Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2022/02/01 2:0 p.m.58 views

Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities

Living-off-the-land binaries LOLBins are no joke: Cyberattackers have been increasingly making use of them to hide their malicious work from security solutions. It’s time for threat hunters and IT security staff to familiarize themselves with how these are used in the attack chains of some of the...

8.6AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/08/20 9:11 p.m.58 views

Web Censorship Systems Can Facilitate Massive DDoS Attacks

Researchers are warning internet censorship systems are ripe for abuse by a new type of distributed denial of service DDoS attack. The potential for abuse is concerning, researchers say, because attacks would take advantage of a type of reflection and amplification, which would be “extremely...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/08/17 2:46 p.m.58 views

Terrorist Watchlist Exposed Online with Nearly 1.9M Records

A researcher has revealed the discovery of a federal terrorist watchlist that includes 1.9 million records, which were available online without any security protections. The data remained exposed for three more weeks even after the Department of Homeland Security DHS was informed about it...

6.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/19 3:56 p.m.58 views

Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections

Israeli-based NSO Group is being blasted in a groundbreaking report that alleges that the company’s controversial Pegasus malware is being used to target activists, journalists, business executives and politicians on a widespread level, using a variety of exploits — including a zero-click zero-da...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/07/14 7:37 p.m.58 views

Cryptominer Farm Rigged with 3,800 PS4s Busted in Ukraine

Authorities in Ukraine have made another cybersecurity bust — this time shutting down what they said is one of the largest underground cryptomining operations ever found. The ring was apparently run by stringing together 3,800 Sony PlayStation 4 PS4 gaming consoles. Cryptominers serve as auditors...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/07/07 5:46 p.m.58 views

MacOS Targeted in WildPressure APT Malware Campaign

Threat actors known as WildPressure have added a macOS malware variant to their latest campaign targeting energy sector businesses, while enlisting compromised WordPress websites to carry out attacks. Novel malware, initially identified in March 2020 and dubbed Milum, has now been retooled with a...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/06/22 7:27 p.m.58 views

Cryptominers Slither into Python Projects in Supply-Chain Campaign

A group of cryptominers was found to have infiltrated the Python Package Index PyPI, which is a repository of software code created in the Python programming language. Similar to other repositories like GitHub, npm and RubyGems, PyPI is part of the software supply chain. It offers a place where...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/06/11 2:23 p.m.58 views

Monumental Supply-Chain Attack on Airlines Traced to State Actor

A monster cyberattack on SITA, a global IT provider for 90 percent of the world’s airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history. The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentiall...

0.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/06/09 5:24 p.m.58 views

Mysterious Custom Malware Collects Billions of Stolen Data Points

Researchers have uncovered a 1.2-terabyte database of stolen data, lifted from 3.2 million Windows-based computers over the course of two years by an unknown, custom malware. The heisted info includes 6.6 million files and 26 million credentials, and 2 billion web login cookies – with 400 million...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/03/15 8:11 p.m.58 views

Cybersecurity Bug-Hunting Sparks Enterprise Confidence

Nearly three-quarters of IT security professionals 73 percent surveyed say they prefer to buy technology and services from vendors who are proactive about security, including leveraging ethical hacking and having transparent communications about vulnerabilities. But less than half of vendors...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/02/23 7:59 p.m.58 views

Daycare Webcam Service Exposes 12,000 User Accounts

NurseryCam, a webcam service used across 40 daycare centers in the U.K. by parents who want to keep a watchful eye on their babies, has shut down following a data breach. The breach exposed the personal data of about 12,000 users to an attacker who said he or she was trying to improve the service...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/01/21 7:42 p.m.58 views

SQL Server Malware Tied to Iranian Software Firm, Researchers Allege

Researchers have made new discoveries surrounding the source of a previously-uncovered cryptomining operation that has targeted internet-facing database servers. The campaign, dubbed MrbMiner, was discovered in September 2020 downloading and installing a cryptominer on thousands of SQL servers...

8.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/11/26 2:0 p.m.58 views

Changing Employee Security Behavior Takes More Than Simple Awareness

Security awareness rarely leads to sustained behavior change on its own, according to a recent analysis – meaning that organizations need to proactively develop a robust “human-centered” security program to reduce the number of security incidents associated with poor security behavior. According ...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/11/17 1:23 p.m.58 views

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs. They say it is a liability that can be exploited by threat actors to bypass firewalls and give them access to people’s systems and expose...

