Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/04/03 5:57 p.m.51 views

How to Maximize the Value of Your Cybersecurity Investment

When it comes to developing a successful cybersecurity program in 2019, simply purchasing and deploying cybersecurity technology is only the first step in deriving value from the investment. Maximizing value and capitalizing on these efforts requires a series of defined processes and no shortage ...

6.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/11/23 2:0 p.m.51 views

Old Printer Vulnerabilities Die Hard

Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fa...

9.3CVSS9.2AI score0.12227EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2018/05/24 3:18 p.m.51 views

Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4

Spectre and Meltdown fixes for Intel chips announced in March, to be embedded into new CPUs, do not address the newly disclosed Variant 4, sources said. Intel introduced hardware-based safeguards to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry...

4.9CVSS6.6AI score0.60631EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2018/05/21 1:1 p.m.51 views

Wicked Botnet Uses Passel of Exploits to Target IoT

Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS...

9.3CVSS9.8AI score0.99781EPSS
Exploits15References7
ThreatPost
ThreatPost
added 2018/03/16 4:15 p.m.51 views

New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown

In the wake of the Meltdown and Spectre flaws, Microsoft has rolled out a new bug bounty program targeting speculative execution side channel vulnerabilities. The limited time program is open until December 31, and offers up to $250,000 for identifying new categories of speculative execution...

7.2CVSS1.6AI score0.93838EPSS
Exploits15References4
ThreatPost
ThreatPost
added 2016/11/08 2:57 p.m.51 views

Microsoft Patches Zero Day Disclosed by Google

Microsoft followed through and today patched a zero-day vulnerability being exploited in public attacks that was disclosed by Google researchers nine days ago. The victims have yet to have been identified, but Microsoft did accuse the Sofacy APT gang of carrying out the attacks. Sofacy is general...

7.2CVSS0.3AI score0.80968EPSS
Exploits24References18
ThreatPost
ThreatPost
added 2016/10/25 12:47 p.m.51 views

Apple Patches iOS Flaw Exploitable by Malicious JPEG

Apple on Monday patched a code execution vulnerability in iOS that could be exploited via a JPEG file crafted to take advantage of the flaw. Apple also issued its first round of patches for macOS Sierra as part of a large update that also included fixes for vulnerabilities found in Safari, Apple...

9.3CVSS0.5AI score0.03731EPSS
Exploits5References6
ThreatPost
ThreatPost
added 2016/07/27 12:57 p.m.51 views

NIST Recommends SMS Two-Factor Authentication Deprecation

A U.S. government agency said the end is nigh for SMS-based two-factor authentication, citing a lack of security around the feature. The latest draft version of the Digital Authentication Guideline issued this week by the U.S. National Institute for Standards and Technology NIST said the practice...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2015/07/20 11:27 a.m.51 views

New Campaign Targeting Japanese with Hacking Team Zero Day

Yet another group of attackers has quickly cashed in on one of the Adobe Flash zero days uncovered in the HackingTeam leak and is leveraging it to target Japanese organizations. Last week researchers determined that attackers were able to compromise two Japanese websites, the country’s...

10CVSS10AI score0.99344EPSS
Exploits11References5
ThreatPost
ThreatPost
added 2015/04/30 2:7 p.m.51 views

Routers Vulnerable to Critical Remote Code Execution Vulnerability

A zero day vulnerability in popular household routers from D-Link and Trendnet could be exploited by attackers to run arbitrary code on devices. The flaw, which can be exploited without authentication, is present in version 1.3 of Realtek’s SDK, which figures into some brands of routers, accordin...

10CVSS0.99975EPSS
Exploits6References7
ThreatPost
ThreatPost
added 2015/02/04 10:3 a.m.51 views

Third Adobe Flash 0Day Under Attack in HanJuan Exploit Kit

The little-known HanJuan exploit kit is delivering attacks targeting the most recent Adobe Flash Player zero-day vulnerability. Adobe has yet to produce a patch for the flaw, which researchers at Trustwave said is a use-after-free vulnerability. The flaw is the third to hit Flash in the last two...

10CVSS9.5AI score0.95683EPSS
Exploits14References8
ThreatPost
ThreatPost
added 2015/01/15 3:4 p.m.51 views

Pirelli Home Broadband Routers Exposed for Two Years

ISP-issued home broadband routers have been a shooting gallery for researchers and hackers alike looking for, and successfully exploiting, shocking vulnerabilities. One disclosed by a researcher in Spain this week is symptomatic of the problem to a disturbing degree. Researcher Eduardo Novella...

