Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2016/12/15 10:0 a.m.55 views

Code Reuse a Peril for Secure Software Development

The amount of insecure software tied to reused third-party libraries and lingering in applications long after patches have been deployed is staggering. It’s a habitual problem perpetuated by developers failing to vet third-party code for vulnerabilities, and some repositories taking a hands-off...

9.1AI score0.99993EPSS
Exploits41References11
ThreatPost
ThreatPost
added 2016/03/01 12:30 p.m.55 views

DROWN Flaw Opens 33 Percent Of HTTPS Connections To Attack

Researchers revealed a massive transport layer security TLS vulnerability today that leaves millions of Internet users vulnerable to an attack that could expose passwords, credit card numbers and financial data. OpenSSL and others are urging companies to patch their web servers or risk exposure t...

4.3CVSS0.82112EPSS
Exploits2References7
ThreatPost
ThreatPost
added 2015/06/10 8:5 a.m.55 views

Duqu Resurfaces With New Round of Victims, Including Kaspersky Lab

The Duqu attackers, who are considered by researchers to be at the top of the food chain of APT groups and are responsible for attacking certificate authorities and perhaps spying on Iran’s nuclear program, have resurfaced with a new platform that was used to compromise high-profile victims,...

9CVSS8.5AI score0.87448EPSS
Exploits8References4
ThreatPost
ThreatPost
added 2015/04/14 2:49 p.m.55 views

April 2015 Microsoft Patch Tuesday Security Bulletins

Microsoft has patched a critical vulnerability in the Windows HTTP protocol stack, known as HTTP.sys, which could have devastating consequences once it’s inevitably publicly exploited. The bulletin, MS15-034, is one of four critical bulletins issued today by Microsoft. Experts warn that exploitin...

10CVSS10AI score0.97327EPSS
Exploits7References15
ThreatPost
ThreatPost
added 2014/10/14 3:2 p.m.55 views

Fixes for IE, Flash Player in October Patch Tuesday Release

Microsoft and Adobe issued their monthly patch Tuesday releases today, and Microsoft posted eight bulletins, three of which are considered critical including the now-monthly cumulative Internet Explorer update, addressing 24 vulnerabilities in various products. Adobe has fixes for three...

10CVSS0.4AI score0.90208EPSS
Exploits5References5
ThreatPost
ThreatPost
added 2014/08/12 3:9 p.m.55 views

August 2014 Microsoft Patch Tuesday Security Bulletins

Microsoft today released its monthly Patch Tuesday Security Bulletins, and the top priority is another cumulative update for Internet Explorer; this one patches 26 vulnerabilities, including one that’s been publicly reported, Microsoft said, and is likely being exploited. All of them are rated...

9.3CVSS1.7AI score0.99945EPSS
Exploits33References15
ThreatPost
ThreatPost
added 2012/10/11 2:29 a.m.55 views

More than 300,000 at Risk After Major Breach at Florida College

A security breach initially believed contained to about 50 employee records now appears to involve almost 300,000 students, faculty and employees at a Florida college. Officials at Northwest Florida State College in Niceville today confirmed a massive data breach and hundreds of thousands of stol...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/05/08 5:24 p.m.55 views

Leaders from China, U.S. Meet, Agree to Rally Against Cyber Threats

In an attempt to clear the cybersecurity air, the United States and the People’s Republic of China agreed Monday to work in tandem to prevent future cyber threats. Meeting at the Pentagon, Defense Secretary Leon Panetta and General Liang Guanglie, China’s Minister of National Defense, insisted th...

7.5CVSS1.2AI score0.99998EPSS
Exploits42References7
ThreatPost
ThreatPost
added 2011/11/26 11:41 p.m.55 views

New Apache Reverse Proxy Issue Uncovered

A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. Prutha Parikh, vulnerability signature engineer at Qualys, blogged that she uncovered the issue while creating a...

5CVSS0.2AI score0.90734EPSS
Exploits12References3
ThreatPost
ThreatPost
added 2011/10/14 5:58 p.m.55 views

SpyEye and Zeus Malware: Married Or Living Separately?

Everyone knows that the first year of marriage can be a tough one -around three percent of them end in the first 12 months. Looks like the same can be true of malware marriages, with the union of the Zeus and SpyEye Trojan now in question. Just one year after news broke that the Zeus and SpyEye...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2011/09/14 3:29 p.m.55 views

Apache Releases Version 2.2.21 With New Fix For Range Header Flaw

Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw. Apache 2.2.21 has a patc...

