Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/08/15 6:49 p.m.65 views

Energy Sector Phish Swims Past Microsoft Email Security via Google Drive

A targeted spearphishing campaign has hit an organization in the energy sector – after using a savvy trick to get around the company’s Microsoft email security stack. According to Aaron Riley, a researcher from Cofense, the campaign impersonated the CEO of the targeted company, sending email via...

6.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/04/18 4:0 p.m.65 views

Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug

UPDATE About a half a billion Apple iOS users and counting have been hit by session-hijacking cybercriminals bent on serving up malware. They’re exploiting an unpatched flaw in the Chrome for iOS browser, to bypass sandboxing and hijack user sessions, targeting iPhone and iPad users. The attacks...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/12 3:53 p.m.65 views

Adobe Patches Critical Photoshop, Digital Edition Flaws

Adobe on Tuesday released its March Security Update, reporting and fixing only two critical flaws: one in Photoshop CC and one in Adobe Digital Editions. Both critical flaws could allow a bad actor to achieve arbitrary code execution in the context of the current user, Adobe said. The company sai...

10CVSS1AI score0.67091EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2019/03/05 1:0 p.m.65 views

RSAC 2019: Most Consumers Say ‘No’ to Cumbersome Data Privacy Practices

Despite high-profile headlines about companies such as Facebook and Google abusing consumers’ personal information, it turns out that the average American is still not implementing a full cadre of best practices for keeping data safe. According to survey findings from research released at the RSA...

6.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/19 10:7 p.m.65 views

ThreatList: APT Adversaries Up the Ante on Speed, Target Telecom

Despite law-enforcement wins in the form of several high-profile arrests and indictments during 2018, nation-state adversaries have upped their games when it comes to speed. That’s according to CrowdStrike’s 2019 Global Threat Report, which found that when analyzing how long it takes to go from...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/18 7:17 p.m.65 views

New APT Could Signal Reemergence of Notorious Comment Crew

A recently observed APT campaign, dubbed Operation Oceansalt, could herald the return of the infamous China-linked hacking group known as Comment Crew or APT1. Attacks are cunning and are defined by their their deep targeting and use of an innovative multi-wave attack methodology. Operation...

7.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/10/15 7:57 p.m.65 views

Up to 35 Million 2018 Voter Records For Sale on Hacking Forum

Up to 35 million voter records have been found up for sale on a popular hacking forum from 19 states, researchers discovered. Researchers at Anomali Labs and Intel 471 on Monday said that they discovered Dark Web communications offering a large quantity of voter databases for sale – including...

0.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/10/09 6:40 p.m.65 views

Slideshow: Intel from Virus Bulletin 2018

This year’s Virus Bulletin 2018, held in Montreal Oct. 3-5, featured a keynote from Microsoft’s John Lambert and a range of threat intelligence research from BAE Systems, Check Point, Cisco Talos, Citizens Lab, Digita Security, ESET, GoSecure, Kaspersky Lab, Malwarebytes, Sophos Security and more...

0.2AI score
Exploits0References15
ThreatPost
ThreatPost
added 2018/02/09 12:59 p.m.65 views

Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models

Lenovo warned customers on Friday that two critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad brand. The vulnerabilities were first revealed in September and originally they were only reported to impact specific Broadcom chipsets used in Apple iPhones, Apple TV and Androi...

10CVSS1.1AI score0.09129EPSS
Exploits6References9
ThreatPost
ThreatPost
added 2018/02/01 3:40 p.m.65 views

Adobe Flash Player Zero-Day Spotted in the Wild

The South Korean Computer Emergency Response Team issued a warning Wednesday of a new Adobe Flash Player zero-day spotted in the wild. The security bulletin warns that the attacks are focused on South Koreans and involve malicious Microsoft Word documents. According to the South Korean Computer...

7.5CVSS0.89618EPSS
Exploits19References5
ThreatPost
ThreatPost
added 2017/03/20 1:20 p.m.65 views

Cisco Warns of Critical Vulnerability Revealed in WikiLeaks 'Vault 7' Data Dump

Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7...

10CVSS10AI score0.98975EPSS
Exploits12References3
ThreatPost
ThreatPost
added 2016/06/17 6:0 a.m.65 views

Adobe Patches Flash Zero Day Under Attack by APT Group

Adobe on Thursday patched a zero-day vulnerability in Flash Player that has been used in targeted attacks carried out by a new APT group operating primarily against high-profile victims in Russia and Asia. Researchers at Kaspersky Lab privately disclosed the flaw to Adobe after exploits against t...

