Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/12/16 1:45 p.m.45 views

‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

A novel remote access trojan RAT being distributed via a Russian-language spear-phishing campaign is using unique manipulation of Windows Registry to evade most security detections, demonstrating a significant evolution in fileless malware techniques. Dubbed DarkWatchman, the RAT – discovered by...

7.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/11/13 12:46 a.m.45 views

Threat from Organized Cybercrime Syndicates Is Rising

From encrypting communications to fencing ill-gotten gains on underground sites, organized crime is cashing in on the digital revolution. The latest organized crime threat assessment from Europol issues a dire warning about the corrosive effect the rising influence of criminal syndicates is havin...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/09/03 4:15 p.m.45 views

The State of Incident Response: Measuring Risk and Evaluating Your Preparedness

The coronavirus pandemic presented the perfect opportunity for security teams to evaluate the state of their incident-response process. In fact, it highlighted the dire need to implement a more structured, detailed and well-practiced plan to sufficiently support organizations when suffering a...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/08/05 3:26 p.m.45 views

MacOS Flaw in Telegram Retrieves Deleted Messages

A vulnerability in a high-level privacy feature of Telegram on macOS that sets up a “self-destruct” timer for messages on both the sender’s and recipient’s devices can allow someone to retrieve these messages even after they’ve been deleted, a researcher has found. Reegun Richard Jayapaul,...

6.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/01 1:0 p.m.45 views

Data Exfiltration: What You Should Know to Prevent It

In today’s digitally driven era, data is the most critical component of a business. Companies are collecting more data than ever before, and constantly enhancing their operations through data-driven decisions. As a result, data leaks are a serious concern for companies of all sizes; if one occurs...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/06/11 12:42 p.m.45 views

Police Grab Slilpp, Biggest Stolen-Logins Market

The U.S. Department of Justice DOJ announced on Thursday that a multinational operation has led to the seizure of Slilpp, a well-known marketplace for selling stolen online logins that offered more than 80 million sets of credentials for sale. Since 2012, Slilpp has been an underground market to...

7.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/06/01 6:0 p.m.45 views

Where Bug Bounty Programs Fall Flat

Eavesdropping on the chatter of 600+ cybercriminal forums shows that cybercriminals have specific preferences, shown by the flavors of exploits they requisition, and that the bug bounty programs either are too slow, don’t pay enough or are just the start of profit-making. A year-long study into t...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/06/01 12:57 p.m.45 views

Cyberattack Forces Meat Producer to Shut Down Operations in U.S., Australia

The world’s largest meat distributor shut down some operations in both the United States and Australia over the Memorial Day weekend after a cyberattack on its IT systems that could have a significant effect on the food supply chain if not resolved quickly. Attackers targeted several servers...

7.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/05/12 8:43 p.m.45 views

Researchers Flag e-Voting Security Flaws

A group of election security experts said after a deep dive into Australia’s electronic voting systems that they have “serious problems” with the accuracy, integrity and privacy with elections run by the Australian Capital Territory ACT Electoral Commission. The team of four cybersecurity...

5.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/05/07 8:28 p.m.45 views

iPhone Hack Allegedly Used to Spy on China’s Uyghurs

In 2019, a Chinese security researcher working with the internet security and antivirus company Qihoo 360 unveiled an intricately woven exploit: One that would allegedly let a remote attacker easily jailbreak an iPhone X iOS 12.1. The researcher, Qixun Zhao, dubbed the exploit Chaos, for good...

5.8AI score
Exploits0References18
ThreatPost
ThreatPost
added 2021/04/06 1:59 p.m.45 views

Conti Gang Demands $40M Ransom from Florida School District

UPDATE The Conti Gang has demanded a $40 million ransom from a Fort Lauderdale, Fla., school district after a ransomware attack last month. Attackers stole personal information from students and teachers, disrupted the district’s networks, and caused some services to be unavailable. The incident...

0.3AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/03/24 8:36 p.m.45 views

Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws

Attackers are actively exploiting two recently-patched vulnerabilities in a popular suite of tools for WordPress websites from marketing platform Thrive Themes. Thrive Themes offers various products to help WordPress websites “convert visitors into leads and customers.” Its suite of products,...