7.8CVSS0.1AI score0.98945EPSS
Exploits19References4
ThreatPost
ThreatPost
added 2011/03/25 3:14 p.m.55 views

Google Fixes Six High-Risk Bugs in New Chrome Release

Google has released a new version of its Chrome browser, fixing six high-risk security bugs in the process and paying out $8,500 in bug bounties along the way. The latest version of Chrome, version 10.0.648.204, also includes a number of other new features for some of the supported platforms. The...

7.5CVSS9AI score0.02014EPSS
Exploits3References7
ThreatPost
ThreatPost
added 2011/01/21 2:58 p.m.55 views

The Oracle Quarterly Patch Update

January 18th marks the 6th anniversary of the Oracle Critical Patch Update CPU in its current form as a quarterly patch. For those who remember, before the CPU, Oracle released patches as Security Alerts, the last being Security Alert 68 at the end of August 2004. In the past 6 years, CPUs have...

10CVSS9.1AI score0.99945EPSS
Exploits37
ThreatPost
ThreatPost
added 2009/11/24 2:39 p.m.55 views

Microsoft Acknowledges IE7 Flaw

Microsoft has acknowledged a new unpatched vulnerability in Internet Explorer 6 and 7, and said that the company is investigating methods for fixing the flaw. The company said that although there is public exploit code available for the vulnerability, it has not seen any evidence of ongoing attac...

9.3CVSS0.8AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2022/05/27 10:32 a.m.54 views

Critical Flaws in Popular ICS Platform Can Trigger RCE

Critical flaws in a popular platform used by industrial control systems ICS that allow for unauthorized device access, remote code execution RCE or denial of service DoS could threaten the security of critical infrastructure. OAS—offered by a company of the same name–makes it easy to transfer dat...

9.8CVSS8.5AI score0.37606EPSS
Exploits8References21
ThreatPost
ThreatPost
added 2022/05/05 12:48 p.m.54 views

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

Application service provider F5 is warning a critical vulnerability allows unauthenticated hackers with network access to execute arbitrary commands on its BIG-IP systems. The F5 BIG-IP is a combination of software and hardware that is designed around access control, application availability and...

9.8CVSS10AI score0.99956EPSS
Exploits63References10
ThreatPost
ThreatPost
added 2021/10/25 8:51 p.m.54 views

BQE Web Suite Billing App Rigged to Inflict Ransomware

Threat actors have been caught exploiting a now-patched zero-day critical vulnerability in a popular timeclock and billing system, to take over vulnerable servers and inflict companies’ networks with ransomware. Discovered by Huntress Labs earlier this month, the ongoing attacks focus on an...

9.8CVSS10AI score0.73269EPSS
Exploits3References12
ThreatPost
ThreatPost
added 2021/08/23 6:54 p.m.54 views

ProxyShell Attacks Pummel Unpatched Exchange Servers

Over the weekend, the Cybersecurity & Infrastructure Security Agency CISA issued an urgent alert that attackers are actively attacking ProxyShell vulnerabilities in unpatched Microsoft Exchange Servers, joining researchers in urging organizations to immediately install the latest Microsoft Securi...

10CVSS8.9AI score0.99999EPSS
Exploits18References13
ThreatPost
ThreatPost
added 2021/07/21 1:0 p.m.54 views

Tracking Malware and Ransomware Domains in 2021

In 2021, the threat of ransomware has loomed large. In many ways, it’s exactly what cybersecurity experts expected and predicted after the major cyber attacks of 2020—including hospital ransomware attacks on a healthcare industry hard-hit by both ransomware and Covid-19. But in other ways, this...

7.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/07/09 10:50 a.m.54 views

Lazarus Targets Job-Seeking Engineers with Malicious Documents

The notorious Lazarus advanced persistent threat APT group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves impersonating defense contractors seeking job candidates. Researchers have been tracking Lazarus activity for...

8.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/06/07 8:54 p.m.54 views

FBI Claws Back Millions of DarkSide’s Ransom Profits

United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice DOJ and FBI announced in a joint press conference on Monday. “Today we turned the tables on DarkSide,” FBI Deputy Director...

7.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/02 8:33 p.m.54 views

Podcast: The State of Ransomware

Last month, ransomware group DarkSide targeted operator Colonial Pipeline Co., disrupting fuel supply in the Eastern part of the U.S. The attack on a major U.S. oil pipeline had widespread ripples: it prompted President Joe Biden to declare a state of emergency and caused substantial pain at gas...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/05/05 4:3 p.m.54 views

Peloton’s Leaky API Spilled Riders’ Private Data

Peloton has hit a pothole. Its API was leaking riders’ private data, it ignored a vulnerability disclosure from a penetration testing company, and it partially fixed the hole but didn’t get around to telling the researcher until he reached out to a cybersecurity journalist for some help. This is...

