Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/03/17 5:4 p.m.57 views

$4,000 COVID-19 'Relief Checks' Cloak Dridex Malware

Cybercriminals have wasted no time in hopping on the American Rescue Plan – the COVID-19 relief legislation just signed into law – as a lure for email-based scams. According to researchers at Cofense, a campaign began circulating in March that capitalized on Americans’ interest in the forthcoming...

6.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/03/10 4:40 p.m.57 views

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails

The TA800 threat group is distributing a malware loader, which researchers call NimzaLoader, via ongoing, highly-targeted spear-phishing emails. While previous Twitter analysis identified this loader as a mere variant of TA800’s existing BazaLoader malware, new research cites evidence that...

7.6AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/03/08 9:20 p.m.57 views

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

Intel processors are vulnerable to a new side-channel attack, which researchers said can allow attackers to steal sensitive information such as encryption keys or passwords. Unlike previous side-channel attacks, this attack does not rely on sharing memory, cache sets and other former tactics...

0.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/03/02 4:54 p.m.57 views

Ryuk Ransomware: Now with Worming Self-Propagation

A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have found. The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems ANSSI. The agency...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/18 2:1 p.m.57 views

SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps

Click to Register A vulnerability in an SDK that allows users to make video calls in apps like eHarmony, Plenty of Fish, MeetMe and Skout allows threat actors to spy on private calls without the user knowing. Researchers discovered the flaw, CVE-2020-25605, in a video-calling SDK from a Santa...

5.5AI score0.06041EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2021/01/13 7:41 p.m.57 views

Critical WordPress-Plugin Bug Found in 'Orbit Fox' Allows Site Takeover

Two vulnerabilities one critical in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website. Orbit Fox is a multi-featured WordPress plugin that works with the Elementor, Beaver Builder and Gutenberg site-buildin...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/11/20 8:17 p.m.57 views

Good Heavens! 10M Impacted in Pray.com Data Exposure

The Christian faith app Pray.com has leaked private data for up to 10 million people, according to researchers. The app offers “daily prayer and Bible stories to inspire, educate and help you sleep” on a subscription basis. Subscriptions run anywhere from $50 to $120. It offers a host of audio...

6.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/10/08 10:0 a.m.57 views

MontysThree APT Takes Unusual Aim at Industrial Targets

SAS@Home 2020 – A series of highly targeted attacks by an APT group called MontysThree against industrial targets has been uncovered, with evidence that the campaign dates back to 2018. That’s according to researchers from Kaspersky, who noted that the group uses a variety of techniques to evade...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/09/17 2:5 p.m.57 views

California Elementary Kids Kicked Off Online Learning by Ransomware

As students head back to the classroom, the spate of ransomware attacks against schools is continuing. The latest is a strike against a California school district that closed down remote learning for 6,000 elementary school students, according to city officials. The cyberattack, against the Newha...

7AI score
Exploits0References17
ThreatPost
ThreatPost
added 2020/08/25 3:28 p.m.57 views

Safari Bug Revealed After Apple Takes Nearly a Year to Patch

A security researcher disclosed details of an Apple Safari web browser security hole that could leak files with other browsers and applications and open the door to exploitation by attackers. The disclosure came only after Apple said it would delay patching the vulnerability for nearly a year. Fo...

7.9AI score0.0552EPSS
Exploits1References14
ThreatPost
ThreatPost
added 2020/06/05 6:38 p.m.57 views

FTC Slams Children’s App Developer for COPPA Violations

Children’s app developer HyperBeard has agreed to pay $150,000 after being accused by the Federal Trade Commission FTC of illegally collecting children’s data without parental consent. HyperBeard‘s website says it’s the largest mobile game developer and publisher in Mexico, with various games suc...

6.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/06/04 12:59 p.m.57 views

Google Faces Privacy Lawsuit Over Tracking Users in Incognito Mode

Google faces a $5 billion class-action lawsuit over claims that it has been collecting people’s browsing information without their knowledge even when using the incognito browsing mode that’s meant to keep their online activities private. The lawsuit, filed in the federal court in San Jose,...

6.8AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/05/21 7:1 p.m.57 views

Long Tail Analysis: A New Hope in the Cybercrime Battle

Our hyper-connected world and its ever-faster network speeds have resulted in mountains of diverse data that needs to be processed. It has also resulted in an ever-expanding attack surface, requiring cybersecurity solutions to scale like never before. These days, scale is about more than traffic...

7.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/05/21 12:0 p.m.57 views

Crooks Tap Google Firebase in Fresh Phishing Tactic

A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways. Google Firebase is a mobile and web application development platfor...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/05/15 7:28 p.m.57 views

News Wrap: Ransomware Extortion Tactics, Contact-Tracing App Security Worries

Threatpost editors discuss the top news stories of the week ended May 15, including: Recent ransomware attacks, including ones targeting healthcare giant Magellan, the IT office that supports Texas appellate courts and judicial agencies, and a popular law firm that works with several A-list...

