Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/03/25 8:52 p.m.63 views

ThreatList: Remote Workers Threaten 1 in 3 Organizations

While IT leaders see the benefits of remote working and understand that millennial-friendly telecommuting is unlikely to go anywhere anytime soon, many still fear that the potential of employees to access corporate resources via public Wi-fi and the use of personal devices opens their organizatio...

1.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/03/08 3:30 p.m.63 views

RSAC 2019: The Dark Side of Machine Learning

SAN FRANCISCO – The same machine-learning algorithms that made self-driving cars and voice assistants possible can be hacked to turn a cat into guacamole or Bach symphonies into audio-based attacks against a smartphone. These are examples of “adversarial attacks” against machine learning systems...

6.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/02/27 5:24 p.m.63 views

Card-Skimming Scripts Hide Behind Google Analytics, Angular

A host of credit card-stealing scripts have popped up on the web, injected into websites and purporting to be legitimate Google Analytics or Angular utilities in order to avoid webmaster notice. According to research from Sucuri, the malicious code is obfuscated and injected into legitimate JS...

7.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/02/26 4:33 p.m.63 views

High-Severity SHAREit App Flaws Open Files for the Taking

Two high-severity flaws in the SHAREit Android app allow an attacker to bypass the file transfer application’s device authentication mechanism – and ultimately download content and arbitrary files from the victim’s device, along with a raft of data such as Facebook tokens and cookies. SHAREit is ...

Exploits0References1
ThreatPost
ThreatPost
added 2019/01/31 6:51 p.m.63 views

2019 Already Marred By Slew of Data Breach Incidents

It has been a busy year for data breaches already, and January isn’t even officially over. This past week has been no exception. In past seven days, in addition to the Airbus news that we previously reported, Discover Financial, IT management giant Rubrik, the City of St. John in New Brunswick,...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2017/12/01 11:43 a.m.63 views

Flaw Found In Dirty COW Patch

A flaw in the original patch for the notorious Dirty COW vulnerability could allow an adversary to run local code on affected systems and exploit a race condition to perform a privilege escalation attack. The flaw in the Dirty COW patch CVE-2016-5195, released in October 2016, was identified by...

7.2CVSS7.4AI score0.83524EPSS
Exploits89References7
ThreatPost
ThreatPost
added 2017/04/17 12:5 p.m.63 views

VMWare Fixes Critical RCE in vCenter Server

VMware patched a critical vulnerability in its vCenter Server platform late last week that could have let an attacker execute arbitrary code in some scenarios. The vulnerability affected two versions of vCenter, 6.5 and 6.0. Users are encouraged to update to the most recent versions, 6.5c, and...

7.5CVSS0.8AI score0.21274EPSS
Exploits5References11
ThreatPost
ThreatPost
added 2013/06/19 4:5 p.m.63 views

65 Sites Compromised in ZeroAccess Trojan Attacks

As many as 65 websites have been compromised in an attack that has snared another Washington, D.C.-area media website as well as a number of travel and leisure sites. While the sites aren’t topically related, they’re all hosting advertisements injected with malicious code hosted on...

10CVSS5.4AI score0.86151EPSS
Exploits16References4
ThreatPost
ThreatPost
added 2013/05/08 11:0 a.m.63 views

Cool Exploit Kit Includes Old Internet Explorer Exploit

You cannot accuse the keepers of the Cool Exploit Kit of not recognizing market trends. Given a rash of recent watering hole attacks and zero-day exploits built around Microsoft’s Internet Explorer browser, it’s no surprise that a 15-month-old IE exploit has been included in the crimeware package...

10CVSS0.7AI score0.77597EPSS
Exploits42References12
ThreatPost
ThreatPost
added 2013/03/11 4:29 p.m.63 views

New Web-Based MiniDuke Components Discovered

Researchers at Kaspersky Lab and CrySys Lab have discovered files buried inside a MiniDuke command and control server that indicate the presence of a Web-based facet of the campaign that initially targeted government agencies, primarily in Europe. Users are likely lured to the malicious webpages...

10CVSS0.97612EPSS
Exploits54References6
ThreatPost
ThreatPost
added 2013/01/14 6:29 p.m.63 views

ADP-Themed Phishing Emails Lead to Blackhole Sites

Scammers are spamming out malicious emails purporting to come from payroll processing company ADP, according Dancho Danchev of Webroot. The emails arrive under the subject line “ADP Immediate Notifications” and contain links to compromised websites hosting the latest iteration of the Blackhole...

10CVSS0.97612EPSS
Exploits38References4
ThreatPost
ThreatPost
added 2012/05/17 2:46 a.m.63 views

Trojan Mimics Chrome Installer to Steal Banking Information

Malware impersonating a Google Chrome Installer is actually stealing data while stripping software used to protect online banking transactions. The Trojan at present appears to target users in Brazil and Peru. Trend Micro researchers report in a blog post that they have discovered a malicious fil...

