Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/09/07 2:11 p.m.46 views

How Zero Trust and SASE Can Redefine Network Defenses for Remote Workforces

Zero Trust has been touted for years as the future of network security. But, only recently has it started to gain traction as a practical enterprise security framework. The implementation of digital transformation initiatives has thrust Zero Trust into the spotlight as network applications and...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/08/07 12:43 p.m.46 views

Augmenting AWS Security Controls

Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you’re in luck! DivvyCloud, the leading provider of cloud and container security and compliance...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/07/24 12:54 p.m.46 views

Malicious 'Blur' Photo App Campaign Discovered on Google Play

A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/07/22 9:14 p.m.46 views

OilRig APT Drills into Malware Innovation with Unique Backdoor

A series of cyberattacks on a telecom company in the Middle East has signaled the return of the OilRig APT. The attacks also revealed a revised backdoor tool in the group’s arsenal, called RDAT. The attacks were observed in April by Palo Alto Networks’ Unit 42. Researchers there said that the...

7.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/06/04 8:55 p.m.46 views

Tycoon Ransomware Banks on Unusual Image File Tactic

A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. The ransomware is housed in a trojanized version of the Java Runtime Environment JRE, according to researchers at...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/05/26 3:28 p.m.46 views

Turla APT Revamps One of Its Go-To Spy Tools

The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan RAT to attack governmental targets. Turla a.k.a. Snake, Venomous Bear, Waterbug or Uroboros, is a Russian-speaking threat actor known since 2014, but with roots that go back to 2004 and earlier,...

7.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/05/21 3:41 p.m.46 views

Silent Night Banking Trojan Charges Top Dollar on the Underground

A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service MaaS model. Custom builds can run as much as $4,000 per month to use, which researchers say is now...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/05/13 7:10 p.m.46 views

Texas Courts Won't Pay Up in Ransomware Attack

A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/30 7:27 p.m.46 views

Zoom Kills iOS App’s Data-Sharing Facebook Feature

Zoom has removed a feature in its iOS web conferencing app that was sharing analytics data with Facebook, after a report revealing the practice sparked outrage. According to the Motherboard report last week that originally disclosed the privacy issue, the transferred information included data on...

6.7AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/03/18 5:22 p.m.46 views

TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal

The TrickBot malware has added a new feature: A module called rdpScanDll, built for brute-forcing remote desktop protocol RDP accounts. According to BitDefender, the module has been used in campaigns against telecom, education and financial services industry targets in the United States and Hong...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/02/10 5:32 p.m.46 views

Equifax Breach: Four Members of Chinese Military Charged with Hacking

U.S. authorities have charged four Chinese military officers in the 2017 Equifax data breach, which compromised the data of nearly 150 million. The four, Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei, are believed to be members of the 54th Research Institute of the Chinese People’s Liberation Army PLA...

0.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/02/03 7:45 p.m.46 views

Tesla Autopilot Duped By 'Phantom' Images

Researchers said that autopilot systems used by popular cars – including the Tesla Model X – can be fooled into detecting fake images, projected by drones on the road or on surrounding billboards, as real. Attackers could potentially leverage this design hole to trigger the systems to brake or...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/14 7:8 p.m.46 views

Google to Nix Chrome Support for Third-Party Cookies by 2022

Google has set an aggressive two-year deadline for dropping support for third-party tracking cookies in its Chrome web browser. Tracking cookies, which allow advertisers to virtually follow people around the web, are used for ad targeting. The move follows a number of privacy hardening steps by...

6.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/12/16 4:33 p.m.46 views

N.J.'s Largest Hospital System Pays Up in Ransomware Attack

New Jersey’s largest hospital system said that it has paid hackers a ransom after a ransomware attack disrupted its services earlier this month. Hackensack Meridian Health, a $6 billion non-profit health provider system based in Edison, N.J., operates 17 hospitals, nursing homes and outpatient...

0.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/12/09 4:57 p.m.46 views

Elder Scrolls Online Targeted by Cybercrooks Hunting In-Game Loot

Phishers are out in force to scam aficionados of the Elder Scrolls Online video game into giving up their account details. The crooks are posing as developers for the game under the moniker “ElderScrollDevs,” and targeting those with PlayStation consoles and possibly others, according to a Reddit...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/05/07 3:30 p.m.46 views

Ukrainian Charged With Launching 100 Million Malicious Ads

A Ukrainian national has been extradited to the U.S. for allegedly operating a five-year-long malvertising scheme – reaching victims with more than 100 million malicious ads worldwide. Oleksii Petrovich Ivanov, 31, appeared in Newark, N.J. federal court on Friday after being extradited to the U.S...

