Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/04/11 12:54 p.m.56 views

Amazon Auditors Listen to Echo Recordings, Report Says

Amazon is under fire after a bombshell report revealed the company employs thousands of auditors to listen to Echo users’ voice recordings. The team exists to help improve Amazon Alexa’s comprehension of human speech, so the voice command device responds better to commands, according to a Wednesd...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/03/06 1:42 p.m.56 views

RSA Conference 2019: Cryptographers' Panel Decries Adi Shamir's Visa Issues

SAN FRANCISCO – This year’s RSA Conference Cryptographers’ Panel started on a sour note when it was announced that longtime participant Adi Shamir, one of the inventors of the RSA algorithm, would be absent because of visa issues with the U.S. Department of State. Shamir, who addressed the...

6.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/05 11:0 a.m.56 views

RSAC 2019: Malicious Emailed URLs See Triple-Digit Increase

SAN FRANCISCO: Business emails laced with malicious URLs in the message body have spiked by more than 125 percent in Q4 2018 in comparison with the quarter before. According to Mimecast’s latest Email Security Risk Assessment ESRA report, released at the RSA Conference 2019 in San Francisco this...

0.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/02/19 7:0 p.m.56 views

New GandCrab Decryptor Unlocks Files of Updated Ransomware

Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...

7.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/01/31 6:16 p.m.56 views

Airbus Data Takes Flight; and Billions of Credentials Dumped on Dark Web

French airplane and military aircraft behemoth Airbus SE has become the latest victim of a cyberattack leading to a data breach, with an incident detected on its “commercial aircraft business” information systems. It is only the latest high-profile data exposure to come to light in recent days, a...

0.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/01/29 2:5 p.m.56 views

Apple Disables Group FaceTime Following Major Privacy Glitch

Apple has made Group FaceTime temporarily unavailable following a major flaw discovered on Monday evening. The bug allows anyone with iOS to FaceTime other iOS users and listen in on their private conversations – without the user on other end rejecting or accepting the call. The bug makes use of ...

6.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2018/12/11 10:2 p.m.56 views

Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay

Microsoft has patched a zero-day vulnerability actively being used against older versions of the Windows operating system, as part of its December Patch Tuesday updates. According to the software giant, the vulnerability CVE-2018-8611 is an elevation-of-privilege EoP bug that affects Windows 7...

9.3CVSS1.2AI score0.14507EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2018/10/18 3:19 p.m.56 views

Tumblr Privacy Bug Could Have Exposed Sensitive Account Data

Tumblr on Wednesday disclosed it had fixed a vulnerability that could have exposed sensitive account information including usernames/passwords and individual IP addresses. However, the company stressed there’s no evidence that any data was exposed. The bug existed in the “Recommended Blogs” featu...

0.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/10/10 4:7 p.m.56 views

Innovative Phishing Tactic Makes Inroads Using Azure Blob

A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, video or tex...

6.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2016/05/25 12:58 p.m.56 views

APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545

A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...

9.3CVSS0.7AI score0.86053EPSS
Exploits39References7
ThreatPost
ThreatPost
added 2015/03/04 1:58 p.m.56 views

Google Fixes 51 Bugs in Chrome 41

Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties. Google paid bounties for 18 bugs ranging from medium to high severity. The bounties for all of the vulnerabilities totaled $52,000. 13 of those bugs ca...

7.5CVSS1.1AI score0.02565EPSS
Exploits0References22
ThreatPost
ThreatPost
added 2015/01/28 1:28 p.m.56 views

Ghost glibc Vulnerability Patching and Exploits

There are some silver linings in the wake of yesterday’s disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability. First, the 15-year-old bug isn’t the showstopper that the Shellshock...

10CVSS8.6AI score0.94859EPSS
Exploits29References5
ThreatPost
ThreatPost
added 2014/10/01 2:43 p.m.56 views

VMware Begins to Patch Bash Issues Across Product Line

Much like Heartbleed triggered vendors to issue out of band patches to remedy vulnerabilities that popped up earlier this year, Shellshock, the Bash vulnerability, has forced vendors’ hands in a similar fashion. Virtualization firm VMware issued a progress report on fixes for four different types...

