Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/09/02 8:11 p.m.44 views

Triple-Threat Cryptocurrency RAT Mines, Steals and Harvests

A previously undocumented malware family called KryptoCibule is mounting a three-pronged cryptocurrency-related attack, while also deploying remote-access trojan RAT functionality to establish backdoors to its victims. According to researchers at ESET, the malware has been seen targeting victims...

7.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/08/18 7:16 p.m.44 views

Researchers Warn of Active Malware Campaign Using HTML Smuggling

An active campaign has been spotted that utilizes HTML smuggling to deliver malware, effectively bypassing various network security solutions, including sandboxes, legacy proxies and firewalls. Krishnan Subramanian, security researcher with Menlo Security, told Threatpost that the campaign...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/08/07 1:32 p.m.44 views

Hackers Dump 20GB of Intel's Confidential Data Online

More than 20 gigabytes of proprietary data and source code from chipmaker Intel Corp. was dumped online by a third party, likely the result of a data breach from earlier this year. The announcement of the “first 20gb release in a series of large Intel leaks” was made by user and IT consultant...

0.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/07/22 9:8 p.m.44 views

Apple Security Research Device Program Draws Mixed Reactions

Apple’s long anticipated Security Research Device program has launched, giving select security researchers access to testable iPhones that will make it easier for them to find iOS vulnerabilities. The program offers security researchers specially configured iPhones with shell access, and special...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/07/16 8:25 p.m.44 views

Enterprise Data Security: It’s Time to Flip the Established Approach

There’s an old saying when it comes to big undertakings: Don’t boil the ocean. Well, there’s hardly any bigger project in information security than trying to protect corporate data. But the reality is that too many organizations today are, in fact, “boiling the ocean” when it comes to their...

6.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/06/19 8:46 p.m.44 views

Former DIA Analyst Sentenced to Prison Over Data Leak

A former analyst for the U.S. Defense Intelligence Agency DIA has been sentenced to more than two years in prison after sharing highly classified, national defense intelligence with two reporters. The sentencing comes after the 32-year-old analyst, Henry Kyle Frese, pleaded guilty in February to...

6.7AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/06/05 5:31 p.m.44 views

News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate

Threatpost editors Lindsey O’Donnell-Welch and Tara Seals discuss the top security news stories of the week, including: Reports emerged earlier this week that the Minneapolis police department had been breached by hacktivist group Anonymous. Security expert Troy Hunt debunked the reports, however...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/05/20 5:37 p.m.44 views

NetWalker Ransomware Gang Hunts for Top-Notch Affiliates

The NetWalker ransomware – the scourge behind one of the recent Toll Group attacks – has transitioned to a ransomware-as-a-service RaaS model, and its operators are placing a heavy emphasis on targeting and attracting technically advanced affiliates, according to researchers. Traditionally,...

0.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/05/15 3:59 p.m.44 views

RATicate Group Hits Industrial Firms With Revolving Payloads

Researchers have unearthed a new cybercrime group, RATicate, which is behind several waves of malspam attacks targeting industrial companies with various information-stealing payloads – from LokiBot to Agent Tesla. At least six separate campaigns have been tied to RATicate, with the first wave...

7.3AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/05/14 8:59 p.m.44 views

Innovative Spy Trojan Targets European Diplomatic Targets

A fresh malware trojan has emerged, built from the same code base as the stealthy COMPFun remote access trojan RAT. The malware is using spoofed visa applications to hit diplomatic targets in Europe and may be the work of the Turla APT. According to researchers at Kaspersky, the fake visa...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/04/14 5:55 p.m.44 views

TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover

The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan RAT laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/04/09 12:55 p.m.44 views

'Unbreakable' Smart Lock Draws FTC Ire for Deceptive Security Claims

The Federal Trade Commission has slapped Tapplock, the maker of smart padlocks that it bills as “unbreakable,” with an official complaint that could lead to fines down the road. The agency alleges that the company engaged in false and deceptive claims about its security practices, after the lock...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/03/24 8:58 p.m.44 views

Covid-19 Privacy Poll: Phone Tracking, Public Health and Surveillance

As the coronavirus pandemic accelerates, authorities worldwide are plotting ways to flatten the curve of infection rates using potentially privacy-busting measures such as phone tracking, facial recognition and other tech. In this Threatpost poll, we want your take on whether sacrificing personal...

0.9AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/03/02 7:23 p.m.44 views

Forrester: Keeping Smart Cities Safe From Hacks

SAN FRANCISCO – Municipalities today are dealing with an unanticipated number of cyberthreats, Merritt Maxim, an analyst at Forrester, said last week at the RSA Conference 2020. Local and state governments are increasingly being targeted by ransomware attacks, phishing emails and business email...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/01/09 4:57 p.m.44 views

4 Ring Employees Fired For Spying on Customers

Smart doorbell company Ring said that it has fired four employees over the past four years for inappropriately accessing customer video footage. The disclosure comes in a recent letter to senators in response to a November inquiry into the company’s data policies from Amazon-owned Ring as it...

0.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/10/29 1:0 p.m.44 views

ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical

Almost all of hardware vulnerabilities – 90 percent – that were submitted to retail bug bounty programs so far this year were categorized as critical, showing that Point of Sale systems and other retail hardware assets remain a serious security issue. That’s due to the fact that retail hardware...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/10/09 6:54 p.m.44 views

Most Americans Fail Cybersecurity Quiz

When it comes to two-factor authentication and secure web browsing, most Americans don’t know their HTTPS from their 2FA to save their digital bacon: A Pew Research Center study found most Americans don’t have a firm grasp of cybersecurity issues core to protecting their data. Click to enlarge. I...

1.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/08/29 8:51 p.m.44 views

FIN6 Switches Up PoS Tactics to Target E-Commerce

The financial cybergang known as the FIN6 group, known for going after brick-and-mortar point-of