Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/11/09 8:15 p.m.49 views

Cyberattack on UVM Health Network Impedes Chemotherapy Appointments

The University of Vermont UVM health network is scrambling to recover its systems after a cyberattack led to widespread delays in patient appointments – including chemotherapy appointments, as well as mammograms and biopsies. The UVM Health Network is a six-hospital, home-health and hospice syste...

Exploits0References10
ThreatPost
ThreatPost
added 2020/10/23 6:21 p.m.49 views

Georgia Election Data Hit in Ransomware Attack

Ransomware gangs have officially entered the 2020 election fray, with reports of one of the first breaches of the voting season, on Hall County, Ga. The county’s database of voter signatures was impacted in the attack along with other government systems. Although the county said the voting proces...

Exploits0References8
ThreatPost
ThreatPost
added 2020/10/01 4:16 p.m.49 views

Spammers Smuggle LokiBot Via URL Obfuscation Tactic

Spammers have started using a tricky URL obfuscation technique that sidesteps detection – and ultimately infects victims with the LokiBot trojan. The tactic was uncovered in recent spear-phishing emails with PowerPoint attachments, which contain a malicious macro. When the PowerPoint file is...

7.4AI score
Exploits0References20
ThreatPost
ThreatPost
added 2020/08/25 11:27 p.m.49 views

Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform

Details tied to a pair of remote code execution bugs in Microsoft’s IoT security platform called Azure Sphere were released Monday. Also made public were specifics associated with two additional privilege escalation flaws impacting the same cloud security platform. Public disclosure of all four o...

9.3CVSS1.5AI score0.012EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2020/08/04 9:36 p.m.49 views

NetWalker Ransomware Rakes in $29M Since March

The NetWalker ransomware has been around for about a year, but it has really made a name for itself in 2020, racking up around $29 million in extortion gains just since March. First detected in August 2019, NetWalker lingered around before surging in use in March through June, according to an...

0.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/08/03 8:1 p.m.49 views

Google Updates Ad Policies to Counter Influence Campaigns, Extortion

Google is making two changes in its advertising policy as the U.S. moves into the fall election season ahead of the presidential contest in November, in an attempt to thwart disinformation campaigns. For one, Google is updating its Google Ads Misrepresentation Policy to prevent coordinated activi...

9.3CVSS8.2AI score0.012EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/06/23 8:35 p.m.49 views

Sodinokibi Ransomware Now Scans Networks For PoS Systems

Cybercriminals behind recent Sodinokibi ransomware attacks are now upping their ante and scanning their victims’ networks for credit card or point of sale PoS software. Researchers believe this is a new tactic designed to allow attackers to get the biggest bang for their buck – ransom payments an...

7.5AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/06/03 4:55 p.m.49 views

TrickBot Adds BazarBackdoor to Malware Arsenal

A new module for the infamous trojan known as TrickBot has been deployed: A stealthy backdoor that researchers call “BazarBackdoor.” The binary was first spotted being delivered as part of a phishing campaign that began in March, according to an analysis from Panda Security this week. The campaig...

0.7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/05/19 8:37 p.m.49 views

The Windows 7 Postmortem: What’s at Stake

In January 2020, Microsoft officially ended its extended support and discontinued patching of Windows 7. Despite the long lead time and repeated reminders, numbers since the COVID-19 pandemic have shown a slight uptick in Windows 7 deployments. The recent estimates show that more than 26 percent ...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/03/24 9:1 p.m.49 views

Unknown 'WildPressure' Malware Campaign Lets Off Steam in Middle East

A malware campaign that shares no known similarities to previous attacks has been uncovered, targeting organizations in the Middle East. Dubbed “WildPressure,” the campaign used a previously unknown malware that researchers named Milum, after the C++ class names inside the code. According to...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/03/18 1:0 p.m.49 views

The Coronavirus is Already Taking Effect on Cyber Security– This is How CISOs Should Prepare

The Coronavirus is hitting hard on the world’s economy, creating a high volume of uncertainty within organizations. Cynet has revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors. In light o...