6.4AI score
Exploits0References24
ThreatPost
ThreatPost
added 2020/10/27 9:43 p.m.58 views

Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe

More than 100 smart-irrigation systems deployed across the globe were installed without changing the factory’s default, passwordless setting, leaving them vulnerable to malicious attacks, according to recent findings from Israeli security research firm Security Joes. The researchers immediately...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/10/01 8:42 p.m.58 views

QR Codes: A Sneaky Security Threat

If it seems like QR codes have popped up everywhere these days, you’re right. Ever since they were first used by the Japanese auto industry to streamline manufacturing processes, companies everywhere have capitalized on the benefits of QR codes. They’re cheap to deploy and can be applied to almos...

7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/08/31 3:47 p.m.58 views

Stolen Fortnite Accounts Earn Hackers Millions Per Year

UPDATE Hackers are scoring more than a million dollars annually selling compromised accounts for the popular Fortnite video game in underground forums. With Fortnite’s immense popularity skyrocketing over the past few years – it currently has more than 350 million global players – the game is a...

7.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/06/01 2:37 p.m.58 views

Hosting Provider's Database of Crooked Customers Leaked

A hacker has leaked online the database of the largest free hosting service popular with cybercriminals, the result of a breach that took down the service earlier this year, according to a published report. A hacker going by the online name of “KingNull” uploaded on a file-hosting site a database...

0.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/04/29 4:45 p.m.58 views

ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel

Bad bots, bad bots, whatcha gonna do? Target e-commerce, the travel industry, media and online marketplaces, that’s what. Those are the top four verticals attacked by bots in the last year, according to data released on Wednesday from Radware, with e-commerce accounting for the most activity. In...

6.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/03/24 7:16 p.m.58 views

WHO Targeted in Espionage Attempt, COVID-19 Cyberattacks Spike

The World Health Organization WHO has attracted the notice of cybercriminals as the worldwide COVID-19 pandemic continues to play out, with a doubling of attacks recently, according to officials there. Problematically, evidence has also now apparently surfaced that the DarkHotel APT group has tri...

0.6AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/03/16 5:16 p.m.58 views

Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges

Microsoft Edge is one of the least private web browsers — even more so than other popular browsers like Google Chrome and Mozilla Firefox — according to academic researchers. According to the analysis, from Douglas Leith with the School of Computer Science and Statistics at Trinity College in...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/24 5:37 p.m.58 views

New Bill Proposes NSA Surveillance Reforms

A newly-introduced bill is proposing sweeping privacy reforms to a controversial government surveillance program, which has been previously used by the National Security Agency NSA to vacuum up the call records of millions of Americans. The “Safeguarding Americans’ Private Records Act” was...

6.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/19 7:53 p.m.58 views

McDonalds-Themed Facebook Ads Serve Up Banking Trojans

The Mispadu banking trojan is using a McDonalds malvertising tactic to ultimately steal payment-card data and online banking information. Written in Delphi, Mispadu targets Brazil and Mexico, uses pop-up windows and contains backdoor functionality. According to researchers at ESET, Mispadu spread...

0.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/07/23 6:36 p.m.58 views

Malware Loader ‘Brushaloader’ Grows More Menacing

The tenacious loader malware called Brushaloader is growing more menacing, showing no signs of abatement despite best efforts by security professionals. First identified in June 2018, the Brushaloader malware is now more pervasive, stealthy and growing in popularity faster than ever before. New...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/04/24 1:0 p.m.58 views

Latest Qbot Variant Evades Detection, Infects Thousands

Qbot, an information-stealing trojan that has been around for 10 years, has resurfaced again with a new phishing-based infection technique that is able to evade anti-spam defenses. Varonis Security Research spotted the fresh global Qbot campaign in March. Researchers said they have positively...

0.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/04/04 1:26 p.m.58 views

Free Cynet Threat Assessment for Mid-sized and Large Organizations

If you cannot see what’s happening in your network, your ability to make smart security decisions will suffer. Many vendors offer threat assessment options, but they usually require an investment of time and resources. One vendor out there – Cynet – is offering a no-cost threat assessment to...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/03/05 9:0 p.m.58 views

RSA Conference 2019: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts

SAN FRANCISCO – A Nigeria-based scammer gang dubbed “Scarlet Widow” has been launching email fraud attacks against thousands of targets – including universities, the Salvation Army, and Boy Scouts of America. Researchers with Agari detailed the attack during an RSA Conference session on Tuesday...