9.4CVSS0.6AI score0.39797EPSS
Exploits6References3
ThreatPost
ThreatPost
added 2014/11/12 8:2 a.m.51 views

Microsoft Schannel Bug Latest in Long Line of Serious Crypto Flaws

The critical vulnerability in the Schannel technology in Windows that Microsoft patched Tuesday is ripe for exploitation, experts say, and continues the long line of severe vulnerabilities in major SSL/TLS implementations in recent months. Secure Channel, also known as Schannel, is a technology...

10CVSS1.8AI score0.99945EPSS
Exploits34References10
ThreatPost
ThreatPost
added 2014/10/29 11:29 a.m.51 views

Dyreza Banker Trojan Attackers Exploiting CVE-2014-4114 Windows Flaw

The Dyreza Trojan is nothing if not ambitious. The malware has been spotted doing a variety of interesting things in the last year, including bypassing SSL and targeting users of specific business apps. Now the Trojan is exploiting the recently disclosed CVE-2014-4114 vulnerability in Windows tha...

9.3CVSS2.1AI score0.81628EPSS
Exploits22References3
ThreatPost
ThreatPost
added 2014/10/01 1:32 p.m.51 views

Xsser Trojan Spies on Jailbroken iOS Devices in Hong Kong

An iOS version of an Android espionage Trojan targeting activists and protestors in Hong Kong has been discovered on the command and control server hosting the Android malware. The iOS version, a mobile remote access Trojan dubbed Xsser by Lacoon Mobile Security, affects only jailbroken iOS...

1.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/12/05 4:7 p.m.51 views

TIFF Zero Day Patch Among December 2013 Microsoft updates

Microsoft will, next week, patch a zero-day vulnerability in its GDI+ graphics component being exploited in targeted attacks in the Middle East and Asia. The zero day has sat unpatched since it was made public Nov. 5; Microsoft did release a FixIt tool as a temporary mitigation. The patch is one ...

9.3CVSS9AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2013/03/05 5:27 p.m.51 views

Attackers Beat Java Default Security Settings with Social Engineering

Oracle’s new security model for Java, in place since the release of Java 7 update 11, is under serious fire now that attackers have demonstrated in the wild how to bypass the updated controls with the help of social engineering. In 7U11, Oracle changed the default security setting in Java from...

10CVSS0.1AI score0.86151EPSS
Exploits10References5
ThreatPost
ThreatPost
added 2013/02/27 5:17 p.m.51 views

MiniDuke Espionage Malware Hits Governments in Europe Using Adobe Exploits

New espionage malware has been discovered that targets a patched sandbox-bypass vulnerability in Adobe Reader. The attacks have hit a relatively small number of government victims in 23 countries, primarily in Europe, and rely on a string of unusual tactics, including the use of steganography to...

9.3CVSS8.1AI score0.86979EPSS
Exploits4References6
ThreatPost
ThreatPost
added 2013/01/15 5:40 p.m.51 views

Java Exploit Linked to Red October Espionage Malware Campaign

Red October, the espionage campaign uncovered by Kaspersky Lab this week after attackers spent five years actively spying on diplomats, scientists, and governments worldwide, is using a Java exploit to infect its victims, bringing the exploit count to four in this campaign. Seculert, an Israeli...

10CVSS9.7AI score0.96714EPSS
Exploits13References5
ThreatPost
ThreatPost
added 2013/01/11 2:4 p.m.51 views

Bank DDoS Attacks Using Compromised Web Servers as Bots

A rash of politically and socially motivated distributed denial-of-service attacks against major U.S. banks has been able to intermittently disrupt online and mobile banking services. The attackers have been able to fire unprecedented amounts of traffic at the likes of Wells Fargo, Bank of Americ...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2012/08/03 2:30 p.m.51 views

Volume of Malware Targeting Java CVE-2012-1723 Flaw Spikes

It’s been nearly two months since Oracle patched the CVE-2012-1723 Java vulnerability, a serious remote pre-authentication flaw that’s present in the Java Runtime Environment. It’s taken a little time, but the attacker community has decided that this bug deserves some serious attention, and as a...

10CVSS9.7AI score0.98113EPSS
Exploits22References2
ThreatPost
ThreatPost
added 2012/01/06 3:8 p.m.51 views

Microsoft to Issue Seven Bulletins, One Critical, on Patch Tuesday

Microsoft plans to issue seven security bulletins in the January Patch Tuesday release next week, fixing six vulnerabilities rated important and one rated critical. The bugs affect a variety of products, including Windows XP, Vista, Windows 7, Server 2003 and 2008 and Microsoft Developer Tools an...

9.3CVSS0.2AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2022/06/10 1:27 p.m.50 views

U.S. Water Utilities Prime Cyberattack Target, Experts

Industrial controls governing water-related U.S. critical infrastructure are woefully under-estimated as cyberattack targets. The potential for attack, say policymakers, is too great to ignore with consequences potentially devastating to populations. On Wednesday, the Center on Cyber and Technolo...

