Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2022/06/21 12:34 p.m.51 views

Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack

Researchers are warning attackers can abuse Microsoft Office 365 functionality to target files stored on SharePoint and OneDrive in ransomware attacks. Those files, stored via “auto-save” and backed-up in the cloud, typically leave end users with the impression data is shielded from a ransomware...

7.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/05/17 1:19 p.m.51 views

iPhones Vulnerable to Attack Even When Turned Off

Attackers can target iPhones even when they are turned off due to how Apple implements standalone wireless features Bluetooth, Near Field Communication NFC and Ultra-wideband UWB technologies in the device, researchers have found. These features—which have access to the iPhone’s Secure Element SE...

7.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/11/22 7:14 p.m.51 views

Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover

A high-severity security vulnerability in CloudLinux’s Imunify360 cybersecurity platform could lead to arbitrary code execution and web-server takeover, according to researchers. Imunify360 is a security platform for Linux-based web servers that allows users to configure various settings for...

9.3CVSS8.2AI score0.01304EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2021/10/27 4:14 p.m.51 views

Apple Patches Critical iOS Bugs; One Under Attack

Apple lovers who haven’t yet updated to iOS 15, you may want to pop into Settings to freshen up your iPhone now: Apple has released several critical security updates that might light a fire under your britches. On Monday and Tuesday, Apple released iOS 14.8.1, iPadOS 14.8.1, watchOS 8.1 and tvOS...

9.3CVSS8.1AI score0.14721EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2021/10/01 5:50 p.m.51 views

3.1M Neiman Marcus Customer Card Details Breached

Dallas-based Neiman Marcus Group is known worldwide as the go-to luxury retailer for the well-heeled. But their reputation for impeccable quality just took a big hit with revelations that the company was breached by an attacker back in May 2020. It took 17 months for the retailer to notice. Just...

8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/09/16 1:8 p.m.51 views

Financial Cybercrime: Following Cryptocurrency via Public Ledgers

This is Part II of a two-part series on how cybercrooks embrace and use cryptocurrency. To read Part I, please click here. While Bitcoin transactions are anonymous, it’s possible to follow the money through public ledgers to see what those transactions actually are and how they flow. This allows ...

7.1AI score
Exploits0References18
ThreatPost
ThreatPost
added 2021/09/09 4:39 p.m.51 views

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise

A critical security vulnerability allowing attackers to perform cross-account container takeover in Microsoft’s public cloud, dubbed “Azurescape”, has been uncovered by researchers. The issue exists in Azure Container Instances ACI, which is Microsoft’s container-as-a-service CaaS offering which...

9.3CVSS8.6AI score0.9857EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2021/08/30 7:44 p.m.51 views

The Underground Economy: Recon, Weaponization & Delivery for Account Takeovers

This is Part I of a two-part blog series taking readers inside the criminal enterprise that is account-takeover fraud. For part II, please click here. With account takeover ATO attacks on the rise, stopping threat actors in the early phases of the kill chain will help today’s defenders gain an...

7.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/04/14 7:55 p.m.51 views

Ransomware Attack Creates Dutch Cheese Shortages

An Easter weekend ransomware attack on a food-logistics firm in the Netherlands has caused shortages of prepackaged cheese in supermarkets across the country. The largest Dutch grocery store chain had some bad news for a cheese-mad nation. “Due to a technical malfunction, there is limited...

6.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/31 6:26 p.m.51 views

Fraud Ring Launders Money Via Fake Charity Donations

A money-laundering fraud ring is targeting donation sites, taking advantage of the outpouring of charity sparked by the global pandemic. Dubbed Cart Crasher by the Sift security firm, the fraud ring leverages guest checkout options on donation sites to steal money and launder stolen payment cards...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/02/16 9:27 p.m.51 views

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence

Distributed denial-of-service DDoS attacks dropped significantly at the end of 2020, down 31 percent in the fourth quarter, according to researchers. The reason? Cybercriminals have switched their efforts and their botnets to cryptomining. According to an analysis from Kaspersky published Tuesday...

6.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/02/04 12:52 p.m.51 views

Clearview Facial-Recognition Technology Ruled Illegal in Canada

Canadian authorities have found that the collection of facial-recognition data by Clearview AI is illegal because it violates federal and provincial privacy laws, representing a win for individuals’ privacy and potentially setting a precedent for other legal challenges to the controversial...