10CVSS0.99999EPSS
Exploits142References5
ThreatPost
ThreatPost
added 2014/08/12 3:9 p.m.56 views

August 2014 Microsoft Patch Tuesday Security Bulletins

Microsoft today released its monthly Patch Tuesday Security Bulletins, and the top priority is another cumulative update for Internet Explorer; this one patches 26 vulnerabilities, including one that’s been publicly reported, Microsoft said, and is likely being exploited. All of them are rated...

9.3CVSS1.7AI score0.99945EPSS
Exploits33References15
ThreatPost
ThreatPost
added 2013/09/09 2:54 p.m.56 views

Call for Ban on Vulnerable PHP SuperGlobal Variables

The ease with which PHP applications can be subverted should be pretty apparent by now given the number of botnets supported by compromised sites hosting PHP code. The biggest culprit in the PHP universe may be a set of nine variables called SuperGlobals that provide programmers with development...

6.4CVSS2.1AI score0.12879EPSS
Exploits16References2
ThreatPost
ThreatPost
added 2013/06/21 9:49 a.m.56 views

Ryan Naraine on Microsoft's New Bug Bounty Program

Dennis Fisher talks with Ryan Naraine about the new Microsoft bug bounty program, how it may affect prices for vulnerabilities on the private market and why it took the company so long to start the reward program. Download: digitalunderground116...

9.3CVSS0.5AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2012/05/04 2:26 p.m.56 views

PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug

UPDATE–The developers of PHP have released new versions of the scripting language to fix a remotely exploitable vulnerability announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP...

7.5CVSS9.8AI score0.99998EPSS
Exploits43References4
ThreatPost
ThreatPost
added 2011/11/26 11:41 p.m.56 views

New Apache Reverse Proxy Issue Uncovered

A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. Prutha Parikh, vulnerability signature engineer at Qualys, blogged that she uncovered the issue while creating a...

5CVSS0.2AI score0.90734EPSS
Exploits12References3
ThreatPost
ThreatPost
added 2009/11/22 9:47 p.m.56 views

New Zero-Day Flaw Discovered in IE7

There is a newly discovered vulnerability in both Internet Explorer 6 and Internet Explorer 7 that could enable an attacker to take complete control of a vulnerable machine. The vulnerability is the result of a dangling pointer in IE and there is a working exploit for the flaw circulating online...

9.3CVSS0.5AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2009/11/05 1:45 p.m.56 views

Critical Flaw Found in Linux Kernel

There is a NULL pointer dereference flaw in the Linux kernel that can be exploited by attackers to gain root access to a vulnerable machine. The vulnerability is in version 2.6.21 of the Linux kernel and some Linux vendors already have taken steps to fix the vulnerability. Red Hat has released a...

6.9CVSS1.1AI score0.0493EPSS
Exploits7References4
ThreatPost
ThreatPost
added 2022/08/05 1:17 p.m.55 views

Open Redirect Flaw Snags Amex, Snapchat User Data

Attackers are exploiting a well-known open redirect flaw to phish people’s credentials and personally identifiable information PII using American Express and Snapchat domains, researchers have found. “Since the first domain name in the manipulated link is in fact the original site’s, the link may...

7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2022/05/05 12:48 p.m.55 views

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

Application service provider F5 is warning a critical vulnerability allows unauthenticated hackers with network access to execute arbitrary commands on its BIG-IP systems. The F5 BIG-IP is a combination of software and hardware that is designed around access control, application availability and...

9.8CVSS10AI score0.99956EPSS
Exploits63References10
ThreatPost
ThreatPost
added 2022/04/13 3:1 p.m.55 views

Feds Shut Down RaidForums Hacking Marketplace

U.S. law enforcement has shut down one of the largest cybercriminal online forums in the world and revealed the charges its Portuguese founder will face in federal court. However, the takedown is likely to only be a temporary blow to hackers, who will find other ways of buying and selling data...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2022/01/21 5:13 p.m.55 views

McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges

McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM. According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint...

9.3CVSS7.8AI score0.02969EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2021/10/29 3:30 p.m.55 views

Google Chrome is Abused to Deliver Malware as Legit Windows 10 App

Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control UAC. Researchers from Rapid7 recently identified the campaign and warn the goal of t...