0.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/09/06 3:29 p.m.62 views

Human Fraud: Detecting Them Before They Detect You

This is Part II of a two-part blog series taking readers inside the criminal enterprise that is account-takeover fraud. For part I, please click here. In my last blog, we focused on the initial phases of the account-takeover ATO kill chain – recon, weaponization and delivery – and how attackers...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/08/17 4:20 p.m.62 views

Bug in Millions of Flawed IoT Devices Lets Attackers Eavesdrop

Security researchers have discovered a critical flaw that affects tens of millions of internet-of-things IoT devices – one that exposes live video and audio streams to eavesdropping threat actors and which could enable attackers to take over control of devices, including security webcams and...

8.3CVSS8.6AI score0.02575EPSS
Exploits1References14
ThreatPost
ThreatPost
added 2021/06/22 4:17 p.m.62 views

Lexmark Printers Open to Arbitrary Code-Execution Zero Day

Lexmark printers – those ubiquitous, inky office workhorses that fill homes and offices, and are found all the way on up to the federal government – have an unpatched vulnerability that could lead to serious, easy-to-execute attacks that require neither privileges nor user interaction and which c...

7.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/03 10:6 p.m.62 views

‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles

An Elasticsearch server holding personal data of 6 million players of the popular mobile game Battle for the Galaxy was discovered insecure and containing over 1 terabyte of unencrypted data, meaning anyone with a link could access data stored on the repository. Ethical hackers WizCase found the...

6.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/04/02 6:16 p.m.62 views

Call of Duty Cheats Expose Gamers to Malware

Activision, the company behind Call of Duty: Warzone, has issued a warning that a threat actor is taking out ads for cheat tools, which instead turn out to be remote-access trojan RAT malware . The scam was first floated in March when a cyberattacker posted in hacking forums that they had a free,...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/03/17 1:0 p.m.62 views

A New Paradigm in Data Security: Insider Risk Management

The pandemic was a force accelerator for digital transformation in the enterprise. It’s not just the dramatic remote work shift — it’s a profound shift toward prioritizing speed and flexibility as the drivers of a company’s competitive advantage. But as faster, more agile ways of working...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/02/25 2:45 p.m.62 views

Cisco Warns of Critical Auth-Bypass Security Flaw

A critical vulnerability in Cisco Systems’ intersite policy manager software could allow a remote attacker to bypass authentication. The vulnerability is one of three critical flaws fixed by Cisco on this week. It exists in Cisco’s ACI Multi-Site Orchestrator ACI MSO — this is Cisco’s management...

1.5AI score0.14359EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/12/11 8:51 p.m.62 views

Security Issues in PoS Terminals Open Consumers to Fraud

Researchers are detailing widespread security issues in point-of-sale PoS terminals – specifically, three terminal device families manufactured by vendors Verifone and Ingenico. Click to register. The issues, which have been disclosed to the vendors and since patched, open several popular PoS...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/11/10 1:53 p.m.62 views

Microsoft Teams Users Under Attack in 'FakeUpdates' Malware Campaign

Attackers are using ads for fake Microsoft Teams updates to deploy backdoors, which use Cobalt Strike to infect companies’ networks with malware. Microsoft is warning its customers about the so-called “FakeUpdates” campaigns in a non-public security advisory, according to a report in Bleeping...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/10/09 1:2 p.m.62 views

Wormable Apple iCloud Bug Allows Automatic Photo Theft

A group of ethical hackers cracked open Apple’s infrastructure and systems and, over the course of three months, discovered 55 vulnerabilities, a number of which would have given attackers complete control over customer and employee applications. Of note, a critical, wormable iCloud account...

7.4AI score
Exploits0References20
ThreatPost
ThreatPost
added 2020/07/03 3:10 p.m.62 views

E.U. Authorities Crack Encryption of Massive Criminal and Murder Network

European law-enforcement officials have shut down an encrypted Android-based communications platform used exclusively by criminals to plot murders, traffic illegal drugs, commit money laundering and plan other organized crimes. An international law-enforcement team from the France and the...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/06/23 6:50 p.m.62 views

Work From Home Opens New Remote Insider Threats

Employees working from home face a new world of workplace challenges. With childcare facilities mostly closed, many are juggling crying babies or barking dogs, all while tending to job responsibilities. Under those conditions mistakes happen, like sending an email – with critical internal company...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/06/16 7:29 p.m.62 views

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Adobe patched 18 critical vulnerabilities Tuesday impacting key products Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition. The out-of-band fixes address vulnerabilities allowing an attacker to execute arbitrary code, if bugs are exploited. In its security bulletin Adobe...