Exploits0References12
ThreatPost
ThreatPost
added 2021/01/06 10:16 p.m.51 views

NSA Urges SysAdmins to Replace Obsolete TLS Protocols

The National Security Agency NSA is lighting a fire under system administrators who are dragging their feet to replace insecure and outdated Transport Layer Security TLS protocol instances. The agency this week released new guidance and tools to equip companies to update from obsolete older...

Exploits0References12
ThreatPost
ThreatPost
added 2020/12/30 9:42 p.m.51 views

FBI Warn Hackers are Using Hijacked Home Security Devices for 'Swatting'

Stolen email passwords are being used to hijack smart home security systems to “swat” unsuspecting users, the Federal Bureau of Investigation warned this week. The announcement comes after concerned device manufacturers alerted law enforcement about the issue. Swatting is a dangerous prank where...

7.9AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/12/21 5:0 p.m.51 views

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop. The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said. Thin clients...

0.2AI score0.01848EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/12/02 6:6 p.m.51 views

Turla's 'Crutch' Backdoor Leverages Dropbox in Espionage Attacks

Researchers have discovered a previously undocumented backdoor and document stealer, which they have linked to the Russian-speaking Turla advanced persistent threat APT espionage group. The malware, which researchers call “Crutch,” is able to bypass security measures by abusing legitimate tools –...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/10/27 8:36 p.m.51 views

Amazon Fires Employee Who Leaked Customer Names, Emails

Amazon has fired an employee who shared customers’ names and email addresses with a third party. An Amazon spokesperson told Threatpost that it has systems in place to limit and control access to information, and processes in place for identifying and investigating suspicious behavior. These...

Exploits0References8
ThreatPost
ThreatPost
added 2020/10/13 6:57 p.m.51 views

Software AG Data Released After Clop Ransomware Strike – Report

Clop and the group’s signature malware has struck again — this time hitting a giant target in the form of German software conglomerate Software AG. The company isn’t paying a mammoth $23 million ransom so far, and over the weekend it confirmed that the crooks were releasing company data, accordin...

0.6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/09/10 4:39 p.m.51 views

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks

A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices. The flaw CVE-2020-15802, discovered independently by researchers at the École Polytechnique Fédérale de...

4.3CVSS6.2AI score0.07137EPSS
Exploits1References12
ThreatPost
ThreatPost
added 2020/08/26 2:50 p.m.51 views

Disinformation Spurs a Thriving Industry as U.S. Election Looms

In the years since the 2016 U.S. Presidential Election, threat actors have pieced together a new playbook for sowing confusion and doubt within the American electorate. On Wednesday, researchers with Cisco Talos released a report PDF that details how a number of these new sophisticated campaigns...

6.4AI score
Exploits0References22
ThreatPost
ThreatPost
added 2020/08/11 11:48 p.m.51 views

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal

Since COVID-19 cast its pall in March, the Agent Tesla remote-access trojan RAT has exploited the pandemic and added a raft of functionality that has helped it dominate the enterprise threat scene. Though Agent Tesla first made a splash six years ago, it hasn’t lost any momentum – in fact, it is...

1.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/08/06 7:49 p.m.51 views

Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

Satellite internet communications are susceptible to eavesdropping and signal interception by far-flung attackers located in a different continent or country from their victims. And all they need is $300 worth of off-the-shelf equipment to pull it off. That’s the word from James Pavur, an academi...

6.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/07/29 10:0 a.m.51 views

OkCupid Security Flaw Threatens Intimate Dater Details

Researchers have discovered a slew of issues in the popular OkCupid dating app, which could have allowed attackers to collect users’ sensitive dating information, manipulate their profile data or even send messages from their profile. OkCupid is one of the most popular dating platforms worldwide,...

6.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/07/20 1:0 p.m.51 views

Paving the Path to Passwordless

Passwords seem to be the digital equivalent of the phrase, “can’t live with ’em, can’t live without ’em.” They’re supposed to protect sensitive information and data, but passwords can also be incredibly frustrating; you shouldn’t use the same one across the board, which means you probably have...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/07/07 4:27 p.m.51 views

Cerberus Banking Trojan Unleashed on Google Play

A malicious Android app has been uncovered on the Google Play app marketplace that is distributing the banking trojan, Cerberus. The app has 10,000 downloads. Researchers said that the trojan was found within the last few days, as it was being spread via a Spanish currency converter app called...

