Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/02/13 3:15 p.m.55 views

Unpatched Apple macOS Hole Exposes Safari Browsing History

A design flaw in Apple’s macOS could allow a malicious application to steal victims’ Safari web browsing history. The security hole exists in every version of the Mac’s Mojave operating system, including macOS Mojave 10.14.3 Supplemental Update recently released on Feb. 7. That’s according to Mac...

Exploits0References6
ThreatPost
ThreatPost
added 2018/09/19 1:30 p.m.55 views

XBash Malware Packs Double Punch: Destroys Data and Mines for Crypto Coins

Researchers have discovered a new sophisticated malware family in the wild, which wrecks havoc on Windows and Linux systems with a combination of data destructive ransomware and malicious cryptomining. The malware, dubbed by Palo Alto Networks’ Unit 42 researchers who discovered it as Xbash, has...

7.5CVSS0.3AI score0.98518EPSS
Exploits19References2
ThreatPost
ThreatPost
added 2018/09/06 11:30 a.m.55 views

High-Severity Flaws in Cisco Secure Internet Gateway Service Patched

Two high-severity vulnerabilities have been disclosed in Cisco’s security platform that could allow an attacker to gain administrative privileges – and take full control of the impacted machine. The glitches, disclosed Wednesday, affect two parts of Cisco Umbrella, a secure internet gateway that...

7.2CVSS8AI score0.01516EPSS
Exploits4References3
ThreatPost
ThreatPost
added 2018/06/07 6:46 p.m.55 views

Shipping Industry Cybersecurity: A Shipwreck Waiting to Happen

The global shipping industry is vulnerable to a range of hacks, including one that can send multi-million dollar vessels on a collision course for disaster, according researchers. Worse, the flaws are trivial to execute and easy to mitigate against, according to a report by Pen Test Partners. “Sh...

7.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/01/08 4:57 p.m.55 views

Apple Releases Spectre Patches for Safari, macOS and iOS

Apple released iOS 11.2.2 software Monday for iPhones, iPads and iPod touch models that patch for the Spectre vulnerabilities. A macOS High Sierra 10.13.2 supplemental update was also released to bolster Spectre defenses in Apple’s Safari browser and WebKit, the web browser engine used by Safari,...

4.7CVSS7.1AI score0.93838EPSS
Exploits12References7
ThreatPost
ThreatPost
added 2017/07/11 4:36 p.m.55 views

Microsoft Patch Tuesday Update Fixes 19 Critical Vulnerabilities

Microsoft today released patches for 19 critical vulnerabilities, one of which was publicly known prior to the update. In all, 54 vulnerabilities were patched in Windows, Edge, Internet Explorer, Office and Exchange as part of Microsoft’s monthly Patch Tuesday release; 32 flaws were rated importa...

10CVSS0.2AI score0.50373EPSS
Exploits3References12
ThreatPost
ThreatPost
added 2016/12/15 10:0 a.m.55 views

Code Reuse a Peril for Secure Software Development

The amount of insecure software tied to reused third-party libraries and lingering in applications long after patches have been deployed is staggering. It’s a habitual problem perpetuated by developers failing to vet third-party code for vulnerabilities, and some repositories taking a hands-off...

9.1AI score0.99993EPSS
Exploits41References11
ThreatPost
ThreatPost
added 2016/05/04 12:17 p.m.55 views

Public Exploits Available for ImageMagick Vulnerabilities

Within hours of the disclosure of serious vulnerabilities in ImageMagick, public exploits were available increasing the risk to thousands of websites that make use of the open source image-processing software. Attackers can append malicious code to an image file that ImageMagick will process...

10CVSS8.1AI score0.97485EPSS
Exploits11References4
ThreatPost
ThreatPost
added 2016/03/01 12:30 p.m.55 views

DROWN Flaw Opens 33 Percent Of HTTPS Connections To Attack

Researchers revealed a massive transport layer security TLS vulnerability today that leaves millions of Internet users vulnerable to an attack that could expose passwords, credit card numbers and financial data. OpenSSL and others are urging companies to patch their web servers or risk exposure t...

