Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/10/30 6:33 p.m.45 views

WhatsApp Spyware Attack: Uncovering NSO Group Activity

On the heels of Facebook filing a lawsuit against Israeli company NSO Group — alleging that it was behind the massive WhatsApp hack earlier this year — privacy experts say that the move is “popping the unaccountable bubble” that commercial spyware companies have carved out for themselves. After...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/09/16 3:51 p.m.45 views

U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks

The U.S. has slapped sanctions on three well-known North Korean state-sponsored hacker groups – including the group that was tied to the 2017 WannaCry ransomware attacks and the 2014 cyberattack on Sony Pictures Entertainment. The three that were sanctioned are the infamous Lazarus Group, as well...

0.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/08/15 5:4 p.m.45 views

Choice Hotels Breach Showcases Need for Shared Responsibility Model

Hospitality giant Choice Hotels fell victim to hackers this week, thanks to a MongoDB database that was left open to the internet containing 700,000 customer records. The situation highlights supply-chain data-security risk, given that the data was being held by a third-party vendor — and brings ...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/08/06 6:54 p.m.45 views

Cryptolocking WordPress Plugin Locks Up Blog Posts

A malicious WordPress plugin ironically called WP Security has been spotted in the wild encrypting blog posts and rendering the content unreadable. It’s capable of targeting individual posts — an unusual behavior, according to researchers. According to analysis from Sucuri, the plugin obtains a...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/04/12 2:8 p.m.45 views

ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps

Tax Day in the U.S. is looming on Monday, and as people rush to do their last-minute filing, scammers are out in full force, targeting consumers and businesses alike. According to RiskIQ numbers, the internet is awash in crafty schemes and dangerous threat campaigns that exploit the convenience o...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/04/04 5:31 p.m.45 views

Facebook Exposed Dataset Debacle: Who's Really To Blame?

UPDATE The discovery of millions of Facebook records leaked from publicly-exposed AWS storage buckets has left researchers wondering where the responsibility lies. The two separate datasets, disclosed Wednesday by researchers at Upguard, were held by two app developers, Cultura Colectiva and At t...

6.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/03/06 11:0 a.m.45 views

RSA Conference 2019: Microsoft, Google, Twitter on Federal Privacy Regs

SAN FRANCISCO – With the advent of General Data Protection Regulation in Europe and state measures like the California Consumer Privacy Act CCPA of 2018 talk about a comprehensive U.S. privacy law has grown louder. However, some privacy advocates fear that any such federal legislation will be a...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/05/08 4:56 p.m.45 views

Adobe Patches Critical Bugs In Flash Player, Creative Cloud

Adobe has fixed several critical vulnerabilities – including a critical code execution bug in Adobe Flash Player – as part of its regularly scheduled May Security Bulletin, on Tuesday. In all, Adobe released patches for five critical and important vulnerabilities spanning Creative Cloud, Adobe...

10CVSS9.4AI score0.099EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2015/07/24 9:46 a.m.45 views

VUPEN Launches New Zero-Day Acquisition Firm Zerodium

UPDATE–In the weeks since the Hacking Team breach, the spotlight has shone squarely on the small and often shadowy companies that are in the business of buying and selling exploits and vulnerabilities. One such company, Netragard, this week decided to get out of that business after its dealings...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/04/08 11:37 a.m.45 views

NTP Symmetric Key Authentication Security Vulnerabilities Patched

NTP, the much maligned protocol abused in a number of high volume DDoS attacks a year ago, is suffering from newly patched vulnerabilities that could allow an attacker to send unauthenticated packets to a client that would be executed. The Department of Homeland Security and CERT at the Software...

1.8CVSS0.6AI score0.02219EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2015/01/23 11:2 a.m.45 views

PHP 5.6.5 Released With Several Security Fixes

Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to...

7.5CVSS0.8AI score0.1689EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2014/06/12 9:38 a.m.45 views

VMware Patches ESXi Against OpenSSL Flaw, But Many Other Products Still Vulnerable

While the group of vulnerabilities that the OpenSSL Project patched last week hasn’t grown into the kind of mess that the Heartbleed flaw did, the vulnerabilities still affect a huge range of products. Vendors are still making their way through the patching process, and VMware has released an...

6.8CVSS1.1AI score0.95326EPSS
Exploits9References2
ThreatPost
ThreatPost
added 2014/05/12 3:35 p.m.45 views

PointDNS Recovers from Massive DDoS Attack

PointDNS says most of its DNS servers are online again after a massive DDoS attack late last week took down the service provider. A post on the company’s Twitter account on Friday said the provider was adding nameservers and working with network providers to restore service to its customers. Many...