8.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/10/18 4:23 p.m.55 views

Twitter Suspends Accounts Used to Snare Security Researchers

Twitter has shuttered two accounts – @lagal1990 and @shiftrows13 – specifically used to trick security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. The campaign was first discovered by the Google Threat Analysis Group TAG in January an...

7.8CVSS8.1AI score0.39653EPSS
Exploits0References19
ThreatPost
ThreatPost
added 2021/09/23 11:0 p.m.55 views

REvil Affiliates Confirm Getting Screwed Out of Payments

A day after news broke about REvil having screwed their own affiliates out of ransomware payments – by using double chats and a backdoor that let REvil operators hijack ransom payments – those affiliates took to the top Russian-language hacking forum to renew their demands for REvil to fork over...

7.1AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/08/09 9:6 p.m.55 views

‘Glowworm’ Attack Turns Light Flickers into Audio

Virtual meetings are vulnerable to a new, exotic attack called Glowworm, which measures an audio output device’s LED power light changes and converts them to audio reproductions — allowing cyberattackers to listen to sensitive conversations. As an increasing amount of business is being conducted...

6.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/05/08 7:28 p.m.55 views

Major U.S. Pipeline Crippled in Ransomware Attack

A ransomware attack has halted pipeline activities for the Colonial Pipeline Co., which supplies the East Coast with roughly 45 percent of its liquid fuels. In a statement released on Saturday, Colonial Pipeline said it has temporarily halted pipeline operations in response to a cyberattack...

5.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/05/03 3:47 p.m.55 views

Buer Malware Tool Rewritten in E-Z Rust Language

A variant of the Buer malware, which is being distributed in emails disguised as DHL support shipping notices, comes with a fresh code rewrite in the popular Rust language and looks like it may be in the process of prepping for rental to other cybercrooks. Join Threatpost for “Fortifying Your...

7.5AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/04/22 7:33 p.m.55 views

Mount Locker Ransomware Aggressively Changes Up Tactics

The Mount Locker ransomware has shaken things up in recent campaigns with more sophisticated scripting and anti-prevention features, according to researchers. And, the change in tactics appears to coincide with a rebranding for the malware into “AstroLocker.” According to researchers, Mount Locke...

0.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/23 4:51 p.m.55 views

Finnish IT Giant Hit with Ransomware Cyberattack

A major Finnish IT provider has been hit with a ransomware attack that has forced the company to turn off some services and infrastructure in a disruption to customers, while it takes recovery measures. Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesda...

1.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/01/12 5:13 p.m.55 views

Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content

Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure. The software company’s regularly scheduled Tuesday security updates impact a slew of its...

0.1AI score0.05614EPSS
Exploits0References19
ThreatPost
ThreatPost
added 2020/10/14 8:40 p.m.55 views

Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On

Companies worldwide have continued to receive extortion emails threatening to launch a distributed denial-of-service DDoS attack on their network, unless they pay up – with British foreign-exchange company Travelex reportedly being one recent high-profile threat recipient. Researchers said that...

7.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/09/14 8:0 p.m.55 views

Cloud Leak Exposes 320M Dating-Site Records

Users of 70 different adult dating and e-commerce websites have had their personal information exposed, thanks to a misconfigured, publicly accessible Elasticsearch cloud server. In all, 320 million individual records were leaked online, researchers said. All of the impacted websites have one thi...

Exploits0References7
ThreatPost
ThreatPost
added 2020/09/07 1:0 p.m.55 views

CEOs Could Be Held Personally Liable for Cyberattacks that Kill

A full 75 percent of top brass at companies will be personally on the hook for cyber-physical security CSP incidents by 2024 – especially those that involve fatalities. That’s according to the Gartner research firm, which predicted this week that CEOs soon will no longer be able to hide behind...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/07/22 1:7 p.m.55 views

Leak Exposes Private Data of Genealogy Service Users

A server containing information of users of a genealogy service has exposed the data of 60,000 users, putting them at risk for fraud, phishing and other cybercriminal activity. Research led by Avishai Efrat at WizCase has discovered the leak, which affected an open and unencrypted ElasticSearch...