4.3CVSS0.82112EPSS
Exploits2References7
ThreatPost
ThreatPost
added 2015/08/26 7:59 a.m.55 views

Researchers Outline New Italian RAT uWarrior

Details have come to light about a new remote access Trojan called uWarrior that arrives embedded in a rigged .RTF document. Researchers with Palo Alto Networks’ research division, Unit 42, described the malware and how it appears to have emanated from an “unknown actor of Italian origin,” in a...

9.3CVSS0.7AI score0.72119EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2015/06/10 8:5 a.m.55 views

Duqu Resurfaces With New Round of Victims, Including Kaspersky Lab

The Duqu attackers, who are considered by researchers to be at the top of the food chain of APT groups and are responsible for attacking certificate authorities and perhaps spying on Iran’s nuclear program, have resurfaced with a new platform that was used to compromise high-profile victims,...

9CVSS8.5AI score0.87448EPSS
Exploits8References4
ThreatPost
ThreatPost
added 2015/04/14 2:49 p.m.55 views

April 2015 Microsoft Patch Tuesday Security Bulletins

Microsoft has patched a critical vulnerability in the Windows HTTP protocol stack, known as HTTP.sys, which could have devastating consequences once it’s inevitably publicly exploited. The bulletin, MS15-034, is one of four critical bulletins issued today by Microsoft. Experts warn that exploitin...

10CVSS10AI score0.97327EPSS
Exploits7References15
ThreatPost
ThreatPost
added 2014/10/14 3:2 p.m.55 views

Fixes for IE, Flash Player in October Patch Tuesday Release

Microsoft and Adobe issued their monthly patch Tuesday releases today, and Microsoft posted eight bulletins, three of which are considered critical including the now-monthly cumulative Internet Explorer update, addressing 24 vulnerabilities in various products. Adobe has fixes for three...

10CVSS0.4AI score0.90208EPSS
Exploits5References5
ThreatPost
ThreatPost
added 2014/08/12 3:9 p.m.55 views

August 2014 Microsoft Patch Tuesday Security Bulletins

Microsoft today released its monthly Patch Tuesday Security Bulletins, and the top priority is another cumulative update for Internet Explorer; this one patches 26 vulnerabilities, including one that’s been publicly reported, Microsoft said, and is likely being exploited. All of them are rated...

9.3CVSS1.7AI score0.99945EPSS
Exploits33References15
ThreatPost
ThreatPost
added 2013/06/14 10:57 a.m.55 views

More on Office 2003 Zero Day Vulnerability Patch

This week’s patch and security advisory for a vulnerability in Microsoft Office is the perfect example of why enterprise administrators need to take Microsoft’s criticality ratings as a suggestion and not gospel. Microsoft pushed security update MS13-051 through on Tuesday with a rating of...

9.3CVSS8.6AI score0.99945EPSS
Exploits37References9
ThreatPost
ThreatPost
added 2012/10/11 2:29 a.m.55 views

More than 300,000 at Risk After Major Breach at Florida College

A security breach initially believed contained to about 50 employee records now appears to involve almost 300,000 students, faculty and employees at a Florida college. Officials at Northwest Florida State College in Niceville today confirmed a massive data breach and hundreds of thousands of stol...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/06/07 4:27 p.m.55 views

Fake Automated Craigslist Email Notifications Link to Blackhole Exploit Kit

UPDATE: A big wave of emails purporting to be Craigslist notifications but containing links to websites hosting the Black Hole exploit kit hit the Internet yesterday, a day that already was filled with drama surrounding the LinkedIn password dump. The malicious emails, 150,000 of which were caugh...