Exploits0References8
ThreatPost
ThreatPost
added 2020/01/30 12:5 p.m.49 views

Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition

Facebook has agreed to pay $550 million to Illinois users to settle a class action lawsuit filed over the use of its face-tagging technology to collect facial-recognition data on its social media platform. The company unveiled the settlement on a quarterly financial call Wednesday, in which it...

0.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/12/03 6:0 p.m.49 views

Android Ups the Mobile Security Ante with Default TLS Encryption

A full 80 percent of Android apps are encrypting their traffic by default, according to a Transport Layer Security TLS adoption update from Google. That percentage is even greater for apps targeting Android 9 and higher, with 90 percent of those encrypting traffic by default, the tech giant said ...

6.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/12/02 1:33 p.m.49 views

Insecure Database Exposes Millions of Private SMS Messages

Tens of millions of SMS messages have been found on an unprotected database, putting the private data of hundreds of millions of people in the United States at risk for theft or exposure and leaving a communications company open for potential intrusion, security researchers discovered. Noam Rotem...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/11/21 10:7 p.m.49 views

Senators Demand Amazon Disclose Ring Privacy Policies

Five U.S. Senators are demanding that Amazon disclose how it’s securing Ring home-security device footage – and who is allowed to access that footage. The demands, outlined in a Wednesday letter to Amazon CEO Jeff Bezos, come on the heels of several security vulnerabilities and privacy-related...

7.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/18 6:30 p.m.49 views

Rethinking Responsibilities and Remedies in Social-Engineering Attacks

In the pantheon of catchy cybersecurity slogans that should never have caught on, two about social engineering spring to mind almost immediately: “End users are the weakest link” and “attackers only have to be lucky once; defenders have to be lucky all the time.” Both of those statements have bee...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/18 3:10 p.m.49 views

Emotet Returns from Summer Vacation, Ramps Up Stolen Email Tactic

Emotet, the banking trojan that has evolved into so much more, is back after a summer hiatus, dropping other banking trojans, information stealers, email harvesters, self-propagation mechanisms and ransomware. According to researchers at Cisco Talos, Emotet took a breather at the beginning of Jun...

1.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/09/12 3:5 p.m.49 views

California Passes Bill to Ban Police Use of Facial Recognition

The California Senate has passed a bill in a 22-15 vote that would ban the use by law enforcement of body cams that use facial recognition. The move will send AB 1215, already passed by the California Assembly back in May on a 45-17 vote, to the desk of Gov. Gavin Newsom to be signed into law. Th...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/09 11:35 a.m.49 views

Apple Claims Google is Spreading FUD Over Patched iPhone Bugs

Apple has called out Google for promoting a “false impression” about iOS vulnerabilities the iPhone maker said it fixed in February. It claims Google is unnecessarily panicking Apple customers. On Aug. 29, Ian Beer of Google’s Project Zero published a blog post that took a “very deep dive” into 1...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/06/06 12:44 p.m.49 views

IoT Security Regulation is on the Horizon

LONDON, UK – Internet of things IoT device security continues to worry the tech industry – however, experts believe that the right type of global regulation could be key for ensuring security standards. The question is when those regulatory efforts will be fleshed out. Ken Munro, with Pen Test...

Exploits0References9
ThreatPost
ThreatPost
added 2019/04/22 2:44 p.m.49 views

WannaCry Hero Pleads Guilty to Kronos Malware Charges

Marcus Hutchins, the researcher hailed for squashing the WannaCry ransomware outbreak in May 2017, pleaded guilty to charges relating to the creation of the Kronos malware. The 24-year-old researcher filed a plea agreement admitting guilt to two of 10 counts in the Eastern District of Wisconsin o...