7.2AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/05/04 8:58 p.m.54 views

Phishing Attacks Spawn Three New Malware Strains

Two waves of global financial phishing attacks that swamped at least 50 organizations in December have delivered three new malware families, according to a report from FireEye’s Mandiant cybersecurity team. On Tuesday, the team said that they’ve dubbed the hitherto-unseen malware strains...

Exploits0References8
ThreatPost
ThreatPost
added 2021/04/13 6:29 p.m.54 views

Tax Phish Swims Past Google Workspace Email Security

A W2 tax email scam is circulating in the U.S. using Typeform, a popular software that specializes in online surveys and form building. The campaign is aimed at harvesting victims’ email account credentials, researchers said. According to Armorblox, the campaign also bypasses native Google...

7.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/03/01 3:59 p.m.54 views

Firewall Vendor Patches Critical Auth Bypass Flaw

Germany-based cybersecurity company Genua has fast-tracked a fix for a critical flaw in one of its firewall products. If exploited, the vulnerability could allow local attackers to bypass authentication measures and log in to internal company networks with the highest level of privileges. Genua...

0.3AI score0.02349EPSS
Exploits2References7
ThreatPost
ThreatPost
added 2021/02/25 5:4 p.m.54 views

Malicious Mozilla Firefox Extension Allows Gmail Takeover

A newly uncovered cyberattack is taking control of victims’ Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known...

1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/22 7:40 p.m.54 views

Clubhouse Conversations Recorded, Researchers Warn

At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that ov...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/19 2:11 p.m.54 views

Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company’s internal systems or products to attack other victims. That’s the final verdict this week by the tech giant now that it’s completed a...

0.5AI score
Exploits0References23
ThreatPost
ThreatPost
added 2021/01/28 4:46 p.m.54 views

LogoKit Simplifies Office 365, SharePoint 'Login' Phishing Pages

A newly-uncovered phishing kit, dubbed LogoKit, eliminates headaches for cybercriminals by automatically pulling victims’ company logos onto the phishing login page. This gives attackers the tools needed to easily mimic company login pages, a task that can sometimes be complex. Cybercriminals hav...

Exploits0References15
ThreatPost
ThreatPost
added 2021/01/15 10:4 p.m.54 views

CES 2021 Gadgets: Worst in Privacy and Security Awards

This year’s Consumer Electronics Show was hampered by the pandemic, but that didn’t stop an expert panel from convening to award this year’s dubious CES 2021 Worst in Show honors in the context of gadget privacy and security. Overall trends from the week included ever-connected devices constantly...

7.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/11/20 8:56 p.m.54 views

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

A spike in recent phishing and business email compromise BEC attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox. Social distancing has driven entire businesses into the arms of the Google ecosystem looking for a reliable, simple w...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/10/12 1:0 p.m.54 views

Ransomware Attackers Buy Network Access in Cyberattack Shortcut

For prices between $300 and $10,000, ransomware groups have the opportunity to easily buy initial network access to already-compromised companies on underground forums. Researchers warn this opportunity gives groups like Maze or Sodinokibi the ability to more easily kickstart ransomware attacks...

0.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/09/28 5:32 p.m.54 views

Universal Health Services Ransomware Attack Impacts Hospitals Nationwide

A ransomware attack has shut down Universal Health Services, a Fortune-500 owner of a nationwide network of hospitals. The attack occurred in the wee hours of the morning on Monday, according to reports coming in from employees on Reddit and other platforms. On Reddit, a discussion with hundreds ...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/09/17 9:0 p.m.54 views

Mozi Botnet Accounts for Majority of IoT Traffic

The Mozi botnet, a peer-2-peer P2P malware known previously for taking over Netgear, D-Link and Huawei routers, has swollen in size to account for 90 percent of observed traffic flowing to and from all internet of things IoT devices, according to researchers. IBM X-Force noticed Mozi’s spike with...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/06/29 5:15 p.m.54 views

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Facial recognition technology is still misidentifying people at an alarming rate – even as it’s being used by police departments to make arrests. In fact, Paul Bischoff, consumer privacy expert with Comparitech, found that Amazon’s face recognition platform incorrectly misidentified more than 100...

6.5AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/06/09 2:17 p.m.54 views

Dark Basin Hack-For-Hire Group Targeted Thousands Over 7 Years

A hack-for-hire group, called Dark Basin, has been outed after targeting thousands of individuals and organizations worldwide – including advocacy groups and journalists, elected and senior government officials, and hedge funds — over the course of seven years. Dark Basin conducted commercial...

