Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/06/24 9:21 p.m.60 views

Emerging Ransomware Targets Photos, Videos on Android Devices

A new strain of ransomware has arisen in Canada, targeting Android users and locking up personal photos and videos. Called CryCryptor, it has initially been spotted pretending to be the official COVID-19 tracing app provided by Health Canada. It’s propagating via two different bogus websites that...

0.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/17 9:30 a.m.60 views

LinkedIn 'Job Offers' Targeted Aerospace, Military Firms With Malware

Attackers are impersonating human resource employees from Collins Aerospace and General Dynamics in a spear-phishing campaign leveraging LinkedIn’s messaging service. Targets are sent phony job offers that include malicious documents designed to fetch data-exfiltrating malware. The spear-phishing...

8AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/06/02 3:32 p.m.60 views

Octopus Scanner Sinks Tentacles into GitHub Repositories

The Octopus Scanner malware, which targets the Apache NetBeans Java integrated development environment IDE, has been nesting in at least 26 GitHub source-code repositories, according to researchers – waiting to take over developer machines. A team from GitHub Security Labs, acting on a tip from a...

7.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/05/29 1:16 p.m.60 views

‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials

“Hack-for-hire” organizations are the latest group of cybercriminals to take advantage of the ongoing coronavirus pandemic, using COVID-19 as a lure in phishing emails bent on stealing victims’ Google credentials. Researchers with Google’s Threat Analysis Group TAG warned that they’ve spotted a...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/05/06 9:10 p.m.60 views

Lazarus Group Hides macOS Spyware in 2FA Application

The North Korea-linked cyberthreat group known as Lazarus Group has added a new variant of the Dacls remote-access trojan RAT to its arsenal of spy gear, designed specifically for the Mac operating system. Dacls was first discovered last December targeting Windows and Linux platforms. The new...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/04/28 9:33 p.m.60 views

Enterprise Security Woes Explode with Home Networks in the Mix

The work-from-home WFH paradigm that has become the new normal in the age of coronavirus comes with exacerbated network security risk – as evidenced by growing a number of botnets and automated attacks that are taking advantage of known vulnerabilities in both consumer and corporate IT gear. The...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/24 1:55 p.m.60 views

Nintendo Confirms Breach of 160,000 Accounts

Nintendo said over 160,000 accounts have been hacked, due to attackers abusing a legacy login system. Over the past few weeks, Nintendo gamers have been reporting suspicious activities on their accounts. According to the complaints, aired out on Twitter and Reddit, unauthorized actors were loggin...

0.6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/04/23 3:25 p.m.60 views

WHO, CDC and Bill and Melinda Gates Foundation Victims of Credential Dump, Report

Unknown threat actors have allegedly dumped nearly 25,000 email addresses and passwords from notable organizations involved in the fight against the COVID-19 pandemic, including credentials from prominent health organizations. Hackers have been using information belonging to groups such as World...

0.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/26 3:51 p.m.60 views

As Zoom Booms, Incidents of ‘ZoomBombing’ Become a Growing Nuisance

Officials at Zoom have released tips for users of their video-conferencing platform to help avoid getting “Zoom-bombed” by trolls and even more serious threat actors during online meetings. The developers of the online video-conferencing service cautioned users to avoid sharing Zoom meeting links...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/13 4:40 p.m.60 views

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat APT group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call “Vicious Panda.” Researchers identified two suspicious Rich Text Format files RTF — a text file format used b...

7.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/03/12 8:52 p.m.60 views

Researchers Warn of Novel PXJ Ransomware Strain

Researchers have discovered a new strain of ransomware, dubbed “PXJ,” which emerged in the wild in early 2020. While PXJ performs functions similar to other ransomware variants, it does not appear to share the same underlying code with most known ransomware families, researchers said. They first...

0.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/23 7:8 p.m.60 views

U.S. Gov Agency Targeted With Malware-Laced Emails

A U.S. government agency was targeted with spear phishing emails harboring several malware strains – including a never-before-seen malware downloader that researchers call “Carrotball.” The campaign, which researchers observed occurring from July to October and code-named “Fractured Statue,”...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/01/21 10:7 p.m.60 views

16Shop Phishing Gang Goes After PayPal Users

A prolific phishing gang known as 16Shop has added PayPal customers to its target set. According to researchers at the ZeroFOX Alpha Team, the latest version of the group’s phishing kit is designed with a number of features that are aimed to steal as much personally identifiable information PII a...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/01/08 11:22 p.m.60 views

