Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/08/03 8:16 p.m.52 views

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

Most people have probably heard of catfishing. That’s when someone adopts a fake online persona, usually to trick someone into falling in love. Now, threat actors have developed their own spin on the grift, developing appealing — objectively hot — profiles to charm victims into downloading malwar...

6.6AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/07/19 6:48 p.m.52 views

Ruthless Attackers Target Florida Condo Collapse Victims

Families mourning the loss of loved ones to the partial collapse of the Champlain Towers South condo building in Surfside, Fla. are now being urged to check the credit of their deceased relatives thanks to a group of heartless hackers targeting victims in a new identity-theft scheme. Apparently,...

6.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/07/06 5:1 p.m.52 views

Western Digital Users Face Another RCE

Bad news comes in threes, most particularly for Western Digital customers. As if things weren’t bad enough for the untold number of Western Digital customers whose data blinked out of existence last month, there’s another zero-day waiting for whoever can’t or won’t upgrade its My Cloud storage...

8AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/07/05 8:12 p.m.52 views

Kaseya Attack Fallout: CISA, FBI Offer Guidance

The REvil cybergang is taking credit for Friday’s massive ransomware attack against managed service provider Kaseya Ltd. The criminals behind the attack claim it infected 1 million systems tied to Kaseya services and are demanding $70 million in bitcoin in exchange for a decryption key. Federal...

7.6AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/23 7:23 p.m.52 views

Iran Media Websites Seized by U.S. in Disinformation Campaign

The Department of Justice has seized the domains of 36 Iranian media sites that officials say weren’t just operating in violation of sanctions, but were part of a widespread government-backed malign-influence operation targeting the U.S. The DoJ said that 33 of the sites are run by the Iranian...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/23 3:39 p.m.52 views

Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access

A critical security bug in Palo Alto Networks’ Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug CVE-2021-3044 is an...

9.8CVSS9.7AI score0.01406EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/06/16 6:38 p.m.52 views

IKEA Fined $1.2M for Elaborate ‘Spying System’

IKEA’s French subsidiary was just hit with a $1.2 million fine after it was found guilty of a creepy systematic snooping scheme targeting customers, employees and even prospective hires. Prosecutors said in all, the company illegally surveilled about 400 people in total, according to the BBC. IKE...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/06/10 6:58 p.m.52 views

STEM Audio Table Rife with Business-Threatening Bugs

The STEM Audio Table conference-room speaker has a security vulnerability that would allow unauthenticated remote code execution RCE as root – paving the way for eavesdropping on conversations, denial of service, lateral movement throughout enterprise networks and more. And, there are multiple...

9.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/06/10 3:51 p.m.52 views

Steam Gaming Platform Hosting Malware

UPDATE Look out for SteamHide, an emerging malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign. The Steam platform merely serves as a vehicle which hosts the malicious file, according to research fr...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/06/02 3:52 p.m.52 views

REvil Ransomware Ground Down JBS: Sources

The cyberattack that flattened operations at JBS Foods over the weekend was indeed a ransomware strike, the global food distributor has confirmed to the Biden administration, with sources pointing to the REvil Group as the responsible gang. Four people familiar with the matter who weren’t...

7AI score
Exploits0References22
ThreatPost
ThreatPost
added 2021/06/01 9:5 p.m.52 views

Cyber-Insurance Fuels Ransomware Payment Surge

Ransomware victims are increasingly falling back on their cyber-insurance providers to pay the ransom when they’re hit with an extortion cyberattack. But security researchers warn that this approach can quickly become problematic. In the first half of 2020, ransomware attacks accounted for 41...

7.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/05/12 4:50 p.m.52 views

Gig Workers Being Paid $500 for Payroll Passwords

Fintech startup Argyle, a financial-services platform aimed at gig workers, is working to replace credit scores assigned by bureaus like Equifax. But closer security analysis hints that Argyle could be just the latest incarnation of an ongoing data-collection campaign, paying people to give up...

5.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/04/22 1:17 p.m.52 views

Telegram Platform Abused in 'ToxicEye' Malware Campaigns

Hackers are leveraging the popular Telegram messaging app by embedding its code inside a remote access trojan RAT dubbed ToxicEye, new research has found. A victim’s computer infected with the ToxicEye malware is controlled via a hacker-operated Telegram messaging account. The ToxicEye malware ca...