0.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/04/23 2:50 p.m.57 views

A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks

Cybercriminals have seized on the novel coronavirus as a theme in their attacks, and it turns out that the most sophisticated players on that scene are no exception. According to Google’s Threat Analysis Group TAG, more than a dozen nation-state-backed APTs are using the COVID-19 pandemic as a...

7.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/26 1:0 p.m.57 views

Responding to the New Normal: How to Prevent Added Risk in Your Business

Our world has shifted dramatically over the last few weeks. Many people have moved from shock to acceptance as the novel coronavirus COVID-19 has taken hold across the world, across our nation, in our states, in our communities, and even in our organizations. Companies are particularly vulnerable...

1.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/02/14 5:10 p.m.57 views

News Wrap: Valentine's Day Scams and Emotet's Wi-Fi Hack

Threatpost editors Tara Seals and Lindsey O’Donnell-Welch break down the top stories for this week, ended Feb. 14, including: Recent phishing scams – including ones with a romance hook – continue to trick victims, showing that phishing tactics still work in stealing millions from individuals,...

8.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/02/14 1:34 p.m.57 views

Researchers: Hackers Can Seize Control of Ballots Cast Using the Voatz Voting App

Security researchers have found key flaws in a mobile voting app that some states plan to use in the 2020 election that can allow hackers to launch both client- and server-side attacks that can easily manipulate or even delete someone’s vote, as well as prevent a reliable audit from taking place...

Exploits0References9
ThreatPost
ThreatPost
added 2020/02/04 6:51 p.m.57 views

Two Critical Android Bugs Get Patched in February Update

Google has released a security update for a critical flaw in its Android operating system that allows hackers to execute remote code on affected handsets, potentially allowing an adversary to gain remote access to the device. Part of Google’s February Android Security Bulletin, released Monday,...

9.3CVSS1.3AI score0.05379EPSS
Exploits8References3
ThreatPost
ThreatPost
added 2019/12/03 9:8 p.m.57 views

ThreatList: A Third of Biometric Systems Targeted by Malware in Q3

Biometric security – which uses fingerprints, voice or facial recognition or retina identification to authenticate users to services – has crossed the chasm into the mainstream, thanks to the prevalence of features like fingerprint readers on laptops and FaceID for iPhones. However, researchers s...

0.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/12/02 7:13 p.m.57 views

Authorities Break Up Imminent Monitor Spyware Organization

The developers behind a commodity remote-access tool RAT that allows full control of a victim’s computer has been taken down by Australian and global authorities. The Imminent Monitor RAT IM-RAT first appeared in 2012, the work of a developer going by the handle of “Shockwave,” according to...

1.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/11/07 1:45 p.m.57 views

Data Breach Fines: Are They Working to Boost Consumer Safety?

Breach statistics are downright discouraging: Over the past five years the number of businesses breached has skyrocketed. The human consequences are also bad, with billions of private email addresses, bankcard numbers and other deeply personal data points exposed online and now in the hands of...

7.2AI score
Exploits0References18
ThreatPost
ThreatPost
added 2019/10/29 8:4 p.m.57 views

Facebook Sues NSO Group Over Alleged WhatsApp Hack

Facebook has filed a lawsuit against Israeli company NSO Group, creator of the Pegasus spyware, alleging that it was behind the massive WhatsApp hack earlier this year. In May 2019, a zero-day vulnerability was found in WhatsApp’s messaging platform, exploited by attackers who were able to inject...

7.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/10/22 3:11 p.m.57 views

Magecart 5 Linked to Carbanak Gang

Researchers have linked Magecart Group 5, the credit-card skimming cybercriminals behind the Ticketmaster breach, to Dridex phishing campaigns and the infamous Carbanak group. Magecart – which is an umbrella group encompassing several different affiliates all using the same modus operandi – injec...

0.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/12 3:48 p.m.57 views

Library-Themed University Phishing Attack Expands to Massive Scale

Indicating a campaign of massive scale, at least 20 new phishing domains targeting more than 60 universities in Australia, Canada, Hong Kong, Switzerland, the United Kingdom and the United States have cropped up, bent on lifting credentials from students heading back to school. The domains are...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/08/29 4:30 p.m.57 views

Google Targets Data-Abusing Apps with Bug Bounty Launch

Google is looking to squash vulnerabilities on its Google Play app marketplace with a new bug-bounty program aimed at identifying data-abuse issues in Android apps and Chrome extensions. The company on Thursday announced the Developer Data Protection Reward Program, which, depending on the impact...