Drake Lyrics Used as Calling Card in Malware Attack

A hacker with the handle “Master X” leverages a PowerShell script that contains a reference to singer-songwriter Drake lyric’s “Kiki Do You Love Me” and ultimately delivers a malicious payload to its victims. The campaign is email based; with missives containing a malicious PowerPoint attachment...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/24 4:9 p.m.60 views

Cash App Twitter Giveaway a Haven for Stealing Money

Scammers looking to piggyback on the CashAppFriday trending topic on Twitter are stealing between $10 to $1,000 from each victim that falls for their efforts. According to researchers at Tenable, the scams include phishing with some links garnering up to 500 clicks each, a hoax called...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/10/17 8:17 p.m.60 views

Phorpiex Botnet Shifts Gears From Ransomware to Sextortion

A recent wide-scale campaign indicates that a decade-old botnet is shifting gears from distributing ransomware to delivering millions of sextortion threats to innocent recipients. Worse, researchers say that the botnet’s spam campaign can affect up to 27 million potential victims. The botnet,...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/09/11 6:1 p.m.60 views

Major Groupon, TicketMaster Fraud Scheme Exposed By Insecure Database

UPDATE After discovering a cache of 17 million emails exposed on an unsecured database, researchers with vpnMentor began to hunt for its owner — but to their surprise, they found that the database belonged not to a company, but to a sophisticated criminal network. Cybercriminals had been both...

7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/08/26 5:2 p.m.60 views

IRS Impersonation Attacks Spread Malware Nationwide

The Internal Revenue Service IRS is warning taxpayers about a snowballing email attack that uses messages pretending to be legitimate IRS communications. The end game for the effort is malware being installed on unsuspecting users’ machines; imposters may gain control of the taxpayer’s computer o...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/05 2:49 p.m.60 views

Google and ARM Tackle Android Bugs with Memory-Tagging

Aiming at improving the security of the Android ecosystem, Google has partnered up with mobile silicon-maker ARM to implement a hardware-based bug detection tool specifically for memory-safety vulnerabilities. Dubbed the memory-tagging extension MTE, the feature helps mitigate these kinds of bugs...

Exploits0References7
ThreatPost
ThreatPost
added 2019/05/15 8:1 p.m.60 views

Google Titan Security Key Recalled After Bluetooth Pairing Bug

Google is recalling Bluetooth versions of its Titan Security Key after finding a vulnerability that allows attackers in close proximity to take control of the device. Google’s Titan Security Key, launched in the U.S. market last August, is a USB dongle that offers an added layer of security...

1.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/05/06 3:13 p.m.60 views

High-Severity PrinterLogic Flaws Enable Remote Code Execution

A slew of high-severity flaws have been disclosed in the PrinterLogic printer management service, which could enable a remote attacker to execute code on workstations running the PrinterLogic agent. PrinterLogic’s Print Management software allows businesses to deploy and use remote printers...

10CVSS9AI score0.03453EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/28 4:11 p.m.60 views

Coinhive to Mine Its Last Monero in March

Coinhive, the company behind an eponymous browser-based cryptocurrency miner, is closing its doors. As of March 8, the 18-month-old company will discontinue its service, because, it announced, the model “isn’t economically viable anymore.” Coinhive bills itself as a legitimate service for website...

6.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/02/20 7:27 p.m.60 views

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

Secure password firms 1Password, Dashlane, KeePass and LastPass are blasting a research report that highlights how a local adversary can crack open and steal passwords stored by the utilities. The uproar began Tuesday when lead researcher, Adrian Bednarek with Independent Security Evaluators ISE,...

6.7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/02/20 6:34 p.m.60 views

GitHub Increases Rewards, Scope For Bug Bounty Program

GitHub has bolstered its bug-bounty program with increased rewards, an expanded scope of products and the addition of legal “safe-harbor” terms aiming to protect bounty hunters. The web-based hosting service announced Tuesday that its program, first launched in 2014, will no longer have a maximum...

8.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/01/28 5:43 p.m.60 views

Dailymotion Fights Ongoing Credential-Stuffing Attack

Dailymotion, the video-sharing platform, said Friday that it had fallen victim to a “large-scale” and ongoing credential-stuffing assault by attackers looking to harvest user data. The French YouTube competitor said in an alert that it has “successfully contained the attacks following the...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/01/14 10:22 p.m.60 views

Popular Web-Hosting Platform Bluehost Riddled with Flaws

UPDATE A researcher has uncovered several one-click client-side vulnerabilities in the popular Bluehost web hosting platform. These would allow cybercriminals to easily carry out complete account takeover, according to the analysis. Bluehost has acknowledged the issue, and told Threatpost, “We ar...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/09/11 2:52 p.m.60 views

Adobe Patches Six Critical Flaws in ColdFusion

Adobe has released patches fixing six critical vulnerabilities in its ColdFusion product that could lead to arbitrary code-execution. The flaws impact Adobe’s ColdFusion product, which is the company’s commercial web application development platform. Impacted are the 2016 Update 6 and earlier...

