Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/03/05 8:35 p.m.59 views

WordPress Injection Anchors Widespread Malware Campaign

The downloader malware known as Gootloader is poisoning websites globally as part of an extensive drive-by and watering-hole cybercampaign that abuses WordPress sites by injecting them with hundreds of pages of fake content. The adversaries have so far delivered the Cobalt Strike intrusion tool,...

0.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/01/25 9:8 p.m.59 views

2.28M MeetMindful Daters Compromised in Data Breach

More than 2.28 million members of the online dating site MeetMindful have reportedly been caught up in a wide-ranging data breach that exposes everything from Facebook tokens to physical characteristics. The ShinyHunters hacking group has stolen and published the personally identifiable PII data ...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/01/22 6:35 p.m.59 views

Discord-Stealing Malware Invades npm Packages

Three malicious software packages have been published to npm, a code repository for JavaScript developers to share and reuse code blocks. The packages represent a supply-chain threat given that they may be used as building blocks in various web applications; any applications corrupted by the code...

0.00836EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2021/01/01 11:0 a.m.59 views

Inbox Attacks: The Miserable Year (2020) That Was

Purging your inbox has become a year-end tradition for many. A short hiatus for the holidays often provides a quiet moment to flush the previous year’s mountain of spam. And, from the looks of our 2020 inbox, years of herculean efforts to harden email defenses have fallen short. The most-targeted...

7.4AI score
Exploits0References17
ThreatPost
ThreatPost
added 2020/12/15 9:29 p.m.59 views

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices. First discovered in a round of late-October attacks that targeted Linux-based servers and internet-of-things IoT...

10CVSS0.1AI score0.8774EPSS
Exploits4References5
ThreatPost
ThreatPost
added 2020/12/14 7:8 p.m.59 views

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report

The U.S. Department of Homeland Security DHS, plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were caught up in the attack, FireEye said, which was carried...

Exploits0References14
ThreatPost
ThreatPost
added 2020/12/08 10:8 p.m.59 views

FireEye Cyberattack Compromises Red-Team Security Tools

Cybersecurity firm FireEye has been hit in what CEO Kevin Mandia described as a highly targeted cyberattack. The attacker targeted and was able to access certain Red Team assessment tools that the company uses to test its customers’ security. Mandia on Tuesday said that based on the techniques an...

0.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/11/04 10:42 p.m.59 views

Mysterious APT Leaves Curious ‘KilllSomeOne’ Clue

Researchers are scratching their heads when it comes to unmasking a new advanced persistent threat APT group targeting non-governmental organizations in the Southeast Asian nation Myanmar formerly Burma. Based on crude messages, such as “KilllSomeOne”, used in attack code strings, coupled with...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/10/23 9:26 p.m.59 views

U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware

The Trump administration sanctioned a Russia government research institution on Friday claiming it was behind a series of cyberattacks using the highly destructive Triton malware. The Department of the Treasury’s Office of Foreign Assets Control OFAC said the Triton malware had been used in vario...

1.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/10/06 5:39 p.m.59 views

Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack

Boom! Mobile’s U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said. Boom! is a wireless provider that resells mobile phone plans from Verizon, AT&T and T-Mobile USA, under its own brand and with its own perks the...

8.3AI score0.0552EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2020/09/22 3:14 p.m.59 views

Firefox 81 Release Kills High-Severity Code-Execution Bugs

Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code. Two severe bugs CVE-2020-15674 and CVE-2020-15673 are errors in the browser’s memory-safety protections, which prevent memory access...

6.8CVSS0.4AI score0.01961EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2020/08/05 10:32 p.m.59 views

Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs

A stack of Linux backdoor malware used for espionage, compiled dynamically and customizable to specific targets, is being used as a shared resource by five different Chinese-language APT groups, according to researchers. According to an analysis from BlackBerry released at Black Hat 2020 on...

Exploits0References10
ThreatPost
ThreatPost
added 2020/05/18 7:31 p.m.59 views

ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims

A relatively new ransomware, ProLock, has paired up with the QakBot banking trojan to access victims’ networks. ProLock’s leveraging of QakBot gives it bolstered persistence, anti-detection and credential-dumping techniques. ProLock ransomware first emerged in March as a successor to another rece...

0.2AI score
Exploits0References29
ThreatPost
ThreatPost
added 2020/05/05 2:17 p.m.59 views

Google Android RCE Bug Allows Attacker Full Device Access

Google has patched a vulnerability in its Android OS that could allow attackers to completely take over someone’s device to install programs, steal or change data, or create new accounts with full privileges. The flaw CVE-2020-0103 was one of 39 vulnerabilities affecting Android OS builds that us...