5CVSS1AI score0.97549EPSS
Exploits23References5
ThreatPost
ThreatPost
added 2012/08/03 1:38 p.m.45 views

Fake AT&T Emails Using Blackhole Exploit Kit to Install Malware

For the last few weeks there have been a series of quite authentic-looking phishing emails making the rounds, purporting to come from AT&T and informing the recipient that their bill is ready to view. The emails look nearly identical to a real bill and researchers say that users who fall for the...

10CVSS9.8AI score0.93688EPSS
Exploits9References3
ThreatPost
ThreatPost
added 2012/04/24 5:37 p.m.45 views

New Java Malware Exploits Both Windows And Mac Users

Symantec has discovered a new form of Java malware that infects both Apple and Windows machines, according to research posted on the company’s Security Response blog. The entry, penned by researcher Takashi Katsuki, describes a strain of Java Applet malware that either drops a Python-based malwar...

10CVSS2AI score0.98113EPSS
Exploits21References7
ThreatPost
ThreatPost
added 2012/03/22 11:55 a.m.45 views

Six High-Risk Flaws Fixed in Google Chrome

Google has fixed nine new vulnerabilities in its Chrome browser, including six high-risk flaws. The most serious of the bugs include three separate use-after-free vulnerabilities in various parts of the browser. As part of its researcher reward program, Google paid out $5,500 in bounties for...

7.5CVSS0.9AI score0.03567EPSS
Exploits3References2
ThreatPost
ThreatPost
added 2010/12/08 3:33 p.m.45 views

New Local Linux Kernel Root Exploit Published

An interesting exploit for the Linux kernel that enables an attacker to escalate his privileges on a local machine has popped up on the Full Disclosure mailing list. The exploit chains together three separate bugs to get root on a vulnerable machine. The exploit was posted Tuesday by Dan Rosenber...

6.2CVSS0.02655EPSS
Exploits11References2
ThreatPost
ThreatPost
added 2009/05/20 5:37 p.m.45 views

Serious Mac OS X Java vulnerability disclosed

There is an easily exploitable vulnerability in the Java implementation in Apple’s Mac OS X which could allow an attacker to run arbitrary code on a remote machine. The flaw, which is similar to a vulnerability that has been public for five months and affect other vendors’ products, affects even...

10CVSS0.6AI score0.84807EPSS
Exploits19References3
ThreatPost
ThreatPost
added 2022/07/26 12:38 p.m.44 views

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

While data breaches and ransomware are still considered among the more significant concern for businesses, the threats sometimes come from a direction we weren’t expecting. Cybercriminals use botnets for various malicious purposes, most significantly for DDoS attacks against targets. The most...

7.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/06/29 1:0 p.m.44 views

Patchable and Preventable Security Issues Lead Causes of Q1 Attacks

Eighty-two percent of attacks on organizations in Q1 2022 were caused by the external exposure of a known vulnerabilities in the victim’s external-facing perimeter or attack surface. Those unpatched bugs overshadowed breach-related financial losses tied to human error, which accounted for 18...

7.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2022/03/31 2:49 p.m.44 views

Automaker Cybersecurity Lagging Behind Tech Adoption, Experts Warn

A pair of recent vulnerabilities found in the automaker ecosystem might not seem like a real danger taken separately. But experts warn a lack of attention on cybersecurity could plague “smart” car and electric vehicle systems — and users — in years to come, as the use of automotive technology...

6.5CVSS8.7AI score0.01083EPSS
Exploits3References5
ThreatPost
ThreatPost
added 2022/01/24 8:26 p.m.44 views

Dark Souls 3 Servers Shut Down Due to Critical RCE Bug

There’s a dangerous remote-code execution RCE bug in the Dark Souls video game that could let attackers brick the PCs of online players. The flaw could allow attackers to do pretty much anything: As Kaspersky researchers explained on Monday, the bug “allows an attacker to execute almost any progr...

7.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2022/01/19 8:55 p.m.44 views

Destructive Wiper Targeting Ukraine Aimed at Eroding Trust

Russia is positioned for a hot-war attack on Ukraine that the Biden administration warned could come “at any point” — but the country is already suffering an attack of a different kind. A sweeping malware campaign remains ongoing, which experts agree is intended to permanently disrupt organizatio...

6.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/11/18 1:59 p.m.44 views

How to Choose the Right DDoS Protection Solution

Pankaj Gupta, Senior Director at Citrix Distributed denial of service DDoS attacks have become increasingly sophisticated, bigger, and economically motivated. Even after 25 years, they still pose a huge security risk for every business. This is in large part because DDoS attacks are relatively ea...