9.3CVSS1.1AI score0.0896EPSS
Exploits1References11
ThreatPost
ThreatPost
added 2020/05/13 1:19 p.m.62 views

Feds Reveal Hidden Cobra's Trove of Espionage Tools

The U.S. Department of Homeland Security and Federal Bureau of Investigation have exposed what they say are hacking tools used by the North Korean-sponsored APT group Hidden Cobra. The disclosure was the result of a broad government effort to combat the advanced persistent threat group, who have...

Exploits0References13
ThreatPost
ThreatPost
added 2020/03/25 3:38 p.m.62 views

GE Employees Lit Up with Sensitive Doc Breach

A phisher’s treasure chest of personally identifiable information PII for General Electric employees has been exposed – thanks to the compromise of one of the company’s partners, Canon Business Process Services. In a data-breach notice filed with the State of California, General Electric GE noted...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/06 12:0 p.m.62 views

Dropbox Passes $1M Milestone for Bug-Bounty Payouts

Dropbox, the cloud-based file-sharing service, has reported that it has paid out more than $1 million to bug-bounty hunters since starting its program in 2014. The milestone comes after the service tripled its bounties in 2017, and after running two live hacking events with the HackerOne platform...

6.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/12/05 6:34 p.m.62 views

AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web

Hundreds of thousands of mobile phone bills for AT&T, Verizon and T-Mobile subscribers have been laid open to anyone with an internet connection, thanks to the oversight of a contractor working with Sprint. According to a media investigation, the contractor misconfigured a cloud storage bucket on...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/11/07 7:41 p.m.62 views

Ex-Twitter Employees Spied on Saudi Dissidents: DoJ

The Department of Justice DoJ has charged two former Twitter employees of working with the government of Saudi Arabia to snoop on political dissidents’ accounts. The 27-page complaint alleges that two former Twitter employees, Ali Alzabarah, 35, and Ahmad Abouammo, 41, accessed Twitter account da...

0.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/08/06 6:54 p.m.62 views

Cryptolocking WordPress Plugin Locks Up Blog Posts

A malicious WordPress plugin ironically called WP Security has been spotted in the wild encrypting blog posts and rendering the content unreadable. It’s capable of targeting individual posts — an unusual behavior, according to researchers. According to analysis from Sucuri, the plugin obtains a...

7.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/07 9:1 p.m.62 views

RSA Conference 2019: Ultrasound Hacked in Two Clicks

SAN FRANCISCO – Researchers have highlighted the endemic insecurity of the hospital environment by executing a proof-of-concept attack on an ultrasound machine. In doing so, they were able to gain access to the machine’s entire database of patient ultrasound images. Check Point Research worked wi...

Exploits0References5
ThreatPost
ThreatPost
added 2019/02/01 3:50 p.m.62 views

Threatpost News Wrap Podcast For Feb. 1

Data privacy dominated the week of news ending Feb. 1. News headlines included both Facebook and Google finding themselves in hot water over distributing data-sucking apps on iOS devices. A severe flaw was also found in kid-tracking IoT smartwatches that could expose sensitive information for...

6.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2016/07/15 4:16 p.m.62 views

Neutrino EK Spotted Leveraging Patched IE Zero Day

Attackers behind the Neutrino Exploit Kit didn’t take long to co-op a recently patched Internet Explorer zero-day into its arsenal. Researchers claim the kit has been pushing CVE-2016-0189, a vulnerability that was reportedly used in targeted attacks on South Korean organizations earlier this yea...

9.3CVSS8.5AI score0.99945EPSS
Exploits43References8
ThreatPost
ThreatPost
added 2016/04/25 3:36 p.m.62 views

Android Ransomware Attacks Using Towelroot, Hacking Team Exploits

A menacing wave of ransomware that locks up Android devices and demands victims pay $200 in Apple iTunes gift card codes is raising concern among security researchers. The ransomware attacks, they say, open a new chapter for Android vulnerabilities similar to Microsoft’s obsolete, unpatched and...

7.2CVSS7.2AI score0.37233EPSS
Exploits15References2
ThreatPost
ThreatPost
added 2012/05/18 5:52 p.m.62 views

Microsoft Adopts CVRF Format for Security Bulletins

Since the beginning of recorded time, security researchers, software vendors and hackers have been issuing security advisories in all kinds of nutty formats. Some feature excellent ASCII art, some have clever inside jokes and some come from Microsoft. Now, there’s a effort underway, called the...

9.3CVSS8.6AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2010/12/22 7:24 p.m.62 views

Media, Human Rights Sites Suffer With Rise In DDoS Attacks

The recent wave of online actions by supporters and opponents of information leaking site Wikileaks has focused attention on the phenomenon of distributed denial of service DDoS attacks. But a study published by Harvard University’s Berkman Center for Internet and Society this week concludes that...