6.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/01/20 11:14 p.m.50 views

2FA Bypassed in $34.6M Crypto.com Heist

Early Thursday morning, Crypto.com acknowledged that it had lost $34.65 million worth of cash, Bitcoin and Ethereum after getting ransacked in an attack that slipped fat transactions past two-factor authentication 2FA. Users had complained over the weekend that their accounts had been drained:...

7.7AI score
Exploits0References20
ThreatPost
ThreatPost
added 2022/01/11 2:9 p.m.50 views

Critical SonicWall NAC Vulnerability Stems from Apache Mods

Rapid7 has offered up more details on a SonicWall critical flaw that allows for unauthenticated remote code execution RCE on affected devices, noting that it arises from tweaks that the vendor made to the Apache httpd server. The bug CVE-2021-20038 is one of five vulnerabilities discovered in its...

9.8CVSS10AI score0.99912EPSS
Exploits8References8
ThreatPost
ThreatPost
added 2021/11/02 3:50 p.m.50 views

Apple macOS Flaw Allows Kernel-Level Compromise

Apple has patched a vulnerability in macOS can allow attackers to bypass a key OS protection and install a malicious rootkit to perform arbitrary operations on a device, researchers from Microsoft have discovered. The problem—dubbed “Shrootless”–is associated with a security technology called...

5.5CVSS7.6AI score0.10352EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2021/10/21 7:41 p.m.50 views

U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn

The launch of a standing offer to pay for Windows virtual private network VPN software zero-day exploits came to light this week, even as the U.S. mulls new regulations on the export of tools that could be used in cyberattacks against the U.S. or its interests. The developments signal that the U....

7.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/09/21 7:22 p.m.50 views

Epik Confirms Hack, Gigabytes of Data on Offer

Epik, the domain registrar known for hosting several large right-wing organizations, has confirmed a hack of its systems, a week after attackers branding themselves part of the Anonymous hacktivist collective said that they had obtained and leaked gigabits of data from the hosting company,...

6.5AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/09/20 9:25 p.m.50 views

Amazon Driver-Surveillance Cameras Roll Out, Sparking Debate

Drivers working for Amazon Delivery Service Partners DSPs are increasingly under constant surveillance for safe driving, monitored by artificial intelligence which awards them a score and generates voice reminders for safe driving. That score is used to award bonuses, promotions and more. Drivers...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/09/01 5:58 p.m.50 views

Gutenberg Template Library & Redux Framework Bugs Plague WordPress Sites

Two vulnerabilities have been found in the Gutenberg Template Library & Redux Framework plugin for WordPress, which is installed on more than 1 million websites. They could allow arbitrary plugin installation, post deletions and access to potentially sensitive information about a site’s...

7.1CVSS6.7AI score0.28961EPSS
Exploits7References8
ThreatPost
ThreatPost
added 2021/08/31 8:33 p.m.50 views

Cream Finance DeFi Platform Rooked For $29M

Cream Finance is the latest decentralized finance DeFi platform for cryptocurrency trading to take a major financial hit at the hands of hackers, losing nearly $19 million in an attack this week on its “flash loan” feature. The attacker was able to steal nearly $29 million before being discovered...

7.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/08/04 9:34 p.m.50 views

‘I’m Calling About Your Car Warranty’, aka PII Hijinx

LAS VEGAS – When you sign up on a new website, where does that information go? Some researchers decided to find out. On Wednesday, they released their preliminary information at a Black Hat USA 2021 session called Use and Abuse of Personal Information. Researchers created 300 fake identities,...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/06/28 9:17 p.m.50 views

5G Security Vulnerabilities Fluster Mobile Operators

As 5G private networks roll out in the coming years, security may be a key issue for enterprises. A survey released at Mobile World Congress on Monday shows that major gaps persist in security capabilities among mobile operators. Some 68 percent of operators already sell private wireless networks...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/06/14 8:45 p.m.50 views

Utilities ‘Concerningly’ at Risk from Active Exploits

The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against. A new...

6.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/06/07 5:18 p.m.50 views

Windows Container Malware Targets Kubernetes

Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster...

7.7AI score
Exploits0References17
ThreatPost
ThreatPost
added 2021/05/26 5:44 p.m.50 views

BazaLoader Masquerades as Movie-Streaming Service

There’s a new, fake movie-streaming service in town called BravoMovies, and the offerings are utter garbage. Despite its pretty pictures and fun-sounding titles, it’s got nothing to offer for download besides BazaLoader malware. BazaLoader is a loader used to deploy ransomware or other types of...