8.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/07/09 3:35 p.m.57 views

Zoom Zero-Day Bug Opens Mac Users to Webcam Hijacking

A zero-day vulnerability in the Zoom client for Mac allows a malicious website to hijack a user’s web camera without their permission. Up to 4 million workers that use the Zoom for Mac web-and videoconferencing service are at risk from a flaw in the collaboration client CVE-2019–13450, according ...

4.3CVSS7AI score0.03523EPSS
Exploits2References8
ThreatPost
ThreatPost
added 2019/06/05 11:30 a.m.57 views

Podcast: Behind-the-Scenes Look at Scattered Canary BEC Cybergang

LONDON, U.K. – At Infosecurity Europe, Threatpost caught up with Agari researchers to discuss their threat research unveiled at the show about a newly-unveiled business email compromise BEC cybergang. The cybercriminal group, which researchers called Scattered Canary, has been evolving for over 1...

7.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/05/06 1:0 p.m.57 views

Amid Bug Bounty Hype, Sometimes Security is Left in the Dust

In January, the European Union kicked-off over a dozen new bug bounty programs targeting a bevy of popular open-source programs used by its members. The effort was supposed to be met with cheers. But instead, the launch sparked an unexpected backlash from the security community. The EU’s program...

7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2019/05/02 5:34 p.m.57 views

Dell Security Support Tool Harbors High-Severity Flaws

Two high-severity flaws in Dell’s client support tool, SupportAssist Client, could enable remote code-execution RCE and cross-site request forgery CSRF attacks. SupportAssist helps users remove viruses or detect security issues on their PCs, and comes preinstalled on most new Dell devices. “Dell...

7.9CVSS0.7AI score0.16145EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/04/17 8:59 p.m.57 views

Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images

A bug in a 30-year-old standard used for the exchange and storage of medical images has been uncovered; it allows an adversary to embed fully-functioning executable code into the image files captured by medical devices such as CT and MRI machines. This results in hybrid files that allow malware...

7.7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/03/12 10:5 p.m.57 views

Federal Focus on Cyber Plays Out in President's Budget, IoT Legislation

The federal government is stepping up its game this week on the cybersecurity front, with both proposed budget line items that would requisition nearly $11 billion for cyber, and the introduction of the Internet of Things IoT Cybersecurity Improvement Act of 2019, which would require that devices...

6.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/04 7:41 p.m.57 views

Smart Ski Helmet Headphone Flaws Leak Personal, GPS Data

Researchers have found a slew of vulnerabilities in a pair of smart headphones designed to fit under ski helmets. The flaws could allow a bad actor to view victims’ personal information, track them and even listen to their private conversations via the headphones’ walkie-talkie function, which us...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/02/11 4:4 p.m.57 views

Managing Enterprise Security After the Data Supernova

As the amount of data continues to grow and expand outside of the enterprise, security leaders need to develop a plan to quickly secure it. The big promise of cloud computing was that it would simplify security. Organizations would no longer have to worry about securing their infrastructure becau...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/10/12 9:9 p.m.57 views

ICS Security Plagued with Basic, Avoidable Mistakes

At least 33 percent of the security issues found in industrial control systems ICS are rated as being of high or critical risk. FireEye iSIGHT Intelligence compiled data from dozens of ICS security health assessment engagements performed by its Mandiant division, and found that these issues inclu...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/08/14 7:24 p.m.57 views

Intel CPUs Undermined By Fresh Speculative Execution Flaws

UPDATE Three new speculative execution design flaws in Intel CPUs were disclosed today, this time impacting Intel’s Software Guard Extensions SGX technology, its OS and system management mode SMM and hypervisor software. The three vulnerabilities would allow attacks on Intel Core and Xeon...

5.4CVSS0.2AI score0.08101EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2018/01/19 1:45 p.m.57 views

New Dridex Variant Emerges With An FTP Twist

A variant of the Dridex banking trojan recently popped up in an email campaign, with an unusual twist: The attackers used compromised FTP sites for hosting malicious documents, according to researchers at Forcepoint. It was a notable departure from the norm of using HTTP links and could represent...

0.0189EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2017/08/08 5:21 p.m.57 views

Microsoft Patches Critical Windows Search Vulnerability

Microsoft patched more than two dozen remote code execution vulnerabilities today, many of them rated critical. One was a RCE bug that allowed an attacker to take complete control of a server or workstation via Windows Search. The fixes were part of Microsoft’s August Patch Tuesday update that...

9.3CVSS0.9AI score0.55415EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2017/01/30 4:48 p.m.57 views

Hundreds of Thousands of Netgear Routers Vulnerable to Password Bypass

Hundreds of thousands–potentially more than one million–Netgear routers are susceptible to a pair of vulnerabilities that can lead to password disclosure. Researchers said that while anyone who has physical access to a router can exploit the vulnerabilities locally, the real threat is that the fl...