9.3CVSS8AI score0.88246EPSS
Exploits23References4
ThreatPost
ThreatPost
added 2012/05/08 5:24 p.m.55 views

Leaders from China, U.S. Meet, Agree to Rally Against Cyber Threats

In an attempt to clear the cybersecurity air, the United States and the People’s Republic of China agreed Monday to work in tandem to prevent future cyber threats. Meeting at the Pentagon, Defense Secretary Leon Panetta and General Liang Guanglie, China’s Minister of National Defense, insisted th...

7.5CVSS1.2AI score0.99998EPSS
Exploits42References7
ThreatPost
ThreatPost
added 2011/11/26 11:41 p.m.55 views

New Apache Reverse Proxy Issue Uncovered

A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. Prutha Parikh, vulnerability signature engineer at Qualys, blogged that she uncovered the issue while creating a...

5CVSS0.2AI score0.90734EPSS
Exploits12References3
ThreatPost
ThreatPost
added 2011/10/14 5:58 p.m.55 views

SpyEye and Zeus Malware: Married Or Living Separately?

Everyone knows that the first year of marriage can be a tough one -around three percent of them end in the first 12 months. Looks like the same can be true of malware marriages, with the union of the Zeus and SpyEye Trojan now in question. Just one year after news broke that the Zeus and SpyEye...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2011/09/14 3:29 p.m.55 views

Apache Releases Version 2.2.21 With New Fix For Range Header Flaw

Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw. Apache 2.2.21 has a patc...

7.8CVSS0.1AI score0.98945EPSS
Exploits19References4
ThreatPost
ThreatPost
added 2011/03/25 3:14 p.m.55 views

Google Fixes Six High-Risk Bugs in New Chrome Release

Google has released a new version of its Chrome browser, fixing six high-risk security bugs in the process and paying out $8,500 in bug bounties along the way. The latest version of Chrome, version 10.0.648.204, also includes a number of other new features for some of the supported platforms. The...

7.5CVSS9AI score0.02014EPSS
Exploits3References7
ThreatPost
ThreatPost
added 2011/01/21 2:58 p.m.55 views

The Oracle Quarterly Patch Update

January 18th marks the 6th anniversary of the Oracle Critical Patch Update CPU in its current form as a quarterly patch. For those who remember, before the CPU, Oracle released patches as Security Alerts, the last being Security Alert 68 at the end of August 2004. In the past 6 years, CPUs have...

10CVSS9.1AI score0.99945EPSS
Exploits37
ThreatPost
ThreatPost
added 2010/05/07 3:37 p.m.55 views

Main PHP-Nuke Site Compromised

The main site for the PHP-Nuke content management system software has been compromised and is serving malicious iFrame exploits to visitors. Researchers at Websense found that the phpnuke.org site is currently serving several different exploits. The attack uses the common iFrame-redirection...

9.3CVSS8.5AI score0.96632EPSS
Exploits44References5
ThreatPost
ThreatPost
added 2009/11/24 2:39 p.m.55 views

Microsoft Acknowledges IE7 Flaw

Microsoft has acknowledged a new unpatched vulnerability in Internet Explorer 6 and 7, and said that the company is investigating methods for fixing the flaw. The company said that although there is public exploit code available for the vulnerability, it has not seen any evidence of ongoing attac...

9.3CVSS0.8AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2022/05/27 10:32 a.m.54 views

Critical Flaws in Popular ICS Platform Can Trigger RCE

Critical flaws in a popular platform used by industrial control systems ICS that allow for unauthorized device access, remote code execution RCE or denial of service DoS could threaten the security of critical infrastructure. OAS—offered by a company of the same name–makes it easy to transfer dat...

9.8CVSS8.5AI score0.37606EPSS
Exploits8References21
ThreatPost
ThreatPost
added 2021/08/23 6:54 p.m.54 views

ProxyShell Attacks Pummel Unpatched Exchange Servers

Over the weekend, the Cybersecurity & Infrastructure Security Agency CISA issued an urgent alert that attackers are actively attacking ProxyShell vulnerabilities in unpatched Microsoft Exchange Servers, joining researchers in urging organizations to immediately install the latest Microsoft Securi...