6.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/01/19 4:40 p.m.50 views

SolarWinds Malware Arsenal Widens with Raindrop

An additional piece of malware, dubbed Raindrop, has been unmasked in the sprawling SolarWinds supply-chain attacks. It was used in targeted attacks after the effort’s initial mass Sunburst compromise, researchers said. The SolarWinds espionage attack, which has affected several U.S. government...

0.1AI score
Exploits0References19
ThreatPost
ThreatPost
added 2021/01/13 10:3 p.m.50 views

TikTok Takes Teen Accounts Private

TikTok has decided to boost privacy measures for its underage users, the popular video-sharing social-media company announced. TikTok’s popularity is being driven by teens — the company reported in 2019 about 60 percent of its 26.5 monthly users are between the ages of 16 and 24, and these latest...

6.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/09/23 2:26 p.m.50 views

OldGremlin Ransomware Group Bedevils Russian Orgs

A new cybercriminal group called OldGremlin has been targeting Russian companies – including banks, industrial enterprises and medical firms – with ransomware attacks. OldGremlin relies on a bevy of tools, including custom backdoors called TinyPosh and TinyNode, to gain an initial foothold in the...

1.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/08/24 12:0 p.m.50 views

APIs Are the Next Frontier in Cybercrime

Application Programming Interface API usage has exploded, and cybercriminals are increasingly taking advantage of API security flaws to commit fraud and steal data. APIs, which are used to create connections between software programs and perform integrations, make everything a bit easier — from...

0.6AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/08/21 2:11 p.m.50 views

Researchers Sound Alarm Over Malicious AWS Community AMIs

Researchers are sounding the alarm over what they say is a growing threat vector tied to Amazon Web Services and its marketplace of pre-configured virtual servers. The danger, according to researchers with Mitiga, is that threat actors can easily build malware-laced Community Amazon Machine Image...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/08/20 3:42 p.m.50 views

Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government

The APT group Transparent Tribe is mounting an ongoing cyberespionage campaign, researchers said, which is aimed at military and diplomatic targets around the world. The effort features a worm that can propagate from machine to machine while stealing files from USB removable drives. Transparent...

0.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/07/31 4:3 p.m.51 views

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

Researchers have uncovered a widespread influence campaign that aims to discredit the Northern Atlantic Treaty Organization NATO, an intergovernmental military alliance between 30 North American and European countries. According to new research from FireEye, the campaign has been ongoing since at...

0.3AI score
Exploits0References19
ThreatPost
ThreatPost
added 2020/07/31 10:30 a.m.50 views

Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More

Despite COVID-19 pushing the Black Hat USA 2020 conference to go virtual for the first time, you can expect a steady stream of new security research, threat intel and an impressive lineup of high-profile speakers. This year’s conference kicks off with Matt Blaze, McDevitt Chair in Computer Scienc...

0.2AI score
Exploits0References29
ThreatPost
ThreatPost
added 2020/07/07 1:25 p.m.50 views

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

Researchers have identified a credit-card skimming campaign that’s been active since mid-April that has a rather specific and unusual target: ASP.NET-based websites running on Microsoft Internet Information Services IIS servers. New research from Malwarebytes Labs recently uncovered the campaign,...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/06/03 1:41 p.m.50 views

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic

The rate of mobile phishing rose sharply between the last quarter of 2019 and the first quarter of 2020, a boost most likely due to the increased number of people working from home due to COVID-19 stay-at-home orders, new research has found. In fact, encounter rates for enterprise mobile phishing...

0.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/04/16 2:24 p.m.50 views

'ICEBUCKET" Streaming TV Fraudsters Steal Millions of Ad Dollars in 'ICEBUCKET' Attack

A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV CTV has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars. The recently...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/04/08 1:0 p.m.50 views

'Fake Fingerprints' Bypass Scanners with 3D Printing

New research has found that it’s possible to use 3D printing technology to create “fake fingerprints” that can bypass most fingerprint scanners used by popular devices. But, creating the attack remains costly and time-consuming. Researchers with Cisco Talos created different threat models that us...

9.3CVSS8.1AI score0.012EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2020/04/02 3:34 p.m.50 views

In COVID-19 Scam Scramble, Cybercrooks Recycle Phishing Kits

Phishing attacks looking to take advantage of interest and fear around the COVID-19 health crisis are becoming a pandemic themselves – and apparently cybercriminals are looking to conserve resources by leaning on their older stockpiles of weapons to keep the infection wave going. Or Katz, a...

Exploits0References14
ThreatPost
ThreatPost
added 2020/04/01 7:48 p.m.50 views

Coronavirus ‘Financial Relief’ Phishing Attacks Spike

Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. The slew of campaigns piggy-back on news of governments mulling financial relief packages, in response to the economic stall brought on...

7.4AI score
Exploits0References17
Total number of security vulnerabilities5000