0.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/29 7:58 p.m.51 views

Steganography Anchors Pinpoint Attacks on Industrial Targets

A targeted series of attacks on suppliers of equipment and software for industrial enterprises is playing out globally, researchers said, hinging on phishing and a steganography tactic to hide malware on public, legitimate image resources. According to Kaspersky ICS CERT, the attacks seem bent on...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/05/25 1:0 p.m.51 views

ThreatList: People Know Reusing Passwords Is Dumb, But Still Do It

More than half of people haven’t changed their password in the last year – even after they’ve heard about a data breach in the news. That’s according to a recent survey, “Psychology of Passwords: The Online Behavior That’s Putting You At Risk,” that examined the online security and password...

7.2AI score
Exploits0References19
ThreatPost
ThreatPost
added 2020/05/25 1:0 p.m.51 views

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

A full 70 percent of applications being used today have at least one security flaw stemming from the use of an open-source library. According to Veracode’s annual State of Software Security report, these open-source libraries – free, centralized code repositories that provide ready-made applicati...

0.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/04/29 8:35 p.m.51 views

Millions of Brute-Force Attacks Hit Remote Desktop Accounts

A rash of brute-forcing attempts aimed at users of Microsoft’s proprietary Remote Desktop Protocol RDP has come to light, striking millions per week. The attacks are a likely offshoot of cybercriminals looking to take advantage of the unprecedented numbers of employees working from home amid the...

7.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/04/16 9:30 p.m.51 views

New PoetRAT Hits Energy Sector With Data-Stealing Tools

A never-before-seen remote access trojan RAT has been discovered in a set of campaigns targeting the energy sector, with a slew of post-exploitation tools to log keystrokes, record footage from webcams and steal browser credentials. Researchers called the malware “PoetRAT” due to various referenc...

0.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/28 1:18 p.m.51 views

Patrick Wardle: Apple Devices Hit With Recycled macOS Malware

SAN FRANCISCO – Advanced persistent threat APT groups are hitting Apple devices with malware that has been reverse engineered and redeployed for malicious acts. This technique is complicating attribution efforts, Patrick Wardle, security researcher with Jamf, said this week during RSA Conference...

6.5AI score
Exploits0
ThreatPost
ThreatPost
added 2020/02/25 8:39 p.m.51 views

RSAC 2020: Blockchain is 'Garbage In', Voting Needs Paper Ballots

SAN FRANCISCO – Cryptography is at the heart of security, especially here at this week’s RSAC 2020. And during the event’s annual Cryptographer’s Panel, industry leaders broke down their top crypto-concerns, including privacy regulations, election security and blockchain. Privacy is clearly a top...

6.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/01/23 11:54 a.m.51 views

Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking

Technology Apple designed for its Safari web browser to protect users from being tracked when they surf the web may actually do just the opposite, according to new research from Google. Google researchers have identified a number of security flaws in Safari’s Intelligent Tracking Protection that...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/15 2:0 p.m.51 views

Download The Ultimate ‘Security for Management’ Presentation Template

There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO or...

0.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/01/08 6:13 p.m.51 views

Liverpool Voyeur Used IM-RAT to Video Women at Home

Scott Crowley. A 27-year-old Liverpool, England man has been convicted on charges of computer misuse after admitting to installing the remote-access trojan RAT known as Imminent Monitor on three unsuspecting women’s devices. The defendant, Scott Crowley, said in a court hearing that he used...