10CVSS8.9AI score0.99999EPSS
Exploits18References13
ThreatPost
ThreatPost
added 2021/07/21 1:0 p.m.54 views

Tracking Malware and Ransomware Domains in 2021

In 2021, the threat of ransomware has loomed large. In many ways, it’s exactly what cybersecurity experts expected and predicted after the major cyber attacks of 2020—including hospital ransomware attacks on a healthcare industry hard-hit by both ransomware and Covid-19. But in other ways, this...

7.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/07/09 10:50 a.m.54 views

Lazarus Targets Job-Seeking Engineers with Malicious Documents

The notorious Lazarus advanced persistent threat APT group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves impersonating defense contractors seeking job candidates. Researchers have been tracking Lazarus activity for...

8.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/06/09 12:58 p.m.54 views

DarkSide Pwned Colonial With Old VPN Password

It took only one dusty, no-longer-used password for the DarkSide cybercriminals to breach the network of Colonial Pipeline Co. last month, resulting in a ransomware attack that caused significant disruption and remains under investigation by the U.S. government and cybersecurity experts. Attacker...

7.7AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/06/07 8:54 p.m.54 views

FBI Claws Back Millions of DarkSide’s Ransom Profits

United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice DOJ and FBI announced in a joint press conference on Monday. “Today we turned the tables on DarkSide,” FBI Deputy Director...

7.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/02 8:33 p.m.54 views

Podcast: The State of Ransomware

Last month, ransomware group DarkSide targeted operator Colonial Pipeline Co., disrupting fuel supply in the Eastern part of the U.S. The attack on a major U.S. oil pipeline had widespread ripples: it prompted President Joe Biden to declare a state of emergency and caused substantial pain at gas...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/05/05 4:3 p.m.54 views

Peloton’s Leaky API Spilled Riders’ Private Data

Peloton has hit a pothole. Its API was leaking riders’ private data, it ignored a vulnerability disclosure from a penetration testing company, and it partially fixed the hole but didn’t get around to telling the researcher until he reached out to a cybersecurity journalist for some help. This is...

7.2AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/05/04 8:58 p.m.54 views

Phishing Attacks Spawn Three New Malware Strains

Two waves of global financial phishing attacks that swamped at least 50 organizations in December have delivered three new malware families, according to a report from FireEye’s Mandiant cybersecurity team. On Tuesday, the team said that they’ve dubbed the hitherto-unseen malware strains...

Exploits0References8
ThreatPost
ThreatPost
added 2021/04/13 6:29 p.m.54 views

Tax Phish Swims Past Google Workspace Email Security

A W2 tax email scam is circulating in the U.S. using Typeform, a popular software that specializes in online surveys and form building. The campaign is aimed at harvesting victims’ email account credentials, researchers said. According to Armorblox, the campaign also bypasses native Google...

7.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/03/01 3:59 p.m.54 views

Firewall Vendor Patches Critical Auth Bypass Flaw

Germany-based cybersecurity company Genua has fast-tracked a fix for a critical flaw in one of its firewall products. If exploited, the vulnerability could allow local attackers to bypass authentication measures and log in to internal company networks with the highest level of privileges. Genua...

0.3AI score0.02349EPSS
Exploits2References7
ThreatPost
ThreatPost
added 2021/02/25 5:4 p.m.54 views

Malicious Mozilla Firefox Extension Allows Gmail Takeover

A newly uncovered cyberattack is taking control of victims’ Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known...

1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/22 7:40 p.m.54 views

Clubhouse Conversations Recorded, Researchers Warn

At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that ov...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/19 2:11 p.m.54 views

Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company’s internal systems or products to attack other victims. That’s the final verdict this week by the tech giant now that it’s completed a...