10CVSS8.7AI score0.11084EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/10/22 2:48 p.m.44 views

Cisco SD-WAN Security Bug Allows Root Code Execution

Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could lead to arbitrary code execution. Cisco’s SD-WAN portfolio allows businesses of all sizes to connect disparate office locations via the cloud using various...

7.8CVSS8.2AI score0.00297EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2021/09/15 7:1 p.m.44 views

No Patch for High-Severity Bug in Legacy IBM System X Servers

Two legacy IBM System x server models, retired in 2019, are open to attack and will not receive security patches, according to hardware maker Lenovo. However, the company is offering workaround mitigation. The two models, IBM System x 3550 M3 and IBM System x 3650 M3, are both vulnerable to comma...

9CVSS8.8AI score0.0194EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2021/09/14 5:21 p.m.45 views

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender

A targeted campaign delivering the ZLoader banking trojan is spreading via Google AdWords, and is using a mechanism to disable all Windows Defender modules on victim machines, researchers have found. That’s according to SentinelLabs, which said that to lower the rates of detection, the infection...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/08/18 1:19 p.m.44 views

Kerberos Authentication Spoofing: Don’t Bypass the Spec

Authentication is the front gate to security systems, so if you bypass it, you can pretty much do whatever you want. You can log in as an admin and change configurations, access protected resources and gain control of appliances to steal sensitive data from them. For these reasons, the...

9.8CVSS8.3AI score0.02358EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/08/17 1:0 p.m.44 views

How to Reduce Exchange Server Downtime in Case of a Disaster?

Exchange Server downtime may occur at any point in time due to several reasons, such as malware attack, server crash, database corruption, and hardware or software-related issues/incompatibility. However, downtime can impact productivity and lead to data loss that can have severe implications on...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/08/04 9:14 p.m.44 views

Black Hat: Bugs Allow Takeover of Capsule Hotel Rooms

LAS VEGAS – A series of vulnerabilities in internet of things IoT devices often found in connected hotel rooms allowed a researcher to take control of multiple rooms’ amenities – and punish a loud neighbor. An inadvertent bug hunt began when Kya Supa, security consultant at LEXFO, was traveling...

7.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/07/06 8:1 p.m.44 views

Android Apps in Google Play Harvest Facebook Credentials

A set of nine malicious Android apps that steal Facebook credentials were found on Google Play, which racked up a collective 5.9 million installations before Google removed them. According to Dr. Web’s malware analysts, the applications were fully functional, so that victims remained in the dark...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/07/01 2:11 p.m.44 views

Babuk Ransomware Builder Mysteriously Appears in VirusTotal

The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened. According to a Wednesday posting from Malwarebytes, the operators of the ransomware – perhaps best-known for hitting t...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/11 11:43 a.m.44 views

Hackers Steal FIFA 21 Source Code, Tools in EA Breach

Hackers have breached computer game maker Electronic Arts EA and stolen source code and related tools for the company’s extensive game library, the company has confirmed. EA said it’s investigating “a recent incident of intrusion into our network where a limited amount of game source code and...

7.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/03/30 8:22 p.m.44 views

Malicious Docker Cryptomining Images Rack Up 20M Downloads

At least 30 malicious images in Docker Hub, with a collective 20 million downloads, have been used to spread cryptomining malware, according to an analysis. The malicious images spread across 10 different Docker Hub accounts have raked in around $200,000 from cryptomining, according to Aviv Sasso...

0.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/03/23 7:46 p.m.44 views

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

Arts-and-crafts retailer Hobby Lobby has suffered a cloud-bucket misconfiguration, exposing a raft of customer information, according to a report. An independent security researcher who goes by the handle “Boogeyman” uncovered the issue and reported it to Motherboard in an online chat, according ...

6.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/03/22 7:1 p.m.44 views

Critical Security Bugs Fixed in Virtual Learning Software

Netop, the company behind a popular software tool designed to let teachers remotely access student computers, has fixed four security bugs in its platform. Researchers said that the critical vulnerabilities in the company’s Netop Vision Pro system could allow attackers to hijack school networks,...

0.00771EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/03/18 7:42 p.m.44 views

Trojanized Xcode Project Slips MacOS Malware to Apple Developers

Cybercriminals are targeting Apple developers with a trojanized Xcode project, which once launched installs a backdoor that has spying and data exfiltration capabilities. Xcode is comprised of a suite of free, open software development tools developed by Apple for creating software for macOS, iOS...