0.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/04 3:58 p.m.52 views

Microsoft Office 365 Attacks Sparked from Google Firebase

A phishing campaign bent on stealing Microsoft login credentials is using Google Firebase to bypass email security measures in Microsoft Office 365, researchers said. Researchers at Armorblox uncovered invoice-themed emails sent to at least 20,000 mailboxes that purport to share information about...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/01/05 1:51 p.m.52 views

Data from August Breach of Amazon Partner Juspay Dumped Online

Data from a breach that occurred five months ago involving Juspay, which handles payments for Amazon and other online retailers in India, has been dumped online, a researcher has found. Security researcher Rajshekhar Rajaharia discovered data of 35 million Indian credit-card holders from a breach...

0.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/12/21 5:0 p.m.52 views

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop. The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said. Thin clients...

0.2AI score0.01848EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/09/10 4:39 p.m.52 views

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks

A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices. The flaw CVE-2020-15802, discovered independently by researchers at the École Polytechnique Fédérale de...

4.3CVSS6.2AI score0.07137EPSS
Exploits1References12
ThreatPost
ThreatPost
added 2020/07/30 9:40 p.m.52 views

Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

A security issue in popular video conferencing platform Zoom was disclosed this week, which could have allowed attackers to crack private meeting passcodes and snoop in on video conferences. The problem, which has already been fixed, stems from Zoom not having any check against repeated incorrect...

7.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/07/21 6:32 p.m.52 views

Chris Vickery: AI Will Drive Tomorrow’s Data Breaches

From malicious hacks to accidental misconfigurations, Chris Vickery has seen it all. But as cybercriminals continue to innovate, Vickery, the director of risk research with UpGuard, said one emerging security threat will “blindside” the world: “fakeable” voices. More bad actors using artificial...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/06/08 1:0 p.m.52 views

Can Governments Defeat Nation-State Attacks on Critical Infrastructures?

For physical conflicts, we expect our government to protect us from nation-state adversaries. It turns out, though, that industrial enterprises are much better positioned to defeat most nation-state attacks on power plants, pipelines, and other critical infrastructures than governments are. For...

0.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/05/21 1:0 p.m.52 views

Supreme Court Phish Targets Office 365 Credentials

A highly-targeted phishing attack pretends to deliver subpoenas, but actually ends up collecting victims’ Office 365 credentials. The ongoing campaign has slipped by Office 365 and gateway security controls to hit several C-Suite level victims thus far. The phishing emails spoof the U.S. Supreme...

6.9AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/05/15 3:54 p.m.52 views

Quantum Security Goes Live with Samsung Galaxy

Samsung and South Korean telecom giant SK Telecom have debuted the Galaxy A Quantum 5G smartphone, sporting a quantum random number generation RNG chipset. It’s the first commercialization of quantum technology for mobile phones, and it will serve as a significant bellwether for full quantum...

9.3CVSS7.8AI score0.01252EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2020/05/06 2:32 p.m.52 views

Ransomware Attack Takes Down Toll Group Systems, Again

Australian transportation and logistics giant Toll Group has been hit by a ransomware attack – for the second time in three months. The company said a relatively new form of ransomware known as Nefilim had targeted its systems. Toll Group, a subsidiary of Japan Post Holdings, is a freight and...

7.6AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/04/17 2:44 p.m.52 views

Zoom Bombing Attack Hits U.S. Government Meeting

A U.S. House Oversight Committee meeting was the most recent victim of a Zoom bombing attack, after the meeting was disrupted at least three different times by uninvited attendees. The incident was disclosed in a recent internal letter from Jim Jordan R-Ohio to Carolyn Maloney R-NY, chairwoman fo...

6.9AI score
Exploits0References19
ThreatPost
ThreatPost
added 2020/03/24 1:0 p.m.52 views

Domain Name Security: Important Measures You Need to Know

Whether you are an individual, a large commercial business, or a small non-profit organization, the creation and protection of your online presence are essential. While many individuals and businesses use social media platforms to connect with followers, customers, or organization members, a doma...

1.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/03/18 9:14 p.m.52 views

Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’

UPDATE Researchers are shedding light on a Microsoft Azure misconfiguration bug that leaked sensitive access tokens, which could have given hackers access to virtual machine instances and cloud-based storage buckets. Since its discovery, an update has fixed what researchers said was a...

7.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/03/18 1:51 p.m.52 views

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws

Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution. Overall, Adobe on Wednesday patched flaws tied to 41 CVEs across its products, 29 of which were critical in severity. T...