4.3CVSS8.4AI score0.89294EPSS
Exploits7References6
ThreatPost
ThreatPost
added 2016/12/27 1:22 p.m.57 views

PHPMailer Bug Leaves Millions of Websites Open to Attack

UPDATE A critical PHPMailer bug tied to the way websites handle email and feedback forms is leaving millions of websites hosted on popular web-publishing platforms such as WordPress, Drupal and Joomla open to attack. The flaw was disclosed by researcher Dawid Golunski of Legal Hackers, who said t...

7.5CVSS10AI score0.99714EPSS
Exploits59References9
ThreatPost
ThreatPost
added 2016/11/08 1:38 p.m.57 views

Google Releases Supplemental Patch for Dirty Cow Vulnerability

Google’s November Android Security Bulletin, released Monday, patched 15 critical vulnerabilities and addressed 85 CVEs overall. But conspicuously absent is a fix for the Linux race condition vulnerability known as Dirty Cow Copy-on-Write that also impacts Android. While Google didn’t issue an...

10CVSS1AI score0.83524EPSS
Exploits81References6
ThreatPost
ThreatPost
added 2014/10/22 10:40 a.m.57 views

Attackers Exploiting Windows OLE Vulnerability

Attackers are using a zero day vulnerability in nearly all supported versions of Windows in a series of targeted attacks. The flaw is in the OLE technology in Windows and can be used for remote code execution is a targeted user opens a rigged Office file. Microsoft is warning customers that there...

9.3CVSS0.5AI score0.99945EPSS
Exploits55References3
ThreatPost
ThreatPost
added 2014/10/03 5:0 a.m.57 views

Researcher Takes Wraps off Undisclosed Bash Vulnerabilities

The Bash bug has kept Linux and UNIX administrators busy deploying a half-dozen patches, worrying about numerous Shellshock exploits in the wild, and a laboring over a general uncertainty that the next supposed fix will break even more stuff. Researcher Michal Zalewski, a longtime bug-hunter, has...

10CVSS0.1AI score0.99999EPSS
Exploits158References6
ThreatPost
ThreatPost
added 2014/09/23 8:53 a.m.57 views

Charney on Trustworthy Computing: 'I Was the Architect of These Changes'

Scott Charney, the head of Microsoft’s Trustworthy Computing efforts, said that he was the one who decided it was time to move the TwC group in a new direction and integrate the security functions more deeply into the company as a whole. “I was the architect of these changes. This is not about th...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2014/04/21 1:55 p.m.57 views

Oracle Gives Heartbleed Update, Patches 14 Products

As the dominoes continue to fall around Heartbleed, Oracle is doing its best to keep users apprised of its ongoing efforts to patch software that may be vulnerable to the OpenSSL vulnerability. In a document updated early this morning Oracle gave its customers five separate updates regarding:...

5CVSS8.3AI score0.99999EPSS
Exploits88References4
ThreatPost
ThreatPost
added 2013/09/03 9:32 a.m.57 views

NetTraveler Now Using Java Exploits, Watering Hole Attacks

When NetTravler was unveiled in June, Costin Raiu of Kaspersky Lab warned that the espionage campaign was an “ugly gorilla with a thousand faces” and that we hadn’t seen them all yet. A little more than two months later, another profile of the malware targeting activists, diplomats, government...

10CVSS0.8AI score0.99966EPSS
Exploits22References8
ThreatPost
ThreatPost
added 2013/02/07 4:13 p.m.57 views

Bots, Zeus, Web Exploits: the Most Potent Threats of 2012

Every year it seems that security-related news advances further from its roots in national security circles, IT departments, and the antivirus industry into the mainstream consciousness. From July to the end of year was no exception. However, despite a handful of flashy security stories, F-Secure...

10CVSS9.6AI score0.98536EPSS
Exploits62References21
ThreatPost
ThreatPost
added 2012/07/26 4:34 p.m.57 views

Microsoft Publishes Workaround for Oracle Outside In Vulnerability

Microsoft gave its users steps earlier this week to sidestep a vulnerability in one of Oracle’s Outside In libraries. The company published some mitigations for the bug, but said it isn’t aware of any active attacks against it yet. The Oracle technology is licensed by software developers like...

9.3CVSS8.2AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2012/05/04 3:25 p.m.57 views

FEMA: State, Local Officials Not Prepared to Respond to Cyberattack

A report by the Federal Emergency Management Agency FEMA finds that state and local government officials in the U.S. are pessimistic about their ability to respond to a cyberattacks. The National Preparedness Report NPR was commissioned by the Obama Administration. It found that, although the...

7.5CVSS0.2AI score0.99998EPSS
Exploits42References3
Total number of security vulnerabilities5000