10CVSS8.8AI score0.01608EPSS
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/17 12:16 p.m.59 views

Activities of a Nigerian Cybercriminal Uncovered

Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/03/10 9:58 p.m.59 views

Critical Bugs in Rockwell, Johnson Controls ICS Gear

Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...

10CVSS8.5AI score0.04226EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2019/12/11 8:38 p.m.59 views

Serious Security Flaws Found in Children's Connected Toys

Various connected toys for children – hot off the shelves from this holiday shopping season – have been found with deep-rooted security issues, including missing authentication for device pairing and a lack of encryption for connected online accounts. The research, formed by a partnership between...

8.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/19 8:9 p.m.59 views

Google Discloses Android Camera Hijack Hack

Researchers have disclosed a high-severity issue that could allow attackers to hijack the Google Camera App, the built-in smartphone camera for Android phones. The issue was fixed for Google-manufactured phones in July – but Google said patches are still rolling out to smartphones in the broader...

6.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/14 5:13 p.m.59 views

Just-Released Checkra1n iPhone Jailbreak Stirs Security Concerns

With the checkra1n iPhone jailbreak now available, security experts are urging mobile-device managers to keep on their toes as the powerful new tool becomes available to hackers and iPhone users who may recklessly use it. Jailbreaking is the process of hacking these devices to bypass DRM...

0.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/10/23 7:18 p.m.59 views

Bedside Hotel Robot Hacked to Stream In-Room Video

A Japanese hotel chain called “Henn na” that uses robots in lieu of human staff is wrestling with bedside bots that researchers hacked to view video footage from guest rooms. The chain’s parent, HIS Group, owns 10 locations throughout Japan that leverage robots with facial recognition capability...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/10/15 9:1 p.m.59 views

On-Board 'Mystery Boxes' Threaten Global Shipping Vessels

Commercial shipping environments are rife with vulnerabilities, according to researchers – up to and including unpatched “mystery boxes” that no one knows anything about. “In every single nautical pen test to date we have unearthed a system or device, that of the few crew that were aware, no one...

Exploits0References6
ThreatPost
ThreatPost
added 2019/08/20 3:9 p.m.59 views

Adwind Spyware-as-a-Service Attacks Utility Grid Operators

A phishing campaign that spoofs a PDF attachment to deliver Adwind spyware has been taking aim at national grid utilities infrastructure. Adwind, a.k.a. JRAT or SockRat, is being used in a malware-as-a-service model in this campaign, researchers said. It offers a full cadre of info-gathering...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/16 2:57 p.m.59 views

JetBlue Bomb Scare Set Off with Apple AirDrop

The feature in Apple mobile devices that allows people to send photos to nearby phones via Bluetooth is at the heart of a terrorism scare on a JetBlue flight over the weekend. According to the New York Daily News, a prankster sent a photo of a suicide vest to everyone who had an Apple device on t...

6.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/01 3:7 p.m.59 views

Dating App Jack'd Fined After Leaking Users' Nude Pics

LGBTQ dating app Jack’d must cough up a $240,000 fine and “make substantial changes to improve security” on the heels of a security faux pas that leaked the private data – including nude photos – of thousands of its users. Jack’d is a popular location-based app that caters to gay and bisexual men...

6.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/06/03 9:1 a.m.59 views

5G Security Challenges: A Vendor's POV

How are vendors preparing themselves for the onslaught of 5G networks from a security standpoint? When it comes to 5G there are a slew of use cases being utilized at the bleeding edge – from smart factories to IoT – but these are also opening up security risks. At the GSMA Mobile 360 Security for...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/04/01 8:15 p.m.59 views

March Madness Scams Give Attackers Fast Break

With the 2019 NCAA tournament’s Final Four around the corner, researchers are urging viewers to be wary of a slew of March Madness-related phishing attacks, adware installers and other security threats. While security concerns regarding popular sporting events – from the World Cup to the Super Bo...