1.4AI score0.07581EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2020/02/18 10:18 p.m.52 views

FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter

Just ahead of its Champion’s League Round of 16 appearance next week, FC Barcelona’s official Twitter account was hacked in an apparent credential-stuffing attack. The strike resulted in account takeover and bogus tweets being sent out. The hacking collective known as OurMine, which made headline...

7.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/02/18 7:48 p.m.52 views

Iran-Backed APTs Collaborate on 3-Year 'Fox Kitten' Global Spy Campaign

Two Iran-backed APTs could be working together on a sprawling, three-year campaign to compromise high-value organizations from the IT, telecom, oil and gas, aviation, government and security sectors in Israel and around the world, according to a report by researchers at ClearSky. They maintain,...

0.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/12/18 7:43 p.m.52 views

Why Cloud, Collaboration Breed Insider Threats

When it comes to facing insider threats, many enterprises seem to be suffering from a type of organizational cognitive dissonance – as in, they hold two, seemingly contradictory beliefs when it comes to the cloud and the collaboration tools that they use. Specifically, business leaders and...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/12/11 9:16 p.m.52 views

Smart Krampus-3PC Malware Targets iPhone Users Online

A malicious web redirect campaign affecting iPhone users has impacted more than 100 publisher websites, including online newspapers and international weekly news magazines. According to The Media Trust’s Digital Security & Operations DSO team, iPhone users visiting any of the impacted websites we...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/05 11:36 a.m.52 views

Eye Clinic Breach Reveals Data of 20,000 Patients

A Utah eye clinic is in the process of informing 20,000 patients that they were the victims of a data breach that happened a year and a half ago and linked patients to a scam involving PayPal. The breach at the Utah Valley Eye Center in Provo, Utah, that exposed patient emails once again highligh...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/10/30 7:47 p.m.52 views

Insurance Pays Out a Sliver of Norsk Hydro's Cyberattack Damages

On the heels of a severe cyberattack, aluminum giant Norsk Hydro has received only $3.6 million in cyber-insurance – just a fraction of the total costs in damage. Overall, the Oslo, Norway-based company incurred between $60 million to $71 million in damages from the incident, which forced it to...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/10/22 1:0 p.m.52 views

Cynet’s free vulnerability assessment offering helps organizations significantly increase their security

Long before a cyberattack is underway, organizations need to be focused on improving their security. Part of this is to always be monitoring their environment, on the lookout for weaknesses and ready to take action if they are found. This is the best way to ensure the organization remains immune ...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/09/06 7:14 p.m.52 views

Back-to-School Scams Target Students with Library-Themed Emails

College students settling back into school might want to think twice before clicking on an email prompting them to renew their school library account. Researchers warn that students at hundreds of universities worldwide are being targeted with fake emails this week, which tout attachments or link...

Exploits0References8
ThreatPost
ThreatPost
added 2019/06/19 9:2 p.m.52 views

Feds: Cyberattack on NASA's JPL Threatened Mission-Control Data

NASA’s Jet Propulsion Laboratory JPL may know how to send delicate equipment to Mars, but basic cybersecurity best practices appear to pose an issue for it. A comprehensive federal review has detailed an April 2018 security incident that compromised mission systems – stemming from multiple IT...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/06/05 11:54 a.m.52 views

Infosecurity Europe: Easing the Clash Between IT and Industrial Worlds

LONDON, UK – Information technology and operational technology are like two sides of the same coin. Their objectives are the same, but too often they don’t see eye-to-eye when it comes to priorities, according to cybersecurity experts. Information technology IT teams are tasked with securing and...

6.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/05/06 2:42 p.m.52 views

Tor Security Add-On Abruptly Killed by Mozilla Bug

Thanks to Mozilla letting an intermediate signing certificate expire, the Tor community was thrown into disarray over the weekend when the NoScript security add-on was suddenly killed for both Firefox and the Tor browser. A fix is available for Firefox, but the Tor issue continues. NoScript is a...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/04/15 1:59 p.m.52 views

Microsoft Outlook Breach Widens in Scope, Impacting MSN And Hotmail – Report

UPDATE A recently-disclosed Microsoft email-platform breach is reportedly much worse than previously thought, now impacting a large number of Outlook accounts as well as MSN and Hotmail email accounts. On Friday, a slew of Outlook users reported receiving notifications from Microsoft. The...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/04/10 4:30 a.m.52 views

SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort

SINGAPORE — Around 240 high-profile victims in 39 countries worldwide have become victims of an APT cyber-espionage attack, led by an organization dubbed the Gaza Cybergang that comprises several groups of varying sophistication. The victims, who were all targeted last year, include political,...