6.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/10/12 2:19 p.m.58 views

Facebook Bans More Than 800 Accounts in Disinformation Purge

Facebook on Thursday announced it has removed hundreds of pages and accounts as the company cracks down on spam. The move comes at a time when Facebook is under intense scrutiny about how it handles misinformation, particularly as the U.S. midterm elections draw near. The company said it has...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2017/11/28 12:40 p.m.58 views

Google Detects and Boots Tizi Spyware Off Google Play

The Google Play Protect team said it identified a new strain of Android spyware called Tizi found inside several apps previously available via the Google Play marketplace. The recent discovery triggered a wider investigation by Google who said apps infected by the Tizi malware date back to 2015...

7.2CVSS0.1AI score0.37233EPSS
Exploits18References7
ThreatPost
ThreatPost
added 2016/05/03 2:1 p.m.58 views

Linux Foundation Badge Program Boost Open Source Security

The Linux Foundation says a new Core Infrastructure Initiative CII Best Practices Badge program launched Tuesday will help companies interested in adopting open source technologies evaluate projects based on security, quality and stability. The CII Best Practices Badge does not issue certificates...

6.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2015/09/09 3:3 p.m.58 views

FTC, Experts Push Startups to Think About Security From the Beginning

About a decade ago, many large software makers learned some very difficult lessons about software security and building security into their products from the start. Some are still learning. The FTC and a variety of security experts are hoping that today’s crop of start-ups will not have to go...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2014/03/24 3:20 p.m.58 views

Microsoft Advisory Warns of Word Zero-Day Attacks

Targeted attacks have been spotted against a zero-day vulnerability in Microsoft Word 2010, leading Microsoft to issue a special security advisory and produce a Fix-it solution for users until a patch is ready. Microsoft also said that its Enhanced Mitigation Experience Toolkit EMET is a temporar...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2011/11/30 7:39 p.m.58 views

Java Still a Favorite Target of Attackers

Java has become virtually unavoidable in the last few years, and it’s installed on hundreds of millions of PCs around the world. A huge number of those installations are vulnerable versions of Java, and this fact has not escaped the attention of attackers, who have made the technology one of thei...

10CVSS0.9AI score0.96319EPSS
Exploits24References3
ThreatPost
ThreatPost
added 2011/10/05 1:11 p.m.58 views

ExploitHub Offering Bounties – And Residuals – for Exploits

NSS Labs’ announced today that their penetration-testing site, Exploithub, will be offering bounties to researchers for developing exploits for12 high-value vulnerabilities. Exploithub is putting up $4,400 for working exploits against what the company describes as a “dirty dozen” of client-side...

10CVSS0.5AI score0.86421EPSS
Exploits30References2
ThreatPost
ThreatPost
added 2010/03/30 8:30 p.m.58 views

Microsoft Plugs IE Drive-By Download Flaws

Microsoft today shipped a cumulative Internet Explorer update with patches for 10 security holes, including a drive-by download vulnerability that’s already being used in malware attacks. The critical MS08-018 update patches security holes that could lead to code execution attacks on all versions...

9.3CVSS1.5AI score0.82172EPSS
Exploits15References4
ThreatPost
ThreatPost
added 2009/09/23 10:41 p.m.58 views

PBS Website Compromised, Used to Serve Exploits

Some sections of the popular PBS.org Web site have been hijacked by hackers serving up a cocktail of dangerous exploits. According to researchers at Purewire, attempts to access certain PBS Web site pages yielded JavaScript that serves exploits from a malicious domain via an iframe. The malicious...

9.3CVSS8.5AI score0.98482EPSS
Exploits58References8
ThreatPost
ThreatPost
added 2022/08/02 11:2 p.m.57 views

Universities Put Email Users at Cyber Risk

Top U.S. universities are among the worst in the world at protecting users from email fraud, lacking security measures to prevent common threat tactics such as domain spoofing or other types of fraudulent emails, researchers have found. Ninety-seven percent of the top 10 universities in the Unite...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/05/23 12:47 p.m.57 views

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

AUTHOR: Mohit Tiwari, CEO and Co-Founder, Symmetry Systems Compromised credentials and identities, third-party breaches, API attacks, and application exploits are all foundational entry points for today’s hackers. Recent months have brought many high-profile breaches from Samsung and Nvidia to Ok...