Exploits0References12
ThreatPost
ThreatPost
added 2019/03/08 6:4 p.m.49 views

RSA Conference 2019: Emotet Takes Aim at Latin America

SAN FRANCISCO – Remote access trojans RATs can be a scourge for corporate systems, giving backdoor access to cybercriminals that are looking to carry out espionage activities, do recon for future phishing efforts, or lift data to sell on the underground. They often serve as a key pivot point to...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/01/29 5:43 p.m.49 views

Feds Dismantle Dark Web Credentials Market

Law-enforcement agencies across the world have taken aim at Dark Web denizens this week, with the takedown of a credentials marketplace as well as continued action against former users of the Webstresser.org DDoS-for-hire site. An international law-enforcement operation has dismantled the xDedic...

Exploits0References7
ThreatPost
ThreatPost
added 2017/11/30 2:22 p.m.49 views

Cisco Patches Critical Playback Bugs in WebEx Players

Cisco Systems issued a Critical alert on Wednesday warning of multiple vulnerabilities in its popular WebEx player. Six bugs were listed in the security advisory, each of them relating to holes in Cisco WebEx Network Recording Player for Advanced Recording Format ARF and WebEx Recording Format WR...

10CVSS1AI score0.95707EPSS
Exploits15References8
ThreatPost
ThreatPost
added 2017/10/20 2:17 p.m.49 views

‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher

A botnet, which is adding new bots every day, has already infected one million businesses during the past month and could easily eclipse the size and devastation caused by Mirai. The malware and botnet, dubbed IOTroop, was spotted in September by researchers at Check Point who warn that 60 percen...

7.5CVSS10AI score0.18005EPSS
Exploits4References7
ThreatPost
ThreatPost
added 2017/05/19 2:22 p.m.49 views

Terror Exploit Kit Evolves Into Larger Threat

The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...

9.3CVSS8.1AI score0.74096EPSS
Exploits9References4
ThreatPost
ThreatPost
added 2017/05/05 6:17 p.m.49 views

Researchers Disclose Intel AMT Flaw Research

On Friday, just as Intel released additional information regarding a critical flaw found earlier this week in a subset of its business-class PCs, the researchers behind the initial vulnerability discovery, Embedi, also published their research on the flaw. Intel warned Monday of a firmware...

10CVSS7.3AI score0.92189EPSS
Exploits7References10
ThreatPost
ThreatPost
added 2016/11/30 7:0 a.m.49 views

New Cerber Variant Leverages Tor2Web Proxies, Google Redirects

Criminals behind the latest Cerber ransomware variant are leveraging Google redirects and Tor2Web proxies in a new and novel way to evade detection. Researchers with Cisco Talos spotted the shifting tactic last week when it began tracking the latest Cerber 5.0.1 ransomware variant. The technique...

10CVSS1.9AI score0.22487EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/08/18 12:39 p.m.49 views

GPG Patches 18-Year-Old Libgcrypt RNG Bug

New versions of Libgcrypt and Gnu Privacy Guard GnuPG or GPG released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator. The flaws were privately disclosed by Felix Dörre and Vladimir Klebanov of Karlsruhe Institute...

4.3CVSS6.7AI score0.03438EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2016/04/04 2:0 p.m.49 views

April 2016 Google Android Nexus Security Bulletin

Google has patched a vulnerability being exploited in the wild to root Nexus 5 Android devices. The public exploit—a rooting application—was privately disclosed to Google on March 15 by Zimperium researchers, and a less than a month after CORE Team researchers reported that CVE-2015-1805, which w...

7.2CVSS7.8AI score0.01407EPSS
Exploits3References6
ThreatPost
ThreatPost
added 2016/03/08 2:8 p.m.49 views

March 2016 Microsoft Patch Tuesday Security Bulletins

Microsoft released a baker’s dozen worth of security bulletins on Tuesday, including five rated critical and two rated important that could result in remote code execution attacks against compromised machines. Two of the bulletins rated critical address flaws in Internet Explorer and Microsoft...