6.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/26 3:35 p.m.59 views

ASUS Patches Live Update Bug That Allowed APT to Infect Thousands of PCs

ASUS has expedited a patch for a major bug impacting thousands of PCs that allowed an advanced persistent threat group to launch a supply-chain attack dubbed “Operation ShadowHammer.” The vulnerability targeted a range of new ASUS PCs with a backdoor injection technique tied to the PC-maker’s...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/03/25 6:30 p.m.59 views

Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks

A series of both unauthenticated and authenticated remote code-execution vulnerabilities have been uncovered in a variety of Grandstream products for small to medium-sized businesses, including audio and video conferencing units, IP video phones, routers and IP PBXs. Affected Products According t...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/03/21 9:47 p.m.59 views

Wordpress Plugin Patched After Zero Day Discovered

UPDATE A popular WordPress plugin is urging users to update as soon as possible after it patched a vulnerability that was being exploited in the wild. If users cannot update, developers recommended they disable the plugin. The plugin, Social Warfare, lets users add social media sharing buttons to...

0.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/03/08 9:25 p.m.59 views

RSA Conference 2019: Operational Technology Widens Supply Chain Attack Surfaces

SAN FRANCISCO – Today’s supply chain has evolved, with operational technology OT used in factories increasingly becoming connected and converging with IT systems — introducing new attack vectors. This new reality is vital for companies to understand in the context of risk, according to Dawn...

0.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/02/27 4:42 p.m.59 views

Cisco Patches High-Severity Webex Vulnerability For Third Time

Cisco Systems is hoping three times is a charm. The networking giant has issued a third patch for a stubborn high-severity flaw in its Webex Meetings platform after researchers once again discovered a way to bypass the previous fix. The privilege elevation vulnerability CVE-2019-1674 exists in th...

9CVSS1.3AI score0.10759EPSS
Exploits5References5
ThreatPost
ThreatPost
added 2019/02/27 12:30 p.m.59 views

RSAC 2019: Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks

The notorious Chinese-linked threat group, dubbed Bronze Union, has been spotted in a widespread 2018 campaign updating its arsenal of cyberweapons by breathing new life into old tools. The threat group was spotted in 2018 using updated source code to target data owned by political, technology,...

7.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/02/20 8:10 p.m.59 views

Apple's Shazam App Boots Facebook Ads and Other Third-Party SDKs

Shazam, the handy app that uses audio recognition to tell you what song is playing over any given set of speakers, has reportedly eliminated all third-party software developer kits SDKs in its iOS version except for one: HockeyApp. Apple, which bought the startup for $400 million last year, has...

6.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/01/30 8:41 p.m.59 views

Attackers Can Track Kids' Locations via Connected Watches

Despite ongoing warnings about connected watches and toys endangering kids’ privacy and potentially their physical safety, makers of these Internet of Things gadgets continue to turn out products that do just that. The latest concern is a gamut of kids’ GPS-tracking watches, which were found to b...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/11 2:19 p.m.59 views

Fake Adobe Flash Updates Hide Malicious Crypto Miners

While fake Flash updates that push malware have traditionally been easy to spot and avoid, a new campaign has employed new tricks that stealthily download cryptocurrency miners on Windows systems. To the average user, the newly discovered samples, which have been active as early as August, seem...

1.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/04/26 7:33 p.m.59 views

Rubella Crimeware Kit: Cheap, Easy and Gaining Traction

A crimeware kit dubbed the Rubella Macro Builder is betting on a “dirty deeds done dirt cheap” approach to gain popularity in the criminal underground. The kit does two things: with a point-and-click builder functionality, it generates an initial malware payload for social-engineering spam...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2017/11/15 1:11 p.m.59 views

Microsoft Patches 17-Year-Old Office Bug

Microsoft on Tuesday patched a 17-year-old remote code execution bug found in an Office executable called Microsoft Equation Editor. The vulnerability CVE-2017-11882 was patched as part of Microsoft’s November Patch Tuesday release of 53 fixes. While Microsoft rates the vulnerability only as...

9.3CVSS9.1AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2017/10/25 2:33 p.m.59 views

Hackers Prepping IOTroop Botnet with Exploits

Hackers moved one step closer to launching full-scale DDoS attacks using millions of IoT devices herded into the botnet known as Reaper or IOTroop. Researchers at NewSky Security warn that hackers are swapping scripts on forums that can scan the internet for vulnerable IoT devices and dump defaul...

7.5CVSS9.9AI score0.18005EPSS
Exploits4References6
ThreatPost
ThreatPost
added 2017/05/25 12:20 p.m.59 views

Samba Patches Critical Bug Exploitable With One Line Of Code

A patch for a critical vulnerability impacting the free networking software Samba was issued Wednesday. The flaw poses a severe threat to users, with approximately 104,000 Samba installations vulnerable to remote takeover. More troubling, experts say, the vulnerability can be exploited with just...