10CVSS9.8AI score0.94354EPSS
Exploits6References7
ThreatPost
ThreatPost
added 2013/10/08 4:13 p.m.65 views

October Patch Tuesday Fixes Critical IE Bugs, 28 Vulnerabilities

As expected, Microsoft began shipping its latest batch of Patch Tuesday patches earlier this afternoon. However, while it was heavily presumed the update would fix at least one Internet Explorer zero day, the update actually fixes two critical vulnerabilities in the browser. Eight bulletins — fou...

9.3CVSS9.1AI score0.99945EPSS
Exploits56References6
ThreatPost
ThreatPost
added 2013/10/02 9:40 a.m.66 views

A Decade of Microsoft Patch Tuesday Security Updates

On Oct. 9, 2003, Microsoft announced its new security patching process that would end up being a catalyst for significant change in the information security community. Ten years ago, the program was announced with a press release that promised “Improved patch management processes, policies and...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2012/06/18 1:43 p.m.65 views

Exploit Code Surfaces for CVE-2012-1875 Internet Explorer Bug

Less than a week after Microsoft released a patch for a critical vulnerability in Internet Explorer, attack code has become publicly available in the form of a module for the Metasploit Framework. The bug is serious one that enables an attacker to bypass both ASLR and DEP, the two main anti-explo...

9.3CVSS1.9AI score0.99945EPSS
Exploits44References4
ThreatPost
ThreatPost
added 2012/04/19 2:20 a.m.65 views

Oracle Patches 88 Vulnerabilities, Including Some that Allow Remote Exploits Without Authentication

Oracle yesterday released 88 security fixes for vulnerabilities — including several that allow for remote access without authentication — across its portfolio as part of its quarterly Critical Patch Update. “Due to the threat posed by a successful attack, Oracle strongly recommends that customers...

9CVSS0.7AI score0.68914EPSS
Exploits9References4
ThreatPost
ThreatPost
added 2021/10/19 8:15 p.m.64 views

Fresh APT Harvester Reaps Telco, Government Data

A previously unseen advanced persistent threat APT group dubbed Harvester by researchers is attacking telcos, IT companies and government-sector targets in a campaign that’s been ongoing since June. According to a Symantec analysis, the group sports a veritable cornucopia of advanced and custom...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/08/17 4:44 p.m.64 views

LockBit 2.0 Ransomware Proliferates Globally

The LockBit ransomware-as-a-service RaaS gang has ramped up its targeted attacks, researchers said, with attempts against organizations in Chile, Italy, Taiwan and the U.K. using version 2.0 of its malware. Attacks in July and August have employed LockBit 2.0, according to a Trend Micro analysis...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/07/14 11:5 a.m.64 views

Windows Hello Bypass Fools Biometrics Safeguards

A vulnerability in Microsoft’s Windows 10 password-free authentication system has been uncovered that could allow an attacker to spoof an image of a person’s face to trick the facial-recognition system and take control of a device. Windows Hello is a feature in Windows 10 that allows users to...

6.1CVSS7.2AI score0.00649EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/08 4:20 p.m.64 views

How Fake Accounts and Sneaker-Bots Took Over the Internet

Recently, one of my friends from my submarine days sent me a friend request on Facebook. The weird thing is, I was already connected with this friend. Looking further at the profile, I noticed a few of the same pictures but only 11 friends. So I knew this was some scammer and, being me, I message...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/05/27 9:43 p.m.64 views

Targeted AnyDesk Ads on Google Served Up Weaponized App

A fake version of the popular remote desktop application AnyDesk, pushed via ads appearing in Google search results, served up a trojanized version of the program. The campaign even bested AnyDesk’s own ad campaign on Google – ranking higher in its paid results. The campaign, active since April 2...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/04/09 6:40 p.m.64 views

623K Payment Cards Stolen from Cybercrime Forum

The Swarmshop cyber-underground “card shop” has been hit by hackers, who lifted the site’s database of stolen payment-card data and leaked it online. That’s according to researchers at Group-IB, who said that the database was posted on a rival underground forum. Card shops, are online cybercrimin...

7.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/03/18 3:52 p.m.64 views

Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data

A security blip in the current version of Zoom could inadvertently leak users’ data to other meeting participants on a call. However, the data is only leaked briefly, making a potential attack difficult to carry out. The flaw CVE-2021-28133 stems from a glitch in the screen sharing function of...