10CVSS2.1AI score0.9995EPSS
Exploits12References7
ThreatPost
ThreatPost
added 2017/10/09 9:0 a.m.60 views

NFL Players and Agents Targeted in Database Extortion Attempt

A misconfigured database containing records belonging to 1,133 National Football League players and their agents was exposed via an unsecured Elasticsearch server. The database belongs to the NFL Players Association and includes the home address, phone numbers and IP addresses for hundreds of...

7.5CVSS9.5AI score0.99906EPSS
Exploits19References5
ThreatPost
ThreatPost
added 2017/07/20 2:8 p.m.60 views

Apple Patches 'BroadPwn' Bug in iOS 10.3.3

Apple released iOS 10.3.3 Wednesday, which serves as a cumulative update that includes patches for multiple vulnerabilities including the high-profile BroadPwn bug that allowed an attacker to seize control of a targeted iOS device. BroadPwn was revealed earlier this month as a flaw in Broadcom...

9.3CVSS9.2AI score0.47537EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2017/03/30 2:50 p.m.60 views

New Mirai Variant Roars into Action With 54 Hour DDoS Attacks

A variant of the Mirai malware pummeled a U.S. college last month with a marathon 54-hour long attack. Researchers say this latest Mirai variant is a more potent version of the notorious Mirai malware that made headlines in October, targeting DNS provider Dyn and the Krebs on Security website. Th...

10CVSS0.7AI score0.89294EPSS
Exploits62References3
ThreatPost
ThreatPost
added 2016/12/08 9:15 a.m.60 views

Old Linux Kernel Code Execution Bug Patched

A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip...

7.2CVSS0.5AI score0.11127EPSS
Exploits16References6
ThreatPost
ThreatPost
added 2016/04/12 2:30 p.m.60 views

Badlock Windows, Samba Man-in-the-Middle Vulnerability

Weeks of anxiety and concern over the Badlock vulnerability ended today with an anticlimactic thud. Badlock was the security boogeyman since the appearance three weeks ago of a website and logo branding the bug as something serious in Samba, an open source implementation of the server message blo...

6.8CVSS0.3693EPSS
Exploits0References14
ThreatPost
ThreatPost
added 2014/06/05 9:30 a.m.60 views

New OpenSSL MITM Flaw Affects All Clients, Some Server Versions

There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers. The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software. The new vulnerability...

6.8CVSS0.2AI score0.95326EPSS
Exploits9References4
ThreatPost
ThreatPost
added 2014/03/06 2:44 p.m.60 views

Microsoft to Patch IE 10 Zero Day March 2014 Patch Tuesday

Microsoft will patch a lingering zero-day vulnerability in Internet Explorer next Tuesday, one of five bulletins it will release as part of its March 2014 Patch Tuesday security updates. The IE 10 zero-day was disclosed close to a month ago when researchers at FireEye reported on Operation SnowMa...

9.3CVSS0.99945EPSS
Exploits56References5
ThreatPost
ThreatPost
added 2012/12/05 4:15 p.m.60 views

Six Security Flaws Fixed in BIND 9.9.2

A new version of the BIND DNS server software is available, fixing six security vulnerabilities and a long list of other bugs. BIND 9.9.2-P1 is mainly a security update and most of the issues it fixes are crashes and not remote code execution flaws. BIND is the overwhelming leader in market share...

8.5CVSS0.7AI score0.36798EPSS
Exploits3References2
ThreatPost
ThreatPost
added 2011/12/06 7:30 p.m.60 views

Adobe Warns of Critical Zero-Day Flaw in Reader and Acrobat

Adobe is warning users about a critical vulnerability in its Reader and Acrobat applications that could lead to remote code execution. There are reports that attackers already are using the Reader bug in targeted attacks, and Adobe said it plans to have a patch ready by next week. Adobe security...

10CVSS1.9AI score0.86238EPSS
Exploits11References3
ThreatPost
ThreatPost
added 2011/09/23 3:14 p.m.60 views

Microsoft Defends Secure Boot in Windows 8

Microsoft officials are seeking to assuage concerns that its implementation of UEFI in Windows 8 will prevent users from loading non-Microsoft operating systems or applications on their machines. Despite concerns raised by security researchers and open-source advocates about vendor lock-in and...