0.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/03/24 2:56 p.m.45 views

Purple Fox Malware Targets Windows Machines With New Worm Capabilities

A malware that has historically targeted exposed Windows machines through phishing and exploit kits has been retooled to add new “worm” capabilities. Purple Fox, which first appeared in 2018, is an active malware campaign that until recently required user interaction or some kind of third-party...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/16 4:40 p.m.45 views

Magecart Attackers Save Stolen Credit-Card Data in .JPG File

Magecart attackers have found a new way to hide their nefarious online activity by saving data they’ve skimmed from credit cards online in a .JPG file on a website they’ve injected with malicious code. Researchers at website security firm Sucuri discovered the elusive tactic recently during an...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/18 9:30 p.m.45 views

Cybercriminal Enterprise 'Ringleaders' Stole $55M Via COVID-19 Fraud, Romance Scams

Click to Register U.S. law enforcement arrested six “ringleaders” of a Ghana-based cybercriminal enterprise, who had allegedly launched a slew of money-stealing scams dating back to 2013 that included romance scams, business email compromise attacks and fraud. Seized in the arrests were a slew of...

0.2AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/02/18 8:5 p.m.45 views

Kia Motors Hit With $20M Ransomware Attack – Report

So far, Kia Motors America has publicly acknowledged an “extended system outage,” but ransomware gang DoppelPaymer claimed it has locked down the company’s files in a cyberattack that includes a $20 million ransom demand. That $20 million will gain Kia a decryptor and a guarantee to not to publis...

1.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/02/09 10:31 p.m.45 views

Google Play Boots Barcode Scanner App After Ad Explosion

A barcode scanner app, with over 10 million downloads, was booted from the Google Play marketplace after users began to complain of mobile-ad overload. The makers of the app, called Barcode Scanner, intentionally altered the code of the app via an update turning it from a benign app to adware,...

7.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/02/02 5:31 p.m.45 views

Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise

Two web skimmers have been discovered on the payment webpages of Costway, one of the top retailers in North America and Europe, which sells appliances, furniture and more. The skimmers are targeting consumers’ credit-card payment details. In a twist, researchers say one of these web skimmers is...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/02/02 3:15 p.m.45 views

Agent Tesla Trojan 'Kneecaps' Microsoft's Anti-Malware Interface

Researchers have identified new versions of the Agent Tesla remote access trojan RAT that target the Windows anti-malware interface used by security vendors to protect PCs from attacks. The newly discovered variants have also adopted new obfuscation capabilities, raising the stakes for businesses...

0.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/01/20 5:36 p.m.45 views

Malwarebytes Hit by SolarWinds Attackers

Malwarebytes is the latest discovered victim of the SolarWinds hackers, the security company said – except that it wasn’t targeted through the SolarWinds platform. “While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” it...

Exploits0References18
ThreatPost
ThreatPost
added 2021/01/05 3:0 p.m.45 views

ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands

A new remote access tool RAT has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private keys and ultimately to drain their wallets. The never-before-seen RAT at the center of the campaign, which researchers dub...

Exploits0References9
ThreatPost
ThreatPost
added 2020/12/18 9:26 p.m.45 views

Cloud is King: 9 Software Security Trends to Watch in 2021

IT security professionals have largely spent the year managing a once-in-a-generation workforce shift from office to home in 2020. With the initial push over, experts predict that 2021 will be focused on shoring up the cloud and re-imagining organizational workflows under this new normal. Softwar...

7.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/12/08 5:0 p.m.45 views

Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution

A pair of critical vulnerabilities have been discovered in dozens of GE Healthcare radiological devices popular in hospitals, which could allow an attacker to gain access to sensitive personal health information PHI, alter data and even shut the machine’s availability down. The flaws affect 100...

0.1AI score0.01398EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/10/28 5:14 p.m.45 views

Russian Espionage Group Updates Custom Malware Suite

The advanced persistent threat APT known as Turla is targeting government organizations using custom malware, including an updated trio of implants that give the group persistence through overlapping backdoor access. Russia-tied Turla a.k.a. Ouroboros, Snake, Venomous Bear or Waterbug is a...

7.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/10/15 12:8 p.m.45 views

Carnival Corp. Ransomware Attack Affects Three Cruise Lines

Hackers accessed personal information of guests, employees and crew for three cruise line brands and the casino operations of Carnival Corp. in a ransomware attack the company suffered on Aug. 15, officials have confirmed. Carnival Cruise Line, Holland America Line and Seabourn were the brands...