6.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/02/03 8:50 p.m.44 views

New Malware Hijacks Kubernetes Clusters to Mine Monero

Researchers have discovered never-before-seen malware, dubbed Hildegard, that is being used by the TeamTNT threat group to target Kubernetes clusters. While Hildegard, initially detected in January 2021, is initially being used to launch cryptojacking operations, researchers believe that the...

Exploits0References11
ThreatPost
ThreatPost
added 2021/01/26 7:35 p.m.44 views

23M Gamer Records Exposed in VIPGames Leak

VIPGames.com, a free platform with a total of 56 available classic board and card games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon and others, has exposed the personal data of tens of thousands of users. In all, more than 23 million records for more than 66,000 users were left expose...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/01/22 7:8 p.m.44 views

ADT Tech Hacks Home-Security Cameras to Spy on Women

Former ADT employee Telesforo Aviles took note when there were attractive women at a home he serviced in the Dallas area. Then he would add his personal email address to their accounts so he could have around-the-clock access to their most private moments, according to the U.S. Attorneys’ Office...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/01/07 9:14 p.m.44 views

Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

Nvidia, which makes gaming-friendly graphics processing units GPUs, on Thursday fixed a slew of high-severity flaws affecting its graphics driver. The vulnerabilities allow bad actors to cripple systems with denial of service attacks, escalate privileges, tamper with data or sniff out sensitive...

1.5AI score0.01777EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2020/12/07 8:1 p.m.44 views

'Free' Cyberpunk 2077 Downloads Lead to Data Harvesting

The hotly anticipated videogame title Cyberpunk 2077 comes out on Dec. 10, inspiring breathless countdowns from gaming publications and enthusiasts across the globe. As with all things zeitgeisty, cybercriminals are looking to cash in on the excitement, with scams that offer “free copies” while...

6.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/12/03 6:58 p.m.44 views

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

The TrickBot malware has morphed once again, this time implementing functionality designed to inspect the UEFI/BIOS firmware of targeted systems. It marks a serious resurgence following an October takedown of the malware’s infrastructure by Microsoft and others. The Windows Unified Extensible...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/16 1:0 p.m.44 views

News Wrap: Barnes & Noble Hack, DDoS Extortion Threats and More

The Threatpost editors break down the top security stories of the week ended Oct. 16, including: Patch Tuesday insanity, with Microsoft and Adobe releasing fixes for severe vulnerabilities – including a critical, potentially wormable remote code execution bug known as the “Ping of Death” Barnes a...

7.7AI score
Exploits0References34
ThreatPost
ThreatPost
added 2020/10/15 2:46 p.m.44 views

Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts

UPDATE Broadvoice, a well-known VoIP provider that serves small- and medium-sized businesses, has leaked more than 350 million customer records related to the company’s “b-hive” cloud-based communications suite. The data includes hundreds of thousands of voicemail transcripts, many involving...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/09/02 8:11 p.m.44 views

Triple-Threat Cryptocurrency RAT Mines, Steals and Harvests

A previously undocumented malware family called KryptoCibule is mounting a three-pronged cryptocurrency-related attack, while also deploying remote-access trojan RAT functionality to establish backdoors to its victims. According to researchers at ESET, the malware has been seen targeting victims...

7.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/08/18 7:16 p.m.44 views

Researchers Warn of Active Malware Campaign Using HTML Smuggling

An active campaign has been spotted that utilizes HTML smuggling to deliver malware, effectively bypassing various network security solutions, including sandboxes, legacy proxies and firewalls. Krishnan Subramanian, security researcher with Menlo Security, told Threatpost that the campaign...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/08/07 1:32 p.m.44 views

Hackers Dump 20GB of Intel's Confidential Data Online

More than 20 gigabytes of proprietary data and source code from chipmaker Intel Corp. was dumped online by a third party, likely the result of a data breach from earlier this year. The announcement of the “first 20gb release in a series of large Intel leaks” was made by user and IT consultant...

0.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/07/22 9:8 p.m.44 views

Apple Security Research Device Program Draws Mixed Reactions

Apple’s long anticipated Security Research Device program has launched, giving select security researchers access to testable iPhones that will make it easier for them to find iOS vulnerabilities. The program offers security researchers specially configured iPhones with shell access, and special...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/07/16 8:25 p.m.44 views

Enterprise Data Security: It’s Time to Flip the Established Approach

There’s an old saying when it comes to big undertakings: Don’t boil the ocean. Well, there’s hardly any bigger project in information security than trying to protect corporate data. But the reality is that too many organizations today are, in fact, “boiling the ocean” when it comes to their...

6.8AI score
Exploits0References3
Total number of security vulnerabilities5000