6.7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/07/09 9:3 p.m.55 views

Microsoft Warns on OAuth Attacks Against Cloud App Users

Against the backdrop of widespread remote working and the increased use of collaboration apps, attackers are ramping up application-based attacks that exploit OAuth 2.0, Microsoft is warning. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services...

7.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/04/14 1:0 p.m.55 views

Safe Remote Access to Critical Infrastructure Networks in a Time of Global Crisis

With governments closing down workplaces all over the world, telecommuting presents not just online administrative and capacity challenges for organizations, but also security challenges. As highlighted in a recent article by Andy Greenberg from Wired, when more and more employees are asked to VP...

1.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/04/09 6:25 p.m.55 views

Copycat Site Serves Up Raccoon Stealer

Someone is targeting web denizens with a malicious, copycat Malwarebytes website, which serves up the Raccoon information stealer malware to unsuspecting visitors. According to the security firm itself, the attackers set up the domain “malwarebytes-free.com” with a domain registrar in Russia in...

6.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/02 4:58 p.m.55 views

Zoom Removes Data-Mining LinkedIn Feature

Zoom has nixed a feature that came under fire for “undisclosed data mining” of users’ names and email addresses, used to match them with their LinkedIn profiles. The feature, the LinkedIn Sales Navigator, is a LinkedIn service used for sales prospecting. When users enter a web conference meeting,...

7.2AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/04/02 2:0 p.m.55 views

44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig

Key Ring, creator of a digital wallet app used by 14 million people across North America, has exposed 44 million IDs, charge cards, loyalty cards, gift cards and membership cards to the open internet, researchers say. The Key Ring app allows users to upload scans and photos of various physical...

6.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/04/01 1:27 p.m.55 views

Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections ATPs, researchers have found. The Cofense Phishing...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/03 8:13 p.m.55 views

Let's Encrypt to Revoke Millions of TLS Certs

UPDATE Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security TLS certificates Wednesday, because of a Certificate Authority Authorization CAA bug. The move could mean that millions of websites and machine identities that rely on those certificates...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/02/13 11:44 a.m.55 views

Google: Efforts Against Bad Android Apps on Play Store Are Working

Some of the efforts Google has made over the past few years to bolster the security of Android app users as well as the mobile apps available on its Google Play store are starting to work, according to the tech giant. The company, which historically has struggled mightily to keep bad apps and...

7.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/10 4:25 p.m.55 views

Docker Registries Expose Hundreds of Orgs to Malware, Data Theft

A slew of misconfigured Docker container registries has inadvertently exposed source code for 15,887 unique versions of applications owned by research institutes, retailers, news media organizations and technology companies. According to Palo Alto Networks’ Unit 42 division, the registries lacked...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/02/07 5:3 p.m.55 views

Google Chrome To Bar HTTP File Downloads

Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages. HTTPS indicates that a website has an encrypted connection. When connecting to an HTTP website, browsers merely look up the IP address and...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/12/23 7:29 p.m.55 views

Twitter Fixes Bug that Enabled Takeover of Android App Accounts

Twitter for Android users are being urged to update their app to avoid a security bug that allows a malicious user to access private account data and could also allow an attacker to take control of accounts to send tweets and direct messages. The warning comes from Twitter who said there are no...

9.3CVSS8AI score0.01252EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/12/04 6:32 p.m.55 views

‘Highly Competitive' Buer Loader Emerges in Underground Markets

A previously undocumented modular loader has emerged as a lucrative tool for cybercriminals in a variety of campaigns. Researchers say the “highly competitive” loader, dubbed Buer, is intended for use by actors seeking a turn-key, off-the-shelf solution. Researchers say they have spotted the load...

7.3AI score
Exploits0References16
ThreatPost
ThreatPost
added 2019/11/22 4:54 p.m.55 views

Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak

An open Elasticsearch server has exposed the rich profiles of more than 1.2 billion people to the open internet. First found on October 16 by researchers Bob Diachenko and Vinny Troia, the database contains more than 4 terabytes of data. It consists of scraped information from social media source...

6.6AI score
Exploits0References6
Total number of security vulnerabilities5000