0.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/04/24 3:16 p.m.46 views

Point Blank Gamers Targeted with Backdoor Malware

The focus of the APT behind the ShadowHammer supply-chain attack that abused the ASUS computer update function turns out to be wider in scope than previously thought. Researchers have found similar digitally-signed binaries using the videogame industry as a delivery conduit for malware. Victims...

0.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/03/06 1:0 p.m.46 views

RSA Conference 2019: Data-Wiping Cyberattacks Plague Financial Firms

Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data. That’s according to a new Carbon Black report unveiled at RSA this year. The report, “Modern Bank Heists: The Bank Robbery Shifts ...

Exploits0References4
ThreatPost
ThreatPost
added 2019/02/27 5:19 p.m.46 views

Ring Doorbell Flaw Opens Door to Spying

UPDATE A serious flaw in the popular Ring smart doorbell could allow an attacker on a shared WiFi network to spy on families’ video and audio footage, according to researchers. Ring Doorbell is a popular home security device acquired by Amazon. Researchers with BullGuard discovered a way to launc...

6.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/01/08 2:48 p.m.46 views

Adobe Patches Important Bugs in Connect and Digital Edition

Adobe released patches for two bugs rated “important” in its Adobe Digital Edition and Adobe Connect products. The two important vulnerabilities, patched Tuesday, include an information disclosure bug in Adobe’s ebook reader software program, Digital Edition; as well as a session token exposure b...

10CVSS0.5AI score0.81971EPSS
Exploits13References7
ThreatPost
ThreatPost
added 2018/06/04 9:9 p.m.46 views

Federal Agencies Face an Uphill Battle in Cyber-Preparedness

In the wake of the elimination of the federal cybersecurity czar position, the latest federal cybersecurity preparedness report from the Office of Management and Budget OMB and the Department of Homeland Security DHS shows that U.S. government is nowhere near ready for prime time when it comes to...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2018/06/01 8:47 p.m.46 views

Browser Side-Channel Flaw De-Anonymizes Facebook Data

A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website – with no...

7.2CVSS0.4AI score0.414EPSS
Exploits19References8
ThreatPost
ThreatPost
added 2018/01/25 1:51 p.m.46 views

Firefox, Chrome Patch Vulnerabilities, Add Security Features

Both Mozilla and Google have updated their browsers this week and have added important security fixes along with bolstering user privacy and safety. Google tackled 53 security fixes on Wednesday with the debut of Chrome 64 version 64.0.3282.119 for Windows, Mac and Linux. Only three of the...

7.5CVSS9.1AI score0.03393EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2017/12/22 6:9 p.m.46 views

Huawei Router Vulnerability Used to Spread Mirai Variant

Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...

6.5CVSS9.6AI score0.7861EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2017/11/06 9:45 a.m.46 views

1M Downloads Later, Google Pulls Phony WhatsApp From Google Play

Google has removed a phony WhatsApp download from Google Play and suspended the developer’s account, but not before the ad-spewing app was downloaded more than one million times. The unwanted app, called Update WhatsApp Messenger, was disclosed by a handful of Redditors over the weekend who said...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2017/10/28 7:0 a.m.46 views

Apache OpenOffice Update Patches Four Vulnerabilities

The Apache Software Foundation fixed four vulnerabilities Friday tied to its popular Apache OpenOffice suite of free productivity applications. The patches are for the suite’s word processing and graphics apps. Each of the vulnerabilities are rated medium in severity. Three of the four bugs patch...

6.8CVSS0.4AI score0.03122EPSS
Exploits3References7
ThreatPost
ThreatPost
added 2017/07/14 11:1 a.m.46 views

Cisco Patches Publicly Disclosed SNMP Vulnerabilities in IOS, IOS XE

Cisco has patched nine serious remote code execution vulnerabilities in the SNMP subsystem running in its IOS and IOS XE software. The vulnerabilities had been publicly disclosed. Cisco notified users of the availability of patches after releasing its initial advisory on the matter on June 29,...

9CVSS3.1AI score0.70559EPSS
Exploits8References1
ThreatPost
ThreatPost
added 2017/06/13 3:34 p.m.46 views

Risk of 'Destructive Cyber Attacks' Prompts Microsoft to Update XP Again

Fearing destructive attacks precipitated by the availability of the nation-state exploits in the wild that spawned the WannaCry outbreak, Microsoft today announced that its Patch Tuesday updates would include fixes for older versions of Windows, including XP. The move is unusual and mimics a...

9.3CVSS1AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2017/04/11 2:58 p.m.46 views

Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop

Adobe patched 59 vulnerabilities in five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App as part of its regularly scheduled software update today. The company warned in a series of security bulletins posted shortly before noo...