7.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/02/14 6:20 p.m.52 views

Threatpost Poll: Over Half of Firms Asked Struggle with Mobile Security

A Threatpost survey of readers found over half of respondents don’t feel sufficiently prepared to prevent or handle a security incident stemming from mobile devices in their firm. The informal survey results should serve as harbinger for security professionals in light of the fact that 80 percent...

6.8AI score
Exploits0References18
ThreatPost
ThreatPost
added 2018/04/10 9:16 p.m.52 views

Microsoft Fixes 66 Bugs in April Patch Tuesday Release

Microsoft’s April Patch Tuesday release includes fixes for 66 bugs, 24 of which are rated critical. Notable is Microsoft’s disclosure of a publicly known SharePoint elevation of privilege bug CVE-2018-1034, rated important, which has no fix but has not been publicly exploited. Microsoft SharePoin...

9.3CVSS8.6AI score0.40069EPSS
Exploits2References17
ThreatPost
ThreatPost
added 2018/03/28 5:35 p.m.52 views

Cisco Patches Two Critical RCE Bugs in IOS XE Software

Three critical vulnerabilities were patched by Cisco Systems on Wednesday, each tied to the company’s widely used internetworking operating system IOS XE. Two of the bugs are remote code execution vulnerabilities that could allow an attacker to take control over affected systems. The critical bug...

10CVSS2.5AI score0.9951EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2018/02/06 10:34 a.m.52 views

Cisco Issues New Patches for Critical Firewall Software Vulnerability

Cisco has released new patches for a critical vulnerability in its Adaptive Security Appliance software after further investigation revealed additional attack vectors. The company first announced the vulnerability, CVE-2018-0101, on Jan. 29. It received a Common Vulnerability Scoring System base...

10CVSS0.9AI score0.87397EPSS
Exploits7References4
ThreatPost
ThreatPost
added 2017/05/11 4:39 p.m.52 views

Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability

Popular open source forum software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code. Legal Hackers‘ Dawid Golunski found the vulnerabilities–a host header injection and an...

7.5CVSS9.8AI score0.99714EPSS
Exploits60References7
ThreatPost
ThreatPost
added 2016/07/07 7:0 a.m.52 views

APT Group 'Patchwork' Cuts-and-Pastes a Potent Attack

An advanced persistent threat tied to Southeast Asia and the South China Sea is targeting governments and entities around the world including the U.S. The attacks are unique, according to security experts, because the perpetrators are relying nearly 100 percent on computer code copied-and-pasted...

9.3CVSS0.7AI score0.81628EPSS
Exploits22References2
ThreatPost
ThreatPost
added 2016/05/02 2:0 p.m.52 views

Google Patches More Trouble in Mediaserver

Google has re-branded its monthly patch release, bringing a new name and new scope to the newly renamed Android Security Bulletin. While that may be new, the content is definitely familiar. Once again, critical remote code execution Mediaserver vulnerabilities dominate this month’s patches...

10CVSS1.4AI score0.0206EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/01/14 2:33 p.m.52 views

OpenSSH Private Crypto Key Leak Patch

OpenSSH today released a patch for a critical vulnerability that could be exploited by an attacker to force a client to leak private cryptographic keys. The attacker would have to control a malicious server in order to force the client to give up the key, OpenSSH and researchers at Qualys said in...

4.6CVSS0.4AI score0.63468EPSS
Exploits3References2
ThreatPost
ThreatPost
added 2015/10/13 2:39 p.m.52 views

October 2015 Microsoft Patch Tuesday Security Bulletins

Microsoft’s monthly release of security bulletins today is a relatively light load of patches to be tested and deployed. The real news, however, could be in a separate advisory in which it continues to deprecate the outdated RC4 encryption algorithm. Following its initial advisory in May that...

9.3CVSS9.1AI score0.99945EPSS
Exploits33References8
ThreatPost
ThreatPost
added 2015/05/28 1:57 p.m.52 views

Angler Exploit Kit Exploiting New Adobe Vulnerability, Dropping Cryptowall 3.0

While the Angler Exploit Kit may have already established itself as one of the more sophisticated kits on the underground market, it appears it’s still finding ways to evolve. Angler, this week, was spotted dropping the latest iteration of CryptoWall ransomware and leveraging yet another previous...

10CVSS0.8AI score0.95184EPSS
Exploits12References12
Total number of security vulnerabilities5000