Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2010/01/19 2:32 p.m.57 views

How DEP Can Mitigate IE Zero-Day Attacks

Jonathan Ness of Microsoft’s Security Research and Defense team explains the inner workings of the Data Execution Prevention technology that can help mitigate the targeted attacks exploiting the vulnerability in Internet Explorer right now...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2009/10/30 1:53 p.m.57 views

Microsoft Cleans Up Bugs After Biggest Patch Release

After releasing its largest-ever group of security patches two weeks ago, Microsoft has done a little cleaning up. Over the past few days, the company has re-released two security updates and issued a workaround for a Windows CryptoAPI patch that caused Microsoft’s own instant-messaging server to...

9.3CVSS1.1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/01/11 3:0 p.m.56 views

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS

A brand-new multiplatform malware, likely distributed via malicious npm packages, is spreading under the radar with Linux and Mac versions going fully undetected in VirusTotal, researchers warned. The Windows version, according to a Tuesday writeup from Intezer, has only six detections as of this...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/10/07 5:42 p.m.56 views

4 Key Questions for Zero-Trust Success

Historically, securing remote access was primarily done using VPNs. However, as enterprises have begun to understand the principles of zero trust, which states that no user may access any data source without first being authenticated, VPNs are proving to be insufficient. The demand for secure...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/09/24 6:46 p.m.56 views

Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

Guardicore security researcher Amit Serper has discovered a severe design bug in Microsoft Exchange’s autodiscover – a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords. The flaw has caused the Autodiscover service to leak...

5.3CVSS6.4AI score0.01931EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2021/09/02 9:38 p.m.56 views

NFT Collector Tricked into Buying Fake Banksy

An attacker was apparently able to breach the site for famed street artist Banksy and sell a fake non-fungible token NFT of the artist’s work for more than $336,000. The fraudster has since returned the ill-gotten cash, less a “transaction fee.” But the incident has delivered an invaluable lesson...

7.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/07/20 5:0 p.m.56 views

Law Firm to the Fortune 500 Breached with Ransomware

Campbell Conroy & O’Neil, P.C. – U.S. law firm to a dazzling array of huge companies – told its star-studded clientele that an intruder may have groped their data. It was hit with ransomware in February and is now suffering the data-breach fallout. That client list spans a slew of industries and...

6.8AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/06/25 6:6 p.m.56 views

FIN7 ‘Pen Tester’ Headed to Jail Amid $1B in Losses

A so-called “pen-tester” for the financial cybergang known as FIN7 will spend seven years in the slammer after being convicted for payment-card theft. According to the Department of Justice, Andrii Kolpakov, a Ukrainian national, was also ordered to pay a tidy $2.5 million in restitution for his...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/24 7:52 p.m.56 views

Oh FCUK! Fashion Label, Medical Diagnostics Firm Latest REvil Victims

U.K.-based fashion brand French Connection, which advertises under the acronym “FCUK,” confirmed that it has been compromised by ransomware group REvil. Just hours later, Brazilian medical diagnostics firm Grupo Fleury announced it had the same misfortune. The twin attacks reveal shifting...

6.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/03/11 4:54 p.m.56 views

Linux Systems Under Attack By New RedXOR Malware

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group. The backdoor is called RedXOR – in part because its network data-encoding scheme is based on the XOR encryption algorithm, and in part because its samples were found on an old...

Exploits0References12
ThreatPost
ThreatPost
added 2021/03/02 9:27 p.m.56 views

Post-Cyberattack, Universal Health Services Faces $67M in Losses

The cyberattack that hit Universal Health Services UHS in September has cost the healthcare service provider a whopping $67 million in damages, according to financial statements. A fourth-quarter earnings report last week from UHS highlighted the “significant incremental labor expense” needed to...

0.7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/02/04 9:47 p.m.56 views

Android Devices Prone to New Botnet’s DDoS Onslaught

Researchers are warning a new botnet is recycling the Mirai malware framework and is now targeting Android devices in order to launch distributed denial-of-service DDoS attacks. The botnet is dubbed Matryosh after a Matryoshka Russian nesting doll due to many of its functions being “nested” in...

0.2AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/09/21 3:59 p.m.56 views

Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords

Researchers have uncovered a threat group launching surveillance campaigns that target victims’ personal device data, browser credentials and Telegram messaging application files. One notable tool in the group’s arsenal is an Android malware that collects all two-factor authentication 2FA securit...