10CVSS0.1AI score0.99448EPSS
Exploits24References6
ThreatPost
ThreatPost
added 2016/11/07 1:50 p.m.59 views

Microsoft Tears off the Band-Aid with EMET

Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit EMET. But for some time, the once-useful tool has been well on its way out to pasture. While EMET was never meant to be anything more than stopgap...

9.3CVSS0.9AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2015/03/12 3:57 p.m.59 views

CryptoLocker Variant Coming After Gamers

Gamers may soon be feeling the pain of crypto-ransomware. A variant of CryptoLocker is in the wild that goes after data files associated with 20 different online games, locking downloadable content in an attempt to target younger computer users. Researchers at Bromium today said an unnamed...

10CVSS1.3AI score0.8582EPSS
Exploits14References1
ThreatPost
ThreatPost
added 2015/02/12 11:28 a.m.59 views

Windows Kernel-Mode Driver Flaw Exploitable With One Bit

The vulnerabilities addressed in this month’s Patch Tuesday security bulletins from Microsoft have been a mashup of critical bugs affecting most supported versions of Windows and Internet Explorer that could pave the way for attackers to gain complete control of affected systems. Sounds like most...

9.3CVSS0.9AI score0.99945EPSS
Exploits37References5
ThreatPost
ThreatPost
added 2014/09/04 3:7 p.m.59 views

September 2014 Microsoft Patch Tuesday advance notification

Microsoft today announced a relatively light load of patches will be delivered on Patch Tuesday next week, along with some numbers that demonstrate public vulnerability disclosures continue to rise. Four security bulletins, one rated critical, are scheduled to be released next Tuesday. In what’s...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2013/05/21 2:40 p.m.59 views

IE 8 0Day in Sunshop Targeted Espionage Malware Campaign

Lady Boyle seems to have an admirer. Malware named after a character in the Dishonored video game continues to pop up in targeted attacks against a number of high profile military and socially motivated websites. The latest surfaced about 10 days ago in an attack researchers at FireEye are callin...

10CVSS0.3AI score0.86151EPSS
Exploits27References7
ThreatPost
ThreatPost
added 2013/02/19 8:43 p.m.59 views

Researchers Uncover Polymorphic AutoRun Worm

W32/Autorun.worm.aaeb-h is an evolved, virtual machine-aware AutoRun worm that makes use of obfuscation and polymorphic techniques in order to evade detection and infect removable media and mounted network shares, according to McAfee. Researchers have seen an increase in samples for the year-old...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/01/14 4:40 p.m.59 views

Emergency Zero-Day Patch Does Not Quiet Calls to Disable Java

Oracle’s emergency Java update this weekend for a zero-day sandbox bypass vulnerability hasn’t exactly kicked off a love-fest for the company among security experts. Researchers are still cautious about recommending users re-enable the ubiquitous software, despite the availability of the fix for...

10CVSS0.1AI score0.97612EPSS
Exploits38References9
ThreatPost
ThreatPost
added 2012/07/26 9:23 p.m.59 views

From Three Nations and Three Different Perspectives, Blue Hat Finalists Focus on Defense

By Rob Lemos LAS VEGAS — If Jared DeMott hadn’t been eager to take a different path, he would never be in security, much less a finalist in Microsoft’s search for defensive technologies, known as the Blue Hat Prize.Raised in a manufacturing town, he was accepted to the Air Force Academy in 1996,...

9.3CVSS0.5AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2012/05/09 2:32 p.m.59 views

Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw

For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. The vulnerability...

7.5CVSS1.4AI score0.99998EPSS
Exploits49References5
ThreatPost
ThreatPost
added 2011/12/13 7:14 p.m.59 views

Google Fixes 15 Flaws in Chrome

Google has fixed 15 security vulnerabilities in its Chrome browser, including six high-risk bugs. As part of its reward program, Google paid out $6,000 in rewards to researchers who reported flaws. This is one of the larger groups of bug fixes that Google has included in recent releases of Chrome...

7.5CVSS0.8AI score0.01697EPSS
Exploits0References18
ThreatPost
ThreatPost
added 2011/10/17 8:31 p.m.59 views

Attorney General: Massachusetts Won't Investigate iTunes Fraud

It looks as if Apple iTunes users who have been the victim of identity theft will have to look for a new knight in shining armor to wring answers from the notoriously close-lipped Cupertino technology giant. The Massachusetts Attorney General’s Office said on Monday that it isn’t planning to...

6.7AI score
Exploits0References6
Total number of security vulnerabilities5000