1.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/10/05 5:58 p.m.45 views

Malware Families Turn to Legit Pastebin-Like Service

Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware — such as AgentTesla and LimeRAT — in spear-phishing attacks. Pastebin, a code-hosting service that enables users to share plain text through public posts called “pastes,” currently has 17...

7AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/09/21 2:0 p.m.45 views

UPDATE – TikTok Ban: Security Experts Weigh in on the App's Risks

UPDATE Chinese apps TikTok and WeChat over the weekend have gotten an 11th hour reprieve from a plan to cut off access to them. As a ban on U.S. downloads loomed for Sunday, TikTok owner ByteDance reached an agreement to sell significant ownership stakes to Oracle and Walmart. While the deal is...

6.8AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/09/16 5:14 p.m.45 views

DDoS Attacks Skyrocket as Pandemic Bites

The first half of 2020 saw a significant uptick in the number of distributed denial-of-service DDoS attacks compared to the same period last year — a phenomenon that appears to be directly correlated to the global coronavirus pandemic. Neustar’s Security Operations Center SOC saw a 151 percent...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/08/13 2:38 p.m.45 views

New Global Threat Landscape Report Reveals 'Unprecedented' Cyberattacks

A newly released threat report, tracking the biggest trends in the cybercriminal landscape, shows that attackers have been capitalizing on the global pandemic in various ways – from ransomware to web-based malware. Derek Manky Derek Manky, Chief, Security Insights & Global Threat Alliances at...

7.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/08/07 12:48 a.m.45 views

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem

Social media used as a cudgel for nation-states to sway opinion is a cybersecurity threat CISOs can’t ignore — and need to understand better and mitigate against. That’s the message from Renée DiResta, research manager at the Stanford Internet Observatory, who said she is seeing a steady growth a...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/07/27 3:17 p.m.45 views

Encryption Under ‘Full-Frontal Nuclear Assault’ By U.S. Bills

Encryption expert Riana Pfefferkorn believes new proposed laws – the EARN IT Act and the Lawful Access to Encrypted Data Act – pose dire threats to cybersecurity and privacy. In this Threatpost interview, Pfefferkorn, who is associate director of Surveillance and Cybersecurity at the Stanford...

6.8AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/07/08 2:58 p.m.45 views

Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

Microsoft has seized several domains associated with a massive hacking campaign, which has targeted Office 365 accounts with phishing and business email compromise BEC emails. The sophisticated phishing attacks, which first began in December, have since compromised Office 365 accounts in 62...

7.1AI score
Exploits0References17
ThreatPost
ThreatPost
added 2020/07/01 7:23 p.m.45 views

EvilQuest: Inside A 'New Class' of Mac Malware

The new malware sample discovered this week, dubbed EvilQuest by security researchers, may be ushering in a new class of Mac malware, according to Thomas Reed, director of Mac and mobile with Malwarebytes. While EvilQuest pretends to be ransomware, in the background it’s actually using its...

6.8AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/06/16 8:45 p.m.45 views

Qbot Trojan Reappears to Go After U.S. Banking Customers

Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has reappeared after a hiatus to target customers of U.S. financial institutions. Its latest variant features fresh capabilities to help it remain undetected. Qbot a.k.a. Qakbot or Pinkslipbot harvests browsing data...

0.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/06/15 8:48 p.m.45 views

Twitter Disrupts Wide-Ranging Political Disinformation Campaigns

Twitter has taken down three separate nation-sponsored influence operations, attributed to the People’s Republic of China PRC, Russia and Turkey. Collectively the operations consisted of 32,242 bogus or bot accounts generating the content and various amplifier accounts that retweeted it. “Every...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/06/01 3:43 p.m.45 views

Minneapolis Police Department Hack Likely Fake, Says Researcher

As protests continue to proliferate across the globe in the wake of George Floyd’s death, the Minneapolis Police Department is making news for something else: A supposed hack, perpetrated at the hands of the Anonymous hacktivist group. According to Troy Hunt at Have I Been Pwned HIBP, the group o...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/14 12:17 p.m.45 views

Login with Facebook Bug Earns $20K Bounty

Facebook has awarded a security researcher $20,000 for discovering a cross-site scripting XSS vulnerability in the Facebook Login SDK, which is used by developers to add a “Continue with Facebook” button to a page as an authentication method. Exploitation could allow threat actors to hijack...