0.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/09/02 10:0 a.m.56 views

China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks

A China-based APT has been sending organizations spear-phishing emails that distribute a never-before-seen intelligence-collecting RAT dubbed Sepulcher. Researchers discovered the new malware being distributed over the past six months through two separate campaigns. The first, in March, targeted...

0.2AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/08/13 4:30 p.m.56 views

Zoom Faces More Legal Challenges Over End-to-End Encryption

Video-conferencing behemoth Zoom has been hit with yet another lawsuit stemming from its claim to offer end-to-end encryption for sessions. The suit, filed in a Washington D.C. court PDF this week by a nonprofit advocacy group called Consumer Watchdog, alleges that the company falsely told users...

6.7AI score
Exploits0References22
ThreatPost
ThreatPost
added 2020/08/13 10:0 a.m.56 views

Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data

UPDATE Vulnerabilities in Amazon’s Alexa virtual assistant platform could allow attackers to access users’ personal information, like home addresses – simply by persuading them to click on a malicious link. Researchers with Check Point found several web application flaws on Amazon Alexa subdomain...

6.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/08/05 9:36 p.m.56 views

Twitter Fixes High-Severity Flaw Affecting Android Users

Twitter has fixed a vulnerability in its Android app, which could have enabled attackers to access private Twitter data, like direct messages DMs on Android devices. The flaw is related to an underlying Android operating system OS security issue CVE-2018-9492, which affects operating system...

7.2CVSS7.6AI score0.00188EPSS
Exploits0References15
ThreatPost
ThreatPost
added 2020/07/30 5:0 p.m.56 views

Doki Backdoor Infiltrates Docker Servers in the Cloud

A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control C2 domain names. Doki however is meant to provide a persistent capability for code-execution on an infected...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/07/07 11:0 a.m.56 views

First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered

Researchers say they have discovered the first-ever reported Russian business email compromise BEC cybercriminal ring, showing that sophisticated attackers beyond the usual Nigerian scammers are setting their sights on the email-based attack vector. The BEC gang is called Cosmic Lynx, and has bee...

Exploits0References17
ThreatPost
ThreatPost
added 2020/06/30 5:45 p.m.56 views

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

The APT group known as StrongPity is back with a new watering-hole campaign, targeting mainly Kurdish victims in Turkey and Syria. The malware served offers operators the ability to search for and exfiltrate any file or document from a victim’s machine. The group a.k.a. Promethium is operating a...

7.8AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/06/04 5:2 p.m.56 views

Zoom Restricts End-to-End Encryption to Paid Users

Security experts are up in arms after learning that video conferencing app Zoom will only offer end-to-end encryption to paid users. On Zoom’s Wednesday first-quarter financial earnings call, Zoom CEO Eric Yuang said that the upcoming end-to-end encryption feature would not apply for free users...

6.9AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/05/28 4:17 p.m.56 views

Google Location Tracking Lambasted in Arizona Lawsuit

Google has been hit by a lawsuit alleging that it violates user privacy by collecting location data via various means – and claiming that Google makes it nearly “impossible” for users to opt out of such data tracking. The lawsuit, filed by Arizona Attorney General Mark Brnovich, alleges that Goog...

0.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/05/06 7:42 p.m.56 views

InfinityBlack Dismantled After Selling Millions of Credentials

The InfinityBlack hacking group, which is responsible for selling millions of stolen credentials, has been dismantled. Polish and Swiss law-enforcement authorities, supported by Europol, arrested five individuals in Poland believed to be members of InfinityBlack, on April 29. According to Europol...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/02/20 9:35 p.m.56 views

Google Bans 600 Android Apps for Obnoxious Ads

Google has removed nearly 600 Android apps from the Play Store for serving up obnoxious, invasive ads that aren’t easily “x’d” out of. The internet giant said the enforcement action was a strike against mobile ad fraud. Google said Thursday that the apps violated its disruptive ads policy – and a...

7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/01/15 3:28 p.m.56 views

Trump Slams Apple for Refusing to Unlock Suspected Shooter’s iPhones

President Donald Trump has weighed in on Apple’s decision not to help the FBI unlock iPhones of the suspect in a shooting in Florida, slamming the company in a Tweet that demands Apple “step up to the plate and help our great Country.” The president on Tuesday suggested that Apple has benefited...