0.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/08/12 1:24 p.m.61 views

Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’

Users of Apple’s Instagram and Facebook iOS apps are being warned that both use an in-app browser that allows parent company Meta to track ‘every single tap’ users make with external websites accessed via the software. Researcher Felix Krause, who outlined how Meta tracks users in a blog posted...

6.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/05/11 12:27 p.m.61 views

Intel Memory Bug Poses Risk for Hundreds of Products

Chipmaker Intel is reporting a memory bug impacting microprocessor firmware used in “hundreds” of products. According to an advisory issued by the company on Tuesday, the bug is firmware-based and rated as “high” risk with a Common Vulnerability Scoring System CVSS score of 7. The vulnerability...

6.8CVSS5.6AI score0.0027EPSS
Exploits0References13
ThreatPost
ThreatPost
added 2021/11/04 3:50 p.m.61 views

Critical Linux Kernel Bug Allows Remote Takeover

A critical heap-overflow security vulnerability in the Transparent Inter Process Communication TIPC module of the Linux kernel could allow local exploitation and remote code execution, leading to full system compromise. TIPC is a peer-to-peer protocol used by nodes within a Linux cluster to...

9.8CVSS7.9AI score0.57853EPSS
Exploits3References7
ThreatPost
ThreatPost
added 2021/10/05 9:9 p.m.61 views

IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft

Three vulnerabilities in the IP video-surveillance systems created by Axis Communications could allow arbitrary code execution, among other attacks. That’s according to Nozomi Networks Labs, whose researchers examined the company’s Axis Companion Recorder, a compact network video recorder NVR tha...

8.8CVSS8.7AI score0.00923EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/06/22 6:7 p.m.61 views

Email Bug Allows Message Snooping, Credential Theft

Researchers warn hackers can snoop on email messages by exploiting a bug in the underlying technology used by the majority of email servers that run the Internet Message Access Protocol, commonly referred to as IMAP. The bug, first reported in August 2020 and patched Monday, is tied to the email...

5.8CVSS6.7AI score0.02837EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2021/05/13 2:55 p.m.61 views

Fresh Loader Targets Aviation Victims with Spy RATs

A cyberattack campaign that goes after aviation targets has been uncovered, which is spreading remote access trojan RAT malware bent on cyber-espionage. Researchers from Microsoft said this week on Twitter that spear-phishing emails are the main attack vector. Individuals in the aerospace and...

6AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/03/22 8:39 p.m.61 views

CISA Warns of Security Flaws in GE Power Management Devices

The U.S. Cybersecurity & Infrastructure Security Agency CISA is warning of critical-severity security flaws in GE’s Universal Relay UR family of power management devices. GE’s UR devices are the “basis of simplified power management for the protection of critical assets,” according to the company...

0.8AI score0.01163EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2021/03/10 9:44 p.m.61 views

Fake Ad Blocker Delivers Hybrid Cryptominer/Ransomware Infection

At its previous peak in February, the Monero Miner cryptocurrency ransominer was targeting more than 2,500 users a day, disguised as an antivirus installer. Now, the tricky hybrid malware is on the rise again, this time impersonating an ad blocker and OpenDNS service. In total, it has infected mo...

1.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/12/21 7:38 p.m.61 views

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

Four nation-state-backed advanced persistent threats APTs hacked Al Jazeera journalists, producers, anchors and executives, in an espionage attack leveraging a zero-day exploit for Apple iPhone, researchers said. The attack, carried out in July and August, compromised 36 personal phones belonging...

6.6AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/12/07 4:15 p.m.61 views

QNAP High-Severity Flaws Plague NAS Systems

QNAP Systems is warning of high-severity flaws that plague its top-selling network attached storage NAS devices. If exploited, the most severe of the flaws could allow attackers to remotely take over NAS devices. NAS devices are systems that consist of one or more hard drives that are constantly...

6.8CVSS0.4AI score0.02883EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2020/10/02 2:1 p.m.61 views

305 CVEs and Counting: Bug-Hunting Stories From a Security Engineer

Larry Cashdollar, senior security response engineer at Akamai, has been finding CVEs since the 1990s, around when MITRE was first being established. Since then, he’s found 305 CVEs – as well as various security findings, such an IoT bricking malware called Silex, and cybercriminals targeting poor...

10CVSS7.3AI score0.07488EPSS
Exploits1References16
ThreatPost
ThreatPost
added 2020/09/28 7:56 p.m.61 views

Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials

An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems – but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life EOL on Jan. 14, with Microsoft urging enterprises to upgrade to its...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/08/13 1:6 p.m.61 views

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls

Researchers have discovered an attack on the Voice over LTE VoLTE mobile communications protocol that can break its encryption and allow attackers to listen in on phone calls. Dubbed ReVoLTE, the attack — detailed by a group of academic researchers from Ruhr University Bochum and New York...

0.3AI score
Exploits0References7
Total number of security vulnerabilities5000