5.9AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/05/11 3:38 p.m.46 views

Sphinx Malware Returns to Riddle U.S. Targets, with Modifications

The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the use of coronavirus themes. Since April, it has been seen attacking U.S. targets with ...

0.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/30 12:17 p.m.45 views

Shade Threat Actors Call It Quits, Release 750K Encryption Keys

The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User “shade-team” posted four files on the code repository earlier this week, one containing the file keys and four “ReadMe”...

7.4AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/04/15 4:17 p.m.45 views

Tencent Ups Top Bug-Bounty Award to $15K

The Tencent Security Response Center TSRC is launching an expanded bug-bounty program, via the HackerOne white-hat platform – and the company has increased its top reward to $15,000. Tencent, a China-based global internet service provider, is opening up its existing bug-bounty program to...

8.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/03/10 6:14 p.m.45 views

Firefox Bug Opens iPhone AirPods to Third-Party Snooping

Five high-severity bugs were fixed in the Firefox web browser with the release of version 74 by the Mozilla Foundation on Tuesday. In addition, Mozilla reported a quirky moderate-severity flaw that allows hackers to target iPhone users and collect data tied to connected AirPods, if in use. In...

7.5CVSS9.5AI score0.01823EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2020/03/06 6:3 p.m.45 views

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks

As the coronavirus blows up into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams. O...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/04 4:16 p.m.45 views

Loyalty Cards Targeted in Tesco Clubcard Attack

U.K. supermarket giant Tesco is warning on a credential-stuffing attack that potentially affects 600,000 members of its Clubcard loyalty program. It said that it detected cybercriminals trying out different name and password combos, gleaned from a database of stolen usernames and passwords for...

0.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/02 5:14 p.m.45 views

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX...

0.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/02/05 11:0 a.m.45 views

Gamaredon APT Improves Toolset to Target Ukraine Government, Military

The Gamaredon advanced persistent threat APT group has been supercharging its operations lately, improving its toolset and ramping up attacks on Ukrainian national security targets. Vitali Kremez, head of SentinelLabs, said in research released on Wednesday that he has been tracking an uptick in...

1.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/01/27 7:57 p.m.45 views

As Necurs Botnet Falls from Grace, Emotet Rises

A mid-January spam campaign by criminals behind the popular Necurs botnet shows a dramatic drop in skill and savvy by perpetrators. In a shift from sending sophisticated messages with lethal payloads, Necurs botnets are now peddling get-rich-quick spam messages in what researchers are calling...

0.3AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/01/08 8:21 p.m.45 views

Man Sentenced in ATM Skimming Conspiracy

A New York state man has been sentenced to five years for an elaborate ATM skimming conspiracy that allowed him to steal at least $390,141 from victims. Bogdan Rusu, 39, of Queens, NY pleaded guilty to participating in the scheme, which used secret card-reading devices and pinhole cameras on...

Exploits0References8
ThreatPost
ThreatPost
added 2019/12/19 4:59 p.m.45 views

The Scammer Force is Strong with Star Wars: The Rise of Skywalker

Whenever the internet lights up in anticipation of anything, there are fraudsters and scammers waiting in the wings to take advantage of it. This week’s premiere of Star Wars: The Rise of Skywalker is no exception, with cybercriminals eyeing one of the world’s most beloved franchises as rich fodd...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/12/18 7:20 p.m.45 views

Ring Plagued by Security Issues, Flood of Hacks

Serious security holes in the Ring smart doorbell have been uncovered, according to a new investigation. For instance, Ring owners aren’t notified of suspicious login alerts when devices are accessed on various IP addresses — and there are seemingly no limitations for incorrect login attempts. Th...

7.8AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/10/31 4:54 p.m.45 views

China-Linked Hackers Spy on Texts With MessageTap Malware

Researchers have discovered a new malware used for cyber-espionage efforts by China-linked threat group APT41. The malware intercepts telecom SMS server traffic and sniffs out certain phone numbers and SMS messages – particularly those with keywords relating to Chinese political dissidents. The...

6.9AI score
Exploits0References7
Total number of security vulnerabilities5000