6.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/03 3:31 p.m.56 views

Google Boots Security Camera Maker From Nest Hub After Private Images Go Public

China-based electronics company Xiaomi said it has fixed a “cache update” issue for its Xiaomi Mijia smart camera after a Reddit user claims that attempts to view Xiaomi camera footage on his Google Nest Hub instead showed videos of strangers. The issue was first reported by a user on Reddit who...

1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/12/30 4:53 p.m.56 views

IoT Company Wyze Leaks Emails, Device Data of 2.4M

An exposed Elasticsearch database, owned by Internet of Things IoT company Wyze, was discovered leaking connected device information and emails of millions of customers. Wyze makes smart home cameras and connected devices like connected bulbs and plugs, which can be integrated with smart home...

6.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/12/30 2:0 p.m.56 views

Top Mobile Security Stories of 2019

Top Mobile Security Stories of 2019 Cybercriminals are increasingly and successfully targeting mobile users, as our look back on the Top 10 2019 mobile security stories show. For enterprises that are embracing an ever-more-mobile workforce, escalating mobile attack vectors significantly widen the...

0.1AI score
Exploits0References37
ThreatPost
ThreatPost
added 2019/12/05 5:55 p.m.56 views

Feds Offer $5M Reward to Nab 'Evil Corp' Dridex Hacker

U.S. authorities are offering up $5 million for information leading to the arrest of Evil Corp. leader Maksim V. Yakubets, 32, of Russia, who goes under the moniker “aqua.” The U.S. alleges that Yakubets and his company have stolen millions of dollars from victims using the Dridex banking trojan...

0.3AI score
Exploits0References16
ThreatPost
ThreatPost
added 2019/12/02 3:33 p.m.56 views

Smart TVs: The Cyberthreat Lurking in Your Living Room, Feds Warn

Black Friday and Cyber Monday sales of smart TVs are likely prodigious this Thanksgiving weekend – but consumers need to be aware of the hole they can punch in home cyber-defenses. That’s the word from the FBI, which warned that smart TVs, which hook up to the internet to allow users to access ap...

1.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/20 10:0 p.m.56 views

Security Firms, Nonprofits Team to Fight Stalkerware

The scourge of so-called “stalkerware” has accelerated as mobile cyberattacks in general have become more common, and it’s something that’s being addressed through a security industry collaboration that launched this week. The term “stalkerware” refers to both surreptitious spyware available on t...

6.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/10/16 12:27 p.m.56 views

Galaxy S10 Fingerprint Sensor Thwarted With Screen Protector: Report

UPDATE Samsung has acknowledged that anyone can bypass the Galaxy S10 fingerprint sensor using a third-party case after a woman alleged that a $3 smartphone screen protector allowed unauthorized users to dupe her Samsung Galaxy S10’s fingerprint recognition sensor – giving access to her phone and...

7.6AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/10/09 3:36 p.m.56 views

Privacy Groups: Ring's Police Partnerships Can Lead to Sinister Ends

More than 30 privacy and consumer advocacy groups are urging local legislators to intervene in doorbell-camera company Ring’s partnerships with law enforcement. In 2018, Amazon-owned Ring announced that it was starting a “new neighborhood watch” effort, to allow homeowners to provide voluntary...

6.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/08/20 8:29 p.m.56 views

Fortnite Ransomware Masquerades as an Aimbot Game Hack

A ransomware that calls itself “Syrk” is targeting gaming juggernaut Fortnite’s enormous user base, purporting to be a game hack tool. Syrk promises players an “aimbot” for aiming more accurately while playing, and “ESP,” for discovering other player’s locations in the game. What it really gives...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/08/20 7:25 p.m.56 views

How to Prepare for Misconfigurations Clouding the Corporate Skies

Cloud-based storage and infrastructure provides myriad benefits for any organization, like letting them avoid the costs of expensive hardware and granting them quick access to infrastructure as needed. Companies can use cloud services for minutes or years, depending on their needs. However, there...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/08/08 2:0 p.m.56 views

Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys

Recent phishing campaigns have been spotted boosting their anti-detection efforts by using Amazon Web Services to host their landing pages. It’s a sign of a nascent trend towards using public cloud storage, according to researchers. The attackers are also layering on various obfuscation technique...