9.3CVSS0.9AI score0.99945EPSS
Exploits35References13
ThreatPost
ThreatPost
added 2016/03/07 2:0 p.m.49 views

Google Fixes Critical Mediaserver Bug, Again

Google today patched two critical holes in its problematic Android Mediaserver component which would allow an attacker to use email, web browsing, and MMS processing of media files to remotely execute code. With this latest vulnerability, Google has patched its Mediaserver more than two dozen tim...

10CVSS1.8AI score0.05901EPSS
Exploits14References2
ThreatPost
ThreatPost
added 2016/02/16 12:0 p.m.49 views

glibc Linux remote code execution vulnerability

Glibc, the GNU C library at the core of last year’s GHOST vulnerability, is vulnerable to another critical flaw affecting nearly all Linux machines, as well as API web services and major web frameworks where the code runs. The vulnerability, discovered independently by researchers at Google and R...

6.8CVSS0.5AI score0.89557EPSS
Exploits17References4
ThreatPost
ThreatPost
added 2015/01/21 11:53 a.m.49 views

Exploit for Flash Zero Day Appears in Angler Exploit Kit

The dangerous Angler exploit kit has a new piece of ammunition to use in its attacks: a fresh Adobe Flash zero-day vulnerability. The kit is exploiting the previously unknown vulnerability in several versions of Internet Explorer running on Windows 7 and Windows 8. French security researcher...

10CVSS1.6AI score0.81943EPSS
Exploits5References2
ThreatPost
ThreatPost
added 2014/09/17 1:11 p.m.49 views

POS Service Confirms Goodwill Breach Lasted 18 Months

Third-party payment vendor C&K Systems released further details this week regarding a breach that affected its systems for 18 months and went on to affect customers who shopped at Goodwill, in addition to two unnamed retailers. The company provided an update on the breach via a press release Mond...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2014/02/20 11:48 a.m.49 views

Microsoft Ships IE 10 Zero Day Fix-It Tool

Microsoft last night released a Fix-It tool as a temporary mitigation for a zero-day vulnerability in Internet Explorer 10 being exploited by two hacker groups against the Veterans of Foreign Wars in the U.S. as well as a French aerospace manufacturer. IE 9 also contains the same use-after free...

9.3CVSS0.1AI score0.99945EPSS
Exploits56References6
ThreatPost
ThreatPost
added 2012/11/20 3:18 p.m.49 views

New Linux Rootkit Emerges

A new Linux rootkit has emerged and researchers who have analyzed its code and operation say that the malware appears to be a custom-written tool designed to inject iframes into Web sites and drive traffic to malicious sites for drive-by download attacks. The rootkit is designed specifically for...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/05/03 6:28 p.m.49 views

Patch Tuesday Advance Notification: May Edition

Microsoft announced today that they will be shipping three critical and five important bulletins in the May edition of patch Tuesday. All of the ‘critical’ bulletins and two of the ‘important’ bulletins fix vulnerabilities that could otherwise lead to remote code execution. The two remaining...

9.3CVSS0.3AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2012/02/16 7:47 p.m.49 views

Google Fixes 13 Flaws in Chrome

Just a few days after releasing a fairly large set of patches for its Chrome browser, Google has pushed out another update, fixing 13 vulnerabilities, more than half of them being high-severity bugs. The newest version of Chrome also includes an updated version of Adobe Flash that has a fix for a...

7.5CVSS9.5AI score0.73164EPSS
Exploits5References16
ThreatPost
ThreatPost
added 2010/11/16 7:41 p.m.49 views

Adobe Releases Emergency Fix for Critical Reader Flaws

Adobe on Tuesday released an emergency patch for several critical vulnerabilities in Adobe Reader, including the recent Adobe Flash bug and a separate flaw that was disclosed earlier this month. The patch released Tuesday is outside of the company’s normal quarterly update schedule for Reader and...