4.8AI score0.16289EPSS
Exploits2References15
ThreatPost
ThreatPost
added 2021/03/16 9:15 p.m.64 views

PYSA Ransomware Pillages Education Sector, Feds Warn

The FBI has issued a warning about an uptick in cyberattacks on the education sector that are delivering the PYSA ransomware. In a “Flash” alert to the cybersecurity community issued on Tuesday, the Feds said that PYSA has been seen in attacks on schools in 12 U.S. states and in the United Kingdo...

0.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/03/09 11:31 p.m.64 views

Apple’s Device Location-Tracking System Could Expose User Identities

Two vulnerabilities in a crowdsourced location-tracking system that helps users find Apple devices even when they’re offline could expose the identity of users, research claim. Offline Finding, a proprietary app introduced by Apple in 2019 for its iOS, macOS and watchOS platforms, enables the...

4.3CVSS4.1AI score0.00921EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2021/01/14 10:30 p.m.64 views

Facebook: Malicious Chrome Extension Developers Scraped Profile Data

Facebook has filed legal action against two Chrome extension developers that the company said was scraping user profile data – including names and profile IDs – as well as other browser-related information. The two unnamed developers under the business name Oink and Stuff, developed Chrome...

6.8AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/01/06 4:40 p.m.64 views

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products. Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware CVE-2020-29583 and releas...

2.1CVSS0.4AI score0.90049EPSS
Exploits2References16
ThreatPost
ThreatPost
added 2020/08/06 12:37 p.m.64 views

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Researchers are warning that a new class of botnets could be marshaled and used to manipulate energy markets via zombie armies of power-hungry connected devices such as air conditioners, heaters, dryers and digital thermostats. A coordinated attack could cause an energy stock index to predictably...

0.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/07/24 4:32 p.m.64 views

NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug

The U.S. National Security Agency NSA and the Cybersecurity and Infrastructure Security Agency CISA have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric...

7.5CVSS0.2AI score0.01813EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/04/16 1:42 p.m.64 views

Report: Hackers Selling Zoom Zero-Days for Windows, MacOS

Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people’s private video conferences and further exploit a target’s system. Flaws target Zoom clients for the Windows and the MacOS operating system,...

0.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/23 2:57 p.m.64 views

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website, “coronavirusmedicalkit.com,” was purporting to gi...

7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/03/19 2:0 p.m.64 views

What is the Best Defense Against Phishing Attacks?

Whether the subject line was “You’re account will be closed!” or the email address was [email protected], we have all received and rolled our eyes at a poorly disguised phishing attempt. While many view phishing as a small annoyance, this attack method has maintained longevity for a reason and...

Exploits0References1
ThreatPost
ThreatPost
added 2020/02/27 3:56 a.m.64 views

RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers

SAN FRANCISCO – Researchers have discovered a slew of security vulnerabilities in a popular baby monitor, which if exploited allows attackers to remotely access the camera’s video footage. The vulnerabilities were discovered in the iBaby Monitor M6S connected baby camera by researchers with...

1.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/02/21 11:0 a.m.64 views

New 'Haken' Malware Found On Eight Apps In Google Play Store

Researchers have identified eight malicious Android apps in the official Google Play marketplace distributing a new malware family. The “Haken” malware exfiltrates sensitive data from victims and covertly signs them up for expensive premium subscription services. The eight apps in question, which...

Exploits0References5
ThreatPost
ThreatPost
added 2019/12/13 8:31 p.m.64 views

Pairing Privacy and Security with Digital Identities in Retail

As today’s customer expectations for digital shopping continue to escalate, many online retailers are leveraging consumers’ unique digital identities to provide a seamless and secure account registration and login process. However, it’s important to recognize the security and privacy implications...

7.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/12/12 6:33 p.m.64 views

All in the (Ransomware) Family: 10 Ways to Take Action

In a world where everything is an “as-a-service,” it’s no surprise that ransomware-as-a-service RaaS is a hot ticket on the Dark Web. FortiGuard Labs has observed at least two significant ransomware families – Sodinokibi and Nemty – now being deployed as RaaS solutions. Meanwhile, cybercriminals...

Exploits0References7
ThreatPost
ThreatPost
added 2019/12/12 2:20 p.m.64 views

Your Smart Christmas Lights Are Safer Than They Were Last Year

Thinking about putting up smart Christmas lights but worried about your internet of things IoT security? You can rest a bit easier this year because at least one festive light option is a bit safer than it used to be, new research has found. Manufacturers of the Twinkly smart lights have taken in...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/11/14 3:32 p.m.64 views

California's Domino Effect on U.S. Privacy Regulation

LAS VEGAS – The California Consumer Privacy Act CCPA, which goes into effect in January 2020, will implement strict requirements for companies to create more transparency about how user data is being used and disseminated. Microsoft’s acknowledgement this week that it will extend CCPA to all of i...