0.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/04/11 12:54 p.m.56 views

Amazon Auditors Listen to Echo Recordings, Report Says

Amazon is under fire after a bombshell report revealed the company employs thousands of auditors to listen to Echo users’ voice recordings. The team exists to help improve Amazon Alexa’s comprehension of human speech, so the voice command device responds better to commands, according to a Wednesd...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/04/09 4:22 p.m.56 views

Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print

A Samsung Galaxy S10 user said he was able to successfully bypass the phone’s fingerprint sensors using a 3D print of his own fingerprint. The Samsung user posted on Imgur this weekend under the alias, “darkshark” saying he was able to fool the Galaxy S10’s fingerprint using a simple technique – ...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/03/06 1:42 p.m.56 views

RSA Conference 2019: Cryptographers' Panel Decries Adi Shamir's Visa Issues

SAN FRANCISCO – This year’s RSA Conference Cryptographers’ Panel started on a sour note when it was announced that longtime participant Adi Shamir, one of the inventors of the RSA algorithm, would be absent because of visa issues with the U.S. Department of State. Shamir, who addressed the...

6.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/02/19 7:0 p.m.56 views

New GandCrab Decryptor Unlocks Files of Updated Ransomware

Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...

7.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/01/31 6:16 p.m.56 views

Airbus Data Takes Flight; and Billions of Credentials Dumped on Dark Web

French airplane and military aircraft behemoth Airbus SE has become the latest victim of a cyberattack leading to a data breach, with an incident detected on its “commercial aircraft business” information systems. It is only the latest high-profile data exposure to come to light in recent days, a...

0.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/01/29 2:5 p.m.56 views

Apple Disables Group FaceTime Following Major Privacy Glitch

Apple has made Group FaceTime temporarily unavailable following a major flaw discovered on Monday evening. The bug allows anyone with iOS to FaceTime other iOS users and listen in on their private conversations – without the user on other end rejecting or accepting the call. The bug makes use of ...

6.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2018/12/11 10:2 p.m.56 views

Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay

Microsoft has patched a zero-day vulnerability actively being used against older versions of the Windows operating system, as part of its December Patch Tuesday updates. According to the software giant, the vulnerability CVE-2018-8611 is an elevation-of-privilege EoP bug that affects Windows 7...

9.3CVSS1.2AI score0.14507EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/18 3:19 p.m.56 views

Tumblr Privacy Bug Could Have Exposed Sensitive Account Data

Tumblr on Wednesday disclosed it had fixed a vulnerability that could have exposed sensitive account information including usernames/passwords and individual IP addresses. However, the company stressed there’s no evidence that any data was exposed. The bug existed in the “Recommended Blogs” featu...

0.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/10/10 4:7 p.m.56 views

Innovative Phishing Tactic Makes Inroads Using Azure Blob

A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, video or tex...

6.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2017/08/30 5:43 p.m.56 views

Intel Confirms Its Much-Loathed ME Feature Has A Kill Switch

Researchers at Positive Technologies forced Intel’s hand at revealing that a previously undocumented kill switch exists for its oft-criticized Intel Management Engine, a remote management component of Intel CPUs. Initially, Positive Technologies set out to disable the feature that some security...

10CVSS0.92189EPSS
Exploits7References7
ThreatPost
ThreatPost
added 2016/08/09 2:59 p.m.56 views

August 2016 Microsoft Patch Tuesday Security Bulletins

A tricky vulnerability patched today in the Windows PDF Library could have put Microsoft Edge users on Windows 10 systems at risk for remote code execution attacks. Edge automatically renders PDF content when it’s set as a computer’s default browser, unlike most other browsers; the feature means...

9.3CVSS2.9AI score0.99945EPSS
Exploits34References9
ThreatPost
ThreatPost
added 2016/05/25 12:58 p.m.56 views

APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545

A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...

9.3CVSS0.7AI score0.86053EPSS
Exploits39References7
ThreatPost
ThreatPost
added 2015/03/04 1:58 p.m.56 views

Google Fixes 51 Bugs in Chrome 41

Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties. Google paid bounties for 18 bugs ranging from medium to high severity. The bounties for all of the vulnerabilities totaled $52,000. 13 of those bugs ca...

7.5CVSS1.1AI score0.02565EPSS
Exploits0References22
ThreatPost
ThreatPost
added 2015/01/28 1:28 p.m.56 views

Ghost glibc Vulnerability Patching and Exploits

There are some silver linings in the wake of yesterday’s disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability. First, the 15-year-old bug isn’t the showstopper that the Shellshock...

10CVSS8.6AI score0.94859EPSS
Exploits29References5
Total number of security vulnerabilities5000