10CVSS0.5AI score0.14452EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2017/02/21 4:2 p.m.46 views

OpenSSL Update Fixes High Severity DoS Vulnerability

The OpenSSL Software Foundation released an update to the OpenSSL crypto library that patches a vulnerability rated high severity that could allow a remote attacker to cause a denial-of-service condition. OpenSSL released the version 1.1.0e update that fixes flaws found in OpenSSL 1.1.0, accordin...

5CVSS1.2AI score0.14225EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2017/01/04 1:33 p.m.46 views

Google Patches 29 Critical Android Vulnerabilities Including Holes in Mediaserver, Qualcomm

Google has patched ten critical vulnerabilities tied to problem-plagued Android components like Mediaserver, NVIDIA’s GPU driver, and Qualcomm’s driver. The most serious bug, according to Google’s January Android Security Bulletin, is the Mediaserver vulnerability. “The most severe of these issue...

9.3CVSS1.2AI score0.08583EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2016/08/05 4:49 p.m.46 views

PLC Blaster Worm Targets Industrial Control PLCs

LAS VEGAS – Security researchers at Black Hat USA described a proof-of-concept worm that targets weaknesses within automated industrial control systems used to manage critical infrastructure and manufacturing. The worm, according to OpenSource Security, has the capability to autonomously search f...

6.4CVSS1.6AI score0.01691EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2015/07/14 2:39 p.m.46 views

July 2015 Microsoft Patch Tuesday Security Bulletins

Microsoft has patched a zero-day vulnerability in the Windows kernel uncovered and exploited by Hacking Team. The zero day was found among the 400 GB of data stolen from the Italian surveillance software maker and posted online July 5. A trio of Adobe Flash Player zero days were also uncovered...

9.3CVSS0.5AI score0.99945EPSS
Exploits34References7
ThreatPost
ThreatPost
added 2015/07/10 9:26 a.m.46 views

OPM Hack Expands to Include Data of 21.5M People

UPDATE–The ever-expanding data breach at the Office of Personnel Management has now spread to include the Social Security numbers and other personal data of a total of 21.5 million people, and the toll also now includes the agency’s director, Katherine Archuleta, who resigned Friday morning...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/04/03 10:12 a.m.46 views

IBM Outs Dyre Wolf Campaign Steals $1 Million

The Dyre banking Trojan‘s ascension to the top of the financial malware food chain took a massive leap forward in the first three months of 2015. Already spreading a damaging piece of malware that targets corporate bank accounts, the Eastern European keepers of Dyre recently upped their social...

9.3CVSS0.6AI score0.81628EPSS
Exploits22References5
ThreatPost
ThreatPost
added 2015/01/22 12:45 p.m.46 views

Chrome 40 Patches 62 Security Vulnerabilities

Google pushed out on Wednesday a new version of its Chrome browser 40.0.2214.91 and along with it paid out more than two dozen bounties, including 16 for memory corruption vulnerabilities. In all, 62 security vulnerabilities were patched, 17 of those considered high severity bugs by Google. Most ...

7.5CVSS1.4AI score0.04339EPSS
Exploits0References29
ThreatPost
ThreatPost
added 2015/01/06 2:25 p.m.46 views

Malvertising Campaign Hits AOL Ad Network, Leads to Exploit Kit

Researchers have detected a malvertising campaign running on a pair of sites owned by Huffington Post that is using ads distributed through an AOL ad network. The attack is sending victims through a series of redirects that eventually brings them to a landing page that is running an exploit kit...

9.3CVSS8.2AI score0.74096EPSS
Exploits9References4
ThreatPost
ThreatPost
added 2014/10/16 10:29 a.m.46 views

OpenSSL Releases Patch for POODLE Attack

The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the POODLE attack on SSLv3. The updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE...

4.3CVSS2.4AI score0.99999EPSS
Exploits7References2
ThreatPost
ThreatPost
added 2014/08/20 1:59 p.m.46 views

Fake AV Defru Puts New Spin on Rogue AV

Rogue antivirus was once the scourge of the Internet, and while this sort of malware is not entirely extinct, it’s fallen out of favor among criminals as users have become more aware and security products have gotten better at blocking the threat. Image via TechNet However, Daniel Chipiristeanu, ...

9.3CVSS2.1AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2014/06/13 2:5 p.m.46 views

SSL Pulse Scans Quantify Vulnerable OpenSSL Servers

Certain mitigating factors made the recent OpenSSL man-in-the-middle vulnerability a notch or two below Heartbleed in terms of criticality. With that in consideration, it’s probably no surprise that patching levels for CVE-2014-0224 aren’t as high out of the gate as they were for Heartbleed. Ivan...