1.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/11/06 4:26 p.m.64 views

DarkUniverse APT Emerges to Deliver Sophisticated, Targeted Spy Attacks

A sophisticated espionage APT that was active for at least eight years before receding into the shadows has been uncovered — and researchers said that it may still be active. In April 2017, ShadowBrokers published one of their many leaks of cyberweapons used by the National Security Agency NSA an...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/11/06 2:0 p.m.64 views

Google Analytics Emerges as a Phishing Tool

Cybercriminals are leveraging key technical markers used in web analytics—particularly Google Analytics—to create more sophisticated and targeted phishing attacks, new research has found. However, this also makes them more susceptible to detection by organizations defending their sites against...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/10/29 4:17 p.m.64 views

New Adwind Variant Targets Windows, Chromium Credentials

A new version of the Adwind remote access trojan RAT has been discovered taking aim at new targets. Adwind a.k.a. JRAT or SockRat is a Java-based remote access trojan that sniffs out data – mainly login credentials – from victims’ machines. While Adwind has historically been platform-agnostic,...

9.3CVSS1.1AI score0.99512EPSS
Exploits75References7
ThreatPost
ThreatPost
added 2019/10/17 3:3 p.m.64 views

Trump Campaign Website Left Open to Email Server Hijack

A mistake made by website developers left an official re-election website for President Donald Trump open to attack. The error, impacting hundreds of other websites as well, is tied to a website development tool called Laravel, used to test sites before they go live. The tool, accidentally left...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/09/11 11:31 a.m.64 views

Feds Indict 281 People for Involvement in Massive Email Fraud Scheme

Federal authorities have arrested 281 people and seized nearly $3.7 million in a coordinated effort between multiple agencies to disrupt a massive email-fraud scheme. Perpetrators of a global business email compromise BEC scheme were the target of a four-month investigation that began in May call...

0.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/08/29 9:16 p.m.64 views

TGI Fridays Delivers Customer Indigestion Over Data Exposure

Customers of TGI Fridays Australia were “strongly recommended” to change their MyFridays membership rewards program passwords. According to an email sent to customers this week, the company had inadvertently left sensitive loyalty program data exposed on the internet. News of the leaky server...

1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/05/08 12:1 p.m.64 views

Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats

Organizations that suspect an active threat or breach have two options: calling an external incident response provider to manage the investigation and response or trying to handle it internally with their own resources. Cynet is now introducing a free IR offering that caters to both scenarios – a...

1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/03/06 7:45 p.m.64 views

RSA Conference 2019: The Sky's the Limit For Satellite Hacks

SAN FRANCISCO – The satellites orbiting the world are rife with vulnerabilities – and as more satellites go up, and antenna equipment becomes cheaper, they are becoming a lucrative target for threat actors back on earth, according to researchers. William Malik, vice president of infrastructure...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/05 8:56 p.m.64 views

RSA Conference 2019: How to Be Better, on Trust, AI and IoT

SAN FRANCISCO – The slogan of this year’s RSA Conference is “Better” – and accordingly, Tuesday morning’s keynotes zeroed in on reversing some of the disturbing sociological trends that have been festering of late. That includes “information warfare,” meant to undermine citizens’ trust in media a...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/04 11:36 p.m.64 views

Argentinian Teen Becomes First to Earn $1M in Bug Bounties with HackerOne

A 19-year-old that goes by the handle “@trytohack” became the first white hat hacker to surpass $1 million in bounty awards on the HackerOne platform. The Argentinian researcher, whose real name is Santiago Lopez, started reporting security weaknesses to companies in 2015 on HackerOne, when he wa...

0.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/25 8:45 p.m.64 views

Threatpost Data: Password Managers Are Worth the Risk, Readers Say

Despite a high-profile memory-related vulnerability in password managers capturing headlines last week, a recent Threatpost poll found that 84 percent of respondents use password managers – while only 10 percent said they don’t due to security risks. There have been vulnerabilities found before i...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/02/11 7:56 p.m.64 views

U.S. Senators Urge VPN Ban for Federal Workers Over Spying

UPDATE Two U.S. senators are taking bipartisan aim at foreign-owned virtual private networks VPNs, which they say are often headquartered “in countries that do not share American interests or values” – specifically, China and Russia. Sens. Ron Wyden D-Ore. and Marco Rubio R-Fla. have signed a joi...

Exploits0References5
Total number of security vulnerabilities5000