7.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/22 11:53 a.m.51 views

Google Will Award $1M-Plus to People Who Can Hack Titan M Security Chip

Google is willing to award up to $1.5 million to hackers who can successfully hack its Titan M security chip on the company’s Pixel devices as part of an expansion of its Android bug-bounty program unveiled this week. The company revealed increased payouts to its Android Security Rewards in a blo...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/11/18 2:0 p.m.51 views

‘Wildly Different’ Privacy Regulations Causing Compliance Chaos

From the General Data Protection Regulations GDPR to the California Consumer Privacy Act CCPA, the security landscape is becoming increasingly fraught with regulatory efforts. While privacy regulation has positive implications for data security, companies are finding themselves struggling to stay...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/11/13 5:53 p.m.51 views

Google's Plan to Crunch Health Data on Millions of Patients Draws Fire

Tech behemoth Google is using artificial intelligence to reportedly slice and dice personal healthcare details on millions of Americans. That has some researchers diagnosing the company with HIPAA violations and prescribing regulatory controls as a remedy. And, at least one federal regulator is...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/06 2:30 p.m.51 views

Emotet Resurgence Continues With New Tactics, Techniques and Procedures

The notorious banking trojan Emotet, that mysteriously disappeared over the summer, returned last month dropping a new collection of malware including information stealers, email harvesters, self-propagation mechanisms and ransomware. But since the malware returned from its hiatus, there was no...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/10/24 1:41 p.m.51 views

ThreatList: Sharp Increase in Fake Mobile Apps Impersonating Legit Ones

Malicious mobile apps that try to dupe consumers by mimicking reputable apps is a persistent problem that’s on the rise, making an app store’s commitment to security a key factor to consider for mobile users who want to avoid these threats, according to a new report. The number of blacklisted app...

0.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/09/09 7:2 p.m.51 views

PsiXBot Adds PornModule, Google DNS Service to Its Arsenal

The PsiXBot malware has made a few changes in recent weeks, including implementing Google’s DNS over HTTPS DoH and adding the blackmail-ready “PornModule” to its bag of tricks. PsiXBot is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and...

1.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/08/30 3:47 p.m.51 views

Six Hackers Have Now Pocketed $1M From Bug Bounty Programs

Six hackers in total have each now pocketed more than $1 million from finding vulnerabilities in bug-bounty programs – including one from the U.S. That figure comes as more bug-bounty programs bump up their rewards due to participants finding more high-severity vulnerabilities in their platforms,...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/08/28 9:57 p.m.51 views

Elderly China Chopper Tool Still Going Strong in Multiple Campaigns

A nine-year-old web shell used for providing remote access to web servers for cyberattackers is staying very active despite its advanced age in cyber-years, anyway. Researchers said they’ve spotted it being used in several recent campaigns – all with disparate goals. The tool, known as China...

0.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/08/02 4:33 p.m.51 views

Nation-State APTs Target U.S. Utilities With Dangerous Malware

Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July 19 and...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/06 4:0 p.m.51 views

Avengers: Endgame Sites Promise Digital Downloads, Deliver Info-Harvesting

Marvel Studio’s long-awaited superhero juggernaut Avengers: Endgame, represents the second-largest worldwide box-office haul for any film, ever – raking in $2.2 billion in its first two weekends. With demand like that, perhaps it’s not surprising that enterprising scammers are already luring in...

0.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/05/02 6:12 p.m.51 views

Ladders, SkyMed Leak Employment, Medical Data for Millions

Cloud storage misconfigurations continue to plague the data-privacy space, as evidenced by the new discovery of employment and health information for millions exposed on the web, wide open to any internet passerby. Two misconfigured cloud databases inadvertently leaked personally identifiable...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/04/03 5:57 p.m.51 views

How to Maximize the Value of Your Cybersecurity Investment

When it comes to developing a successful cybersecurity program in 2019, simply purchasing and deploying cybersecurity technology is only the first step in deriving value from the investment. Maximizing value and capitalizing on these efforts requires a series of defined processes and no shortage ...

6.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/11/23 2:0 p.m.51 views

Old Printer Vulnerabilities Die Hard

Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fa...

9.3CVSS9.2AI score0.12227EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2018/05/24 3:18 p.m.51 views

Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4

Spectre and Meltdown fixes for Intel chips announced in March, to be embedded into new CPUs, do not address the newly disclosed Variant 4, sources said. Intel introduced hardware-based safeguards to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry...

4.9CVSS6.6AI score0.60631EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2018/05/21 1:1 p.m.51 views

Wicked Botnet Uses Passel of Exploits to Target IoT

Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS...

9.3CVSS9.8AI score0.99781EPSS
Exploits15References7
Total number of security vulnerabilities5000