9.3CVSS1AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2022/08/11 12:51 p.m.59 views

Cisco Confirms Network Breach Via Hacked Employee Google Account

Cisco Systems revealed details of a May hack by the Yanluowang ransomware group that leveraged a compromised employee’s Google account. The networking giant is calling the attack a “potential compromise” in a Wednesday post by the company’s own Cisco Talos threat research arm. “During the...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2022/07/07 11:31 a.m.59 views

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol

The popular protocol for radio controlled RC aircraft called ExpressLRS can be hacked in only a few steps, according to a bulletin published last week. ExpressLRS is an open-source long range radio link for RC applications, such as first-person view FPV drones. “Designed to be the best FPV Racing...

6.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/04/20 12:12 p.m.59 views

Google: 2021 was a Banner Year for Exploited 0-Day Bugs

Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the team of security researchers has been keeping tabs. In a year-in-review report on the number instances a zero-day bug has been exploited in the wild, researchers noted the number a twofold...

8.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/03/22 4:31 p.m.59 views

Russia Lays Groundwork for Cyberattacks on U.S. Infrastructure

The Russian government is exploring “options for potential cyberattacks” on critical infrastructure in the U.S., the White House warned on Monday, in retaliation for sanctions and other punishments as the war in Ukraine grinds on. Officials said that its latest intelligence shows cyber-related...

8.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2022/01/14 2:7 p.m.59 views

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Researchers have discovered three WordPress plug-ins with the same vulnerability that allows an attacker to update arbitrary site options on a vulnerable site and completely take it over. Exploiting the flaw does require some action from the site administrator, however. On Nov. 5, 2021, the...

9.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/12/23 3:0 p.m.59 views

‘Spider-Man: No Way Home’ Download Installs Cryptominer

Global buzz around the release of Spider-Man: No Way Home is making tons of online noise – an ideal environment for cybercriminals to spread a Monero cryptominer disguised as a download of the newly released film. A torrent download of Spider-Man: No Way Home is circulating, infected with a...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/10/15 5:44 p.m.59 views

Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

The St. Louis Post-Dispatch newspaper recently found a huge security blunder: The Missouri educational agency’s site was displaying 100,000+ clearly visible Social-Security numbers for school teachers, administrators and counselors in its HTML source code. The newspaper verified its findings with...

6.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/08/31 8:12 p.m.59 views

Proxyware Services Open Orgs to Abuse – Report

Services that allow consumers to resell their own internet bandwidth for profit to businesses that want to resell it are ripe for abuse, according to researchers. The burgeoning business model is growing in popularity with consumers who earn about $1 for every 10GB of their bandwidth shared with...

7.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/06/24 1:14 p.m.59 views

Tulsa’s Police-Citation Data Leaked by Conti Gang

The city of Tulsa, OK is asking some of its residents to keep a close eye on their personal and financial accounts after the Conti ransomware group leaked some 18,000 city files, mostly police citations, on the dark web. The leak stemmed from a May 6 ransomware attack that caused the city to shut...

6.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/14 3:12 p.m.59 views

Volkswagen Vendor Exposed Data of 3.3m Drivers

One of Volkswagen’s vendors left one of its systems open for nearly two years, exposing the personal data of 3.3 million customers – nearly all of them owners or wannabe owners of the automaker’s luxury brand of Audis – Volkswagen America said last week. The breach took place between August 2019...

6.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/10 4:26 p.m.59 views

Microsoft: Big Cryptomining Attacks Hit Kubeflow

Microsoft has spotted a new, widespread, ongoing attack targeting Kubernetes clusters running Kubeflow instances, in order to plant malicious TensorFlow pods that are used to mine for cryptocurrency. The Kubeflow open-source project is a popular framework for running machine learning ML tasks in...

8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/04 8:21 p.m.59 views

Cyberattack Suspected in Cox TV and Radio Outages

A reported ransomware attack on Cox Media Group CMG has crippled streaming and other internal operations of dozens of radio and television stations scattered across America’s 20 broadcast markets. CMG has won’t comment on the reported attack and hasn’t responded to a request for comment. A member...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/05/20 8:45 p.m.59 views

100M Android Users Hit By Rampant Cloud Leaks

More than 100 million Android users are at risk after 23 different mobile apps were found to leak personal data in the wake of rampant cloud misconfigurations. That’s according to Check Point Research, whose researchers found that emails, chat messages, location data, passwords, photos, personal...

7.3AI score
Exploits0References6
Total number of security vulnerabilities5000