the Human Security Factor in the Age of Ransomware

Security analysts have determined that cybercrime cost the global economy $1.5 trillion in 2018. Ransomware, in particular, is estimated to grow by as much as 350 percent over the next year. And while the ransom for a generic ransomware attack has now risen to nearly $13,000, with recent targeted...

7.2AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/09/24 3:10 p.m.66 views

Zebrocy Retools for New Political Attacks

The APT known as the Sednit threat group also known as Sofacy, APT28 and Fancy Bear has kicked off a fresh spearphishing campaign, that was spotted targeting government entities with the Zebrocy backdoor. The malware features a rewritten and newly-improved backdoor and downloader, indicating an...

7.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/09/10 6:3 p.m.66 views

Adobe Fixes Critical Flash Player Code Execution Flaws

Adobe has issued patches for critical vulnerabilities in Flash Player which, if exploited, could lead to arbitrary code execution. Overall, as part of its September Security Bulletin, Adobe patched three vulnerabilities, including two critical-severity flaws in Flash Player and one “important”...

10CVSS8.8AI score0.06054EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2019/08/26 3:46 p.m.66 views

ThreatList: Half of All Social Media Logins Are Fraud

More than half of logins 53 percent on social-media sites are fraudulent; and 25 percent of all new account applications on social media are fake, according to a recent analysis. Those numbers far outstrip the overall rate of 10 percent of interactions being fraudulent. The Arkose Labs Q3 Fraud a...

1.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/22 7:47 p.m.66 views

Google Launches Open-Source Browser Extension for Ad Transparency

Google is launching an experimental, open-source browser extension aimed at increasing transparency around online advertising by displaying information about the ads that are shown to users. The browser extension is an integral part of a new Google initiative announced Thursday to develop a set o...

6.7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/04/09 8:11 p.m.66 views

Intel Patches High-Severity Flaws in Media SDK, Mini PC

Intel has released security updates addressing two high-severity vulnerabilities in its Intel Media Software Development Kit SDK and Intel NUC mini PC. Overall, the chip giant on Tuesday patched four flaws across its products; the most severe of these vulnerabilities exist in Intel’s Media Softwa...

7.2CVSS9.1AI score0.00456EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2019/03/08 8:10 p.m.66 views

Citrix Falls Prey to Password-Spraying Attack

Citrix is warning that its internal network has been hit by international cybercriminals. The digital workspace and enterprise networks vendor said in a website notice that the FBI contacted it on Wednesday, saying that there was evidence of a successful cyberattack on its network. While details...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/01/31 2:26 p.m.66 views

Google Pulls Data-Chugging App From iOS Devices

Google has found itself in hot water for a research app that may have violated Apple’s policies by collecting user data in exchange for gift cards. The tech giant said it has now disabled Screenwise Meter“audience measurement” app – which voluntarily collects data from users’ phones, browsers and...

6.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/01/30 4:59 p.m.66 views

Stealthy Malware Disguises Itself as a WordPress License Key

UPDATE A spam-injecting malware is targeting WordPress site owners by disguising itself as a legitimate license key for a WordPress design theme. According to analysis from Sucuri, a customer opened a malware removal ticket reporting “some weird spam URLs injected onto their WordPress website.”...

7.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/09/11 9:4 p.m.66 views

Microsoft Patches Actively Exploited Bug as Part of Patch Tuesday

UPDATE Microsoft has patched an elevation-of-privilege vulnerability it said is actively being exploited by hackers. The fix was part of Microsoft’s scheduled September Patch Tuesday release, which also included fixes for two other bugs found being used in the wild, including the zero-day found i...

9.3CVSS0.3AI score0.23044EPSS
Exploits7References11
ThreatPost
ThreatPost
added 2017/10/03 4:42 p.m.66 views

Five Critical Android Bugs Get Patched in October Update

Five critical vulnerabilities were reported by Google Monday as part of its October Android Security Bulletin. In all, 14 patches were issued for corresponding vulnerabilities, ranging from critical to high. The relative low bug count for the month of October is due to the fact this month Google...

9.3CVSS9.1AI score0.01147EPSS
Exploits1References12
ThreatPost
ThreatPost
added 2017/07/26 9:0 a.m.66 views

Windows SMB Zero Day to Be Disclosed During DEF CON

LAS VEGAS—A 20-year-old Windows SMB vulnerability is expected to be disclosed Saturday during a talk at DEF CON. Microsoft has said it will not patch the vulnerability, which allows an attacker to remotely crash a Windows server with relative ease using only 20 lines of Python code and a Raspberr...