7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/06/03 8:51 p.m.54 views

Sophisticated Info-Stealer Targets Air-Gapped Devices via USB

The Cycldek APT group has added a previously unknown malware dubbed USBCulprit to its arsenal, aimed at reaching air-gapped devices. Cycldek a.k.a. Goblin Panda, APT 27 and Conimes has been targeting governments in Southeast Asia since 2013, according to analysis from Kaspersky, and has been...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/05/27 8:14 p.m.54 views

DoubleGun Group Builds Massive Botnet Using Cloud Services

An operation from the China-based cybercrime gang known as DoubleGun Group has been disrupted, which had amassed hundreds of thousands of bots that were controlled via public cloud services, including Alibaba and Baidu Tieba. NetLab 360 researchers, in a recent posting, said that it noticed DNS...

6.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/04/23 2:0 p.m.54 views

Skype Phishing Attack Targets Remote Workers' Passwords

Remote workers are being warned of a new phishing campaign targeting their Skype passwords. The phishing emails look “eerily similar” to a legitimate Skype notification alert, according to a report released by Cofense on Thursday. Emails indicate users have 13 pending Skype notifications that can...

6.9AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/04/14 1:0 p.m.54 views

Safe Remote Access to Critical Infrastructure Networks in a Time of Global Crisis

With governments closing down workplaces all over the world, telecommuting presents not just online administrative and capacity challenges for organizations, but also security challenges. As highlighted in a recent article by Andy Greenberg from Wired, when more and more employees are asked to VP...

1.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/03/20 6:24 p.m.54 views

News Wrap, Coronavirus Edition: WFH Security Woes, Pwn2Own

For the week ended March 20, Threatpost editors break down the top security stories, including: The various cybercriminal activities – malware, phishing and other scams – tapping into the coronavirus pandemic The security risks of businesses working from home due to the virus’ spread Privacy...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/20 4:17 p.m.54 views

Cybergang Favors G Suite and Physical Checks For BEC Attacks

Researchers have uncovered a new business email compromise BEC threat actor, which they call Exaggerated Lion, targeting thousands of U.S. companies with money pilfering scams. The cybercrime ring is unique in its leveraging of Google’s cloud-based productivity suite, G Suite, and for its use of...

6.9AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/02/07 2:49 p.m.54 views

Phishing Campaign Targets 250 Android Apps with Anubis Malware

A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device’s data for ransom. The attacks are designed for mobile inboxes and leverage the Anubis malware, a...

1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/12/04 1:52 p.m.54 views

Dutch Politician Could Get Three Years in Prison for Hacking iCloud Accounts

Prosecutors in the Netherlands are asking for three years in prison for a Dutch politician who hacked into women’s personal iCloud accounts and stole nude photos and other personal digital material belonging to them, then leaked some of it online. The public prosecutor of the North Holland Public...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/14 2:0 p.m.54 views

Download: The Comprehensive Compliance Guide

A large part of the CISO/CIO responsibility is ensuring compliance standards are met. As one of the main drivers of security product purchase and implementation, regulation comes in many different shapes and sizes. Some standards provide clear consequences for failure to meet them. Others provide...

0.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/06 4:52 p.m.54 views

Facebook Privacy Breach: 100 Developers Improperly Accessed Data

UPDATE Facebook said that 100 third-party app developers have improperly accessed the names and profile pictures of members in various Facebook groups – data that was restricted in 2018 by the platform after its Cambridge Analytica privacy snafu. Facebook said that the developers – including 11 i...

7.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/09/30 3:51 p.m.54 views

Senate Passes Bill Aimed At Combating Ransomware Attacks

The U.S. Senate has approved new legislation aimed at helping government agencies and private-sector companies combat ransomware attacks. The legislation comes as local governments and schools continue to be hit by sophisticated – and in some cases coordinated – ransomware attacks. The proposed...

0.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/08/26 3:43 p.m.54 views

Hostinger Data Breach: 14M Customer Passwords, Personal Data at Risk

Web hosting company Hostinger is warning that a breach of one of its servers potentially gave bad actors access to the hashed passwords and personal data of more than 14 million customers. Hostinger, a popular web, cloud and virtual private server hosting provider and domain registrar with 29...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/08 6:43 p.m.54 views

GoBotKR Targets Pirate Torrents to Build a DDoS Botnet

A botnet dubbed GoBotKR is targeting fans of Korean TV, compromising computers via pirated copies of South Korean movies, games and TV shows available via Korean and Chinese torrent sites. Ultimately, the cybercriminals are building a network that can then be used to perform DDoS attacks of vario...

7.4AI score
Exploits0References4
Total number of security vulnerabilities5000