9.3CVSS3.4AI score0.69679EPSS
Exploits14References3
ThreatPost
ThreatPost
added 2010/01/13 3:57 p.m.49 views

Adobe PDF Reader Gets Another Security Makeover

Adobe has released a mega-update for its Reader and Acrobat software products to fix a total of eight documented security vulnerabilities. The update comes with significant security improvements, including the on-by-default addition “Enhanced Security,” a feature that provides a set of default...

10CVSS0.1AI score0.83855EPSS
Exploits26References2
ThreatPost
ThreatPost
added 2009/08/19 2:44 p.m.49 views

Windows WINS Attacks In The Wild

The “critical” WINS vulnerability that Microsoft issued a patch for last week is now being exploited actively in the wild, according to the SANS Institute sans.org. The Internet Storm Center ISC, which is operated by SANS, is receiving preliminary reports that hackers are targeting Microsoft’s WI...

9.3CVSS3.2AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2021/10/19 5:16 p.m.48 views

Lyceum APT Returns, This Time Targeting Tunisian Firms

The Lyceum threat group has resurfaced, this time with a weird variant of a remote-access trojan RAT that doesn’t have a way to talk to a command-and-control C2 server and might instead be a new way to proxy traffic between internal network clusters. Kaspersky’s Mark Lechtik – senior security...

7.6AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/08/24 5:51 p.m.48 views

Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day

A never-before-seen, zero-click iMessaging exploit has been allegedly used to illegally spy on Bahraini activists with NSO Group’s Pegasus spyware, according to cybersecurity watchdog Citizen Lab. The digital researchers are calling the new iMessaging exploit FORCEDENTRY. In a report published on...

6.8AI score
Exploits0References23
ThreatPost
ThreatPost
added 2021/08/12 9:20 p.m.48 views

Rogue Marketplace AlphaBay Reboots

The illicit marketplace AlphaBay appears to have resurfaced, four years after a high-profile takedown by international law enforcement agencies. The reboot, according to researchers at Flashpoint, isn’t an exact a replica. Rather, the reconstituted version of the site is described as an homage to...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/07 11:57 a.m.48 views

Cloud Cryptomining Swindle in Google Play Rakes in Cash

Bogus cryptomining apps for Android available for download on Google Play are estimated to have scammed more than 93,400 victims to date, researchers said, stealing at least $350,000. According to Lookout, the apps – categorized into “BitScam” and “CloudScam” versions – advertise themselves as...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/06/30 8:19 p.m.48 views

Indexsinas SMB Worm Campaign Infests Whole Enterprises

The Indexsinas SMB worm is on the hunt for vulnerable environments to self-propagate into, researchers warned – with a particular focus on the healthcare, hospitality, education and telecommunications sectors. Its end goal is to drop cryptominers on compromised machines. Indexsinas, aka...

7.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/05/20 5:59 p.m.48 views

The Gig Economy Creates Novel Data-Security Risks

As businesses strive to move faster and faster, many are adopting a “just-in-time” strategy of spinning up human resources on demand – a phenomenon known as the gig economy, familiar to most via Uber, Instacart or DoorDash. But it’s a concept that enterprises are embracing too – inadvertently...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/05/19 1:28 p.m.48 views

Bug Exposes Eufy Camera Private Feeds to Random Users

Owners of Eufy home security cameras were warned this week of an internal server bug that allowed strangers to view, pan and zoom in on their home-video feeds for approximately one day. Inversely, customers were also suddenly given access to do the same to other users. The SNAFU, according to...

7.3AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/04/29 1:0 p.m.48 views

SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits

It’s unfortunate but true: SaaS attacks continue to increase. You can’t get around it, COVID-19 accelerated the already exploding SaaS market and caused industries not planning on making a switch to embrace SaaS. With SaaS apps becoming the default system of record for organizations, it has left...

0.6AI score
Exploits0References8
Total number of security vulnerabilities5000