6.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2022/04/18 1:0 p.m.57 views

Cyberattackers Put the Pedal to the Medal: Podcast

Cyber-defenders have a lot on their plates: Rapid vulnerability exploitation. Ransomware-apalooza. Botnet infestations on the order never seen in the past. How can IT security teams effectively deal with the escalating volume of threats, especially as those threats become more sophisticated and...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2022/01/24 9:54 p.m.57 views

MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists

Malicious files doctored up to look like legitimate content related to the Israeli-Palestine conflict are being used to target prominent Palestinians, as well as activists and journalists in Turkey, with spyware. That’s according to a disclosure from Zscaler, which attributes the cyberattacks to...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2022/01/14 2:7 p.m.57 views

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Researchers have discovered three WordPress plug-ins with the same vulnerability that allows an attacker to update arbitrary site options on a vulnerable site and completely take it over. Exploiting the flaw does require some action from the site administrator, however. On Nov. 5, 2021, the...

9.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/12/13 6:14 p.m.57 views

Log4Shell Is Spawning Even Nastier Mutations

The internet has a fast-spreading, malignant cancer – otherwise known as the Apache Log4j logging library exploit – that’s been rapidly mutating and attracting swarms of attackers since it was publicly disclosed last week. Most of the attacks focus on cryptocurrency mining done on victims’ dimes,...

10CVSS10AI score0.99999EPSS
Exploits351References52
ThreatPost
ThreatPost
added 2021/08/25 10:48 p.m.57 views

Cisco Issues Critical Fixes for High-End Nexus Gear

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity. The most serious of the bugs patched by Cisco rated 9.1 out of 10 could allow a remote and unauthenticated adversary to read or write arbitra...

9.1CVSS7.7AI score0.02453EPSS
Exploits0References12
ThreatPost
ThreatPost
added 2021/08/10 1:47 p.m.57 views

1M Stolen Credit Cards Hit Dark Web for Free

Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials. Researchers from threat intelligence firm Cyble noticed the leak of the payment-card data during a...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/07/26 1:0 p.m.57 views

The True Impact of Ransomware Attacks

One of the most damaging myths about ransomware attacks is, “If your company does regular system backups, you don’t have to worry. Just restore from the backup.” While system backups are crucial — power outages, natural disasters, or even mistakes by employees can destroy data just as quickly as ...

7.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/06/02 10:58 a.m.57 views

Amazon Sidewalk Poised to Sweep You Into Its Mesh

Tweet On June 8, Amazon, the Web giant with tentacles reaching into every nook and cranny of our lives, is going to stretch those tentacles out further by turning all its gadgets into little cell towers so they can help each other out with little slices of bandwidth. It’s created a new Wi-Fi...

7AI score
Exploits0References17
ThreatPost
ThreatPost
added 2021/05/19 8:16 p.m.57 views

Microsoft, Google Clouds Hijacked for Gobs of Phish

Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. And it’s working. In fact, in the first three months of 2021 alone,...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/04/21 8:49 p.m.57 views

4 Ways Cyberattackers Hunt for Security Bugs

Blue teamers are in constant battle against hackers — faceless adversaries whose persistence can seem unending. But these actors have processes just like corporate operations, even if theirs are bootlegged. Attackers seek the path of least resistance: Gain access with as little effort as possible...

8.1AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/04/21 1:0 p.m.57 views

Swiss Army knife For Information Security: What is Comprehensive Protection?

Written by Sergey Ozhegov, CEO of SearchInform In the early days of information security, we used to rely on antivirus and firewall in our arsenal. Once I even “caught” a leak with the help of the firewall logs: I noticed an atypically large data upload and found out that the user was uploading...

Exploits0References2
ThreatPost
ThreatPost
added 2021/04/07 5:57 p.m.57 views

Crossing the Line: When Cyberattacks Become Acts of War

The Cold War concept isn’t outdated. In the decades since the fall of the Soviet Union, the battleground has simply shifted from conflicts between ideological proxy governments to cyberspace. And the opponents have grown from a few primary nations into a broad range of sovereign threat actors. Th...

0.1AI score
Exploits0References3
Total number of security vulnerabilities5000