6.8CVSS0.7AI score0.95326EPSS
Exploits9References4
ThreatPost
ThreatPost
added 2013/12/04 2:4 p.m.46 views

counterfeit merchandise domains seized

In an attempt to curb the rampancy of fraud throughout the holiday shopping season, a coalition of international law enforcement agencies seized 706 Internet domains allegedly involved in the sale of counterfeit merchandise. The United States Homeland Security Investigations’ HSI National...

6.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/11/26 2:54 p.m.46 views

Nearly 2000 Sites Vulnerable to Ruby on Rails Cookie Problem

A lingering security issue in Ruby on Rails that stems from a setting in the framework’s cookie-based storage mechanism is still present in almost 2,000 websites. Sites using an old version of Ruby on Rails that relies on CookieStore, the framework’s default cookie storage mechanism, are at risk...

Exploits0References5
ThreatPost
ThreatPost
added 2013/08/29 1:28 p.m.46 views

Metasploit Module Adds Sudo Vulnerability for OS X

Attackers looking to exploit a previously disclosed and apparently still unpatched bug in sudo, a Unix-based Linux command found in most Apple OS X builds have gotten a little more help this week. As Threatpost reported in March, the vulnerability CVE-2013-1775 can essentially set back the...

6.9CVSS7.8AI score0.03176EPSS
Exploits8References5
ThreatPost
ThreatPost
added 2013/07/09 4:3 p.m.46 views

TrueType Font Flaws in July 2013 Microsoft Patch Tuesday

Going all the way back to the Duqu attacks, font-parsing vulnerabilities and exploits have been symptomatic of some high-end espionage attacks targeting the Windows kernel. As a result, with hackers paying more attention to the core of the Windows OS, this year Microsoft has had to address a numb...

9.3CVSS8.9AI score0.99945EPSS
Exploits39References10
ThreatPost
ThreatPost
added 2013/06/05 1:30 p.m.46 views

Google Fixes Security Vulnerabilities with Chrome Update

Google released a stable channel update for its Chrome browser yesterday, resolving 12 vulnerabilities, one of which was considered ‘critical’, Google’s most severe rating, ten of which received second most severe ‘high’ ratings, and one receiving a third-in-line ‘medium’ rating. Google paid out ...

7.5CVSS0.6AI score0.01279EPSS
Exploits1
ThreatPost
ThreatPost
added 2013/03/19 4:31 p.m.46 views

Ruby on Rails Patches DoS, XSS Vulnerabilities

The developers of Ruby on Rails, the popular web app framework, released four new versions of the product yesterday, complete with fixes for a series of vulnerabilities that could have lead to denial of service attacks and XSS injections. Four vulnerabilities in total are addressed in versions...

5.8CVSS1.6AI score0.03438EPSS
Exploits2References8
ThreatPost
ThreatPost
added 2013/01/07 5:6 p.m.46 views

Adobe ColdFusion Exploits in Wild; Patch Remains Week Away

Adobe is recommending ColdFusion users apply a series of mitigations to counter active exploits against vulnerabilities in the application server. An advisory was released late Friday night that the trio of flaws are being targeted by attackers, and that the company would not have a patch availab...

6.8CVSS1.7AI score0.93797EPSS
Exploits5References5
ThreatPost
ThreatPost
added 2012/12/11 2:28 p.m.46 views

Kelihos Update Includes New TLD and USB Infection Capabilities

There’s a little Michael Myers in the Kelihos botnet; maim it, kill it and it keeps on coming back to wreak more havoc. The 2011 takedown of the Kelihos botnet was one of Microsoft’s high-profile success stories against spambots and the like, yet Kelihos was back for more at the start of 2012 usi...

9.3CVSS7.6AI score0.91324EPSS
Exploits15References6
ThreatPost
ThreatPost
added 2012/08/03 4:41 p.m.46 views

How SQL Injection Attacks Work

SQL injection attacks have been going on for years, and the vulnerabilities and exploitation techniques are well-understood and widely discussed. However, they’re still quite prevalent and are used in a variety of scenarios. One recent example is the attack on a Yahoo site that resulted in a brea...

10CVSS1.9AI score0.93688EPSS
Exploits9
ThreatPost
ThreatPost
added 2012/03/05 7:26 p.m.46 views

Attackers Target CVE-2012-0754 Adobe Flash Bug

An Adobe Flash vulnerability fixed last month is being used in targeted attacks right now, with attackers attempting to persuade victims to open a malicious Word document that contains the payload for the Flash bug. The vulnerability has been patched for nearly a month, but history has shown that...

10CVSS2.1AI score0.9203EPSS
Exploits11References3
Total number of security vulnerabilities5000