9.3CVSS8.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2013/10/02 9:40 a.m.67 views

A Decade of Microsoft Patch Tuesday Security Updates

On Oct. 9, 2003, Microsoft announced its new security patching process that would end up being a catalyst for significant change in the information security community. Ten years ago, the program was announced with a press release that promised “Improved patch management processes, policies and...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2011/11/10 4:17 p.m.66 views

New Toolkit Able to Track and Trace Duqu Worm

The Hungarian research facility that helped discover Duqu, the much-blogged about Trojan, has now released an open-source toolkit that can be used to help detect traces and instances of the worm. The Laboratory of Cryptography and System Security CrySys at the Budapest University of Technology an...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2010/10/22 2:17 p.m.66 views

Cyber Criminal Underground: The Comics Edition

The criminal underworld is an insular community shrouded in secrecy. That’s helped lend an air of mystique to cyber crime. See also: Bruce Willis in “Die Hard 4: Live Free or Die Hard.”. But it turns out that, like so much else, real life cyber crime is… well… pretty dull. How dull? Comic artist...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2010/03/15 2:17 p.m.66 views

Microsoft Issues Fix-It Workaround for IE Zero-Day

Microsoft has released a one-click “fix-it” workaround to help Internet Explorer users block malware attacks against an unpatched browser vulnerability. The Fix-It workaround, available here, effectively disables peer factory in the iepeers.dll binary in affected versions of Internet Explorer. Th...

9.3CVSS1.2AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2009/03/18 3:56 p.m.66 views

Microsoft's Threat Management Gateway is a mixed bag

Microsoft’s initial move into the security products market, the ISA Server, has evolved well beyond its firewall roots. Now known as the Threat Management Gateway, the product is being positioned as a comprehensive Web security gateway. But as Eric Ogren writes in his review of the Threat...

9.3CVSS1AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/08/30 4:0 p.m.65 views

Watering Hole Attacks Push ScanBox Keylogger

A China-based threat actor has ramped up efforts to distribute the ScanBox reconnaissance framework to victims that include domestic Australian organizations and offshore energy firms in the South China Sea. The bait used by the advanced threat group APT is targeted messages that supposedly link...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/07/21 12:59 p.m.65 views

Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’

A for-hire cybercriminal group is feeling the talent-drought in tech just like the rest of the sector and has resorted to recruiting so-called “cyber-mercenaries” to carry out specific illicit hacks that are part of larger criminal campaigns. Dubbed Atlas Intelligence Group A.I.G., the cybergang...

7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/11/10 5:0 p.m.65 views

Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have developed a working exploit to gain remote code execution RCE via a massive vulnerability in a security appliance from Palo Alto Networks PAN, potentially leaving 10,000 vulnerable firewalls with their goods exposed to the internet. The critical zero day, tracked as CVE 2021-3064...

10CVSS9.7AI score0.19087EPSS
Exploits1References18
ThreatPost
ThreatPost
added 2021/09/10 10:46 a.m.65 views

Stolen Credentials Led to Data Theft at United Nations

A threat actor used stolen credentials from a United Nations employee to breach parts of the UN’s network in April and steal critical data, a spokesman for the intergovernmental organization has confirmed. That data lifted from the network can be used to target agencies within the UN, which alrea...

7.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/08/05 2:16 p.m.65 views

Black Hat: Charming Kitten Leaves More Paw Prints

LAS VEGAS – The suspected Iranian threat group that IBM Security X-Force calls ITG18 and which overlaps with the group known as Charming Kitten keeps leaving a trail of paw prints. The latest: a custom Android backdoor dubbed “LittleLooter” – used exclusively by the threat actor, as far as...

6.6AI score
Exploits0References20
ThreatPost
ThreatPost
added 2021/04/26 8:28 p.m.65 views

Flubot Spyware Spreading Through Android Devices

Android mobile phone users across the U.K. and Europe are being targeted by text messages containing a particularly nasty piece of spyware called “Flubot,” according to the U.K.’s National Cyber Security Centre. And the U.S. could be the next target. Victims are asked to download a fake app from ...

0.4AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/03/12 9:5 p.m.65 views

REvil Group Claims Slew of Ransomware Attacks

The REvil ransomware threat group is on a cyberattack tear, claiming over the past two weeks to have infected nine organizations across Africa, Europe, Mexico and the U.S. The organizations include two law firms, an insurance company, an architectural firm, a construction company and an...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/09/21 9:27 p.m.65 views

Fileless Malware Tops Critical Endpoint Threats for 1H 2020

In the first half of 2020, the most common critical-severity cybersecurity threat to endpoints was fileless malware, according to a recent analysis of telemetry data from Cisco. Fileless threats consist of malicious code that runs in memory after initial infection, instead of files being stored o...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/09/08 2:36 p.m.65 views

Cryptobugs Found in Numerous Google Play Store Apps

Researchers have discovered more than 300 apps on the Google Play Store breaking basic cryptography code using a new tool they developed to dynamically analyze it. Academics from Columbia University developed a custom tool, CRYLOGGER, that analyzes Android applications for unsafe use of...