0.5AI score
Exploits0References23
ThreatPost
ThreatPost
added 2021/01/28 4:46 p.m.54 views

LogoKit Simplifies Office 365, SharePoint 'Login' Phishing Pages

A newly-uncovered phishing kit, dubbed LogoKit, eliminates headaches for cybercriminals by automatically pulling victims’ company logos onto the phishing login page. This gives attackers the tools needed to easily mimic company login pages, a task that can sometimes be complex. Cybercriminals hav...

Exploits0References15
ThreatPost
ThreatPost
added 2021/01/15 10:4 p.m.54 views

CES 2021 Gadgets: Worst in Privacy and Security Awards

This year’s Consumer Electronics Show was hampered by the pandemic, but that didn’t stop an expert panel from convening to award this year’s dubious CES 2021 Worst in Show honors in the context of gadget privacy and security. Overall trends from the week included ever-connected devices constantly...

7.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/11/20 8:56 p.m.54 views

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

A spike in recent phishing and business email compromise BEC attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox. Social distancing has driven entire businesses into the arms of the Google ecosystem looking for a reliable, simple w...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/10/12 1:0 p.m.54 views

Ransomware Attackers Buy Network Access in Cyberattack Shortcut

For prices between $300 and $10,000, ransomware groups have the opportunity to easily buy initial network access to already-compromised companies on underground forums. Researchers warn this opportunity gives groups like Maze or Sodinokibi the ability to more easily kickstart ransomware attacks...

0.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/09/28 5:32 p.m.54 views

Universal Health Services Ransomware Attack Impacts Hospitals Nationwide

A ransomware attack has shut down Universal Health Services, a Fortune-500 owner of a nationwide network of hospitals. The attack occurred in the wee hours of the morning on Monday, according to reports coming in from employees on Reddit and other platforms. On Reddit, a discussion with hundreds ...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/09/17 9:0 p.m.54 views

Mozi Botnet Accounts for Majority of IoT Traffic

The Mozi botnet, a peer-2-peer P2P malware known previously for taking over Netgear, D-Link and Huawei routers, has swollen in size to account for 90 percent of observed traffic flowing to and from all internet of things IoT devices, according to researchers. IBM X-Force noticed Mozi’s spike with...

0.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/06/29 5:15 p.m.54 views

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Facial recognition technology is still misidentifying people at an alarming rate – even as it’s being used by police departments to make arrests. In fact, Paul Bischoff, consumer privacy expert with Comparitech, found that Amazon’s face recognition platform incorrectly misidentified more than 100...

6.5AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/06/18 8:42 p.m.54 views

Facebook's FTC-Mandated Privacy Committee Now in Effect

Facebook on Thursday said it has started to report its privacy practices to a newly formed, independent Privacy Committee. The creation of the independent committee was part of the company’s settlement a year ago with the Federal Trade Commission FTC over data privacy violations, which came in...

1.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/06/09 2:17 p.m.54 views

Dark Basin Hack-For-Hire Group Targeted Thousands Over 7 Years

A hack-for-hire group, called Dark Basin, has been outed after targeting thousands of individuals and organizations worldwide – including advocacy groups and journalists, elected and senior government officials, and hedge funds — over the course of seven years. Dark Basin conducted commercial...

7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/06/03 8:51 p.m.54 views

Sophisticated Info-Stealer Targets Air-Gapped Devices via USB

The Cycldek APT group has added a previously unknown malware dubbed USBCulprit to its arsenal, aimed at reaching air-gapped devices. Cycldek a.k.a. Goblin Panda, APT 27 and Conimes has been targeting governments in Southeast Asia since 2013, according to analysis from Kaspersky, and has been...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/05/27 8:14 p.m.54 views

DoubleGun Group Builds Massive Botnet Using Cloud Services

An operation from the China-based cybercrime gang known as DoubleGun Group has been disrupted, which had amassed hundreds of thousands of bots that were controlled via public cloud services, including Alibaba and Baidu Tieba. NetLab 360 researchers, in a recent posting, said that it noticed DNS...

6.9AI score
Exploits0References6
Total number of security vulnerabilities5000