7.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/08/06 11:18 a.m.65 views

U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

The U.S. government is concerned about foreign interference in the 2020 election, so much so that it will offer a reward of up to $10 million for anyone providing information that could lead to tracking down potential cybercriminals aiming to sabotage the November vote. The U.S. Department of...

0.5AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/05/14 7:38 p.m.65 views

TikTok Violated Children’s Privacy Law, FTC Complaint Says

The popular video sharing app TikTok has landed in hot water again over privacy issues. On Thursday, a group of privacy advocates filed a complaint with the Federal Trade Commission FTC alleging the platform failed to adequately protect children’s privacy. The complaint alleged that TikTok violat...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/26 2:47 p.m.65 views

Hackers Hijack Routers to Spread Malware Via Coronavirus Apps

Cybercriminals are hijacking routers and changing Domain Name System DNS settings, in order to redirect victims to attacker controlled sites promoting fake coronavirus information apps. If victims download these apps, they are infected with information-stealing Oski malware. This latest attack...

0.8AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/03/12 1:57 p.m.65 views

Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs

Cybercriminals continue to firehose financial services companies with new and innovative cyberattacks. Research from Akamai recently found that up to 75 percent of all credential abuse attacks against the financial services industry in 2019 targeted APIs directly rather than user-facing login...

8.6AI score0.0552EPSS
Exploits1
ThreatPost
ThreatPost
added 2020/03/12 1:57 p.m.65 views

Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs

Cybercriminals continue to firehose financial services companies with new and innovative cyberattacks. Research from Akamai recently found that up to 75 percent of all credential abuse attacks against the financial services industry in 2019 targeted APIs directly rather than user-facing login...

7.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/04 6:58 p.m.65 views

Critical Netgear Bug Impacts Flagship Nighthawk Router

Netgear is warning users of a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk R7800 hardware running firmware versions prior to 1.0.2.68. The warnings, posted Tuesday, also include two high-severity bugs impacting...

9.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/02/14 8:56 p.m.65 views

Huawei Controversy Highlights 5G Security Implications

The controversy over Huawei’s involvement in the 5G telecom gear market ratcheted up a notch this week. U.S. officials said they have evidence that the Chinese equipment giant has had access to backdoors inside mobile carrier networks for more than 10 years. Officials are trying to make the case...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/11 6:52 p.m.65 views

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

A non-password protected cloud database containing hundreds of millions of customer records and internal logs for cosmetic giant Estée Lauder has been found exposed online, according to researchers. In all, 440,336,852 individual data pieces were exposed, according to researcher Jeremiah Fowler a...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/01/28 6:16 p.m.65 views

Ring Doorbell App for Android Caught Sharing User Data with Facebook, Data-Miners

UPDATE Amazon’s Ring Doorbell app for Android is a nexus for data-harvesting, according to an investigation by the Electronic Frontier Foundation EFF. Privacy advocates allege Ring goes so far as to silently deliver updates on Ring customer usage to Facebook, even if the Ring owner doesn’t have a...

Exploits0References6
ThreatPost
ThreatPost
added 2020/01/17 6:39 p.m.65 views

Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?

The practice of disclosing proof-of-concept PoC exploits has long caused a debate in the security community. As the name suggests, these outline steps used to exploit a vulnerability in a system to show how it can be done — and are used to test networks and pinpoint vulnerable aspects of a system...

7.6AI score
Exploits0References23
ThreatPost
ThreatPost
added 2020/01/08 8:10 p.m.65 views

Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy

Google’s Project Zero bug-hunting team is making a big change to its vulnerability disclosure policies. Full details on any vulnerability will be made public 90 days after discovery, regardless of when the bug is fixed. That means that whether it’s patched on Day 20 or Day 120, bug details will g...

9.3CVSS8.5AI score0.01252EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/12/06 2:0 p.m.65 views

Stealthy MacOS Malware Tied to Lazarus APT

Researchers have identified new MacOS malware that can execute remote code in memory that they believe is the work of the powerful North Korean APT group Lazarus, they said Thursday. Security researcher Dinesh Devadoss on Twitter posted a hash for a MacOS trojan he discovered that hides behind a...

1.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/12/05 4:31 p.m.65 views

HackerOne Breach Leads to $20,000 Bounty Reward

HackerOne has paid out $20,000 after a high-severity vulnerability was discovered in the bug-bounty platform. The flaw allowed an outside bounty hunter to access customers’ reports and other sensitive information. Disclosed this week in a HackerOne report, the security incident stemmed from a...

7.3AI score
Exploits0References11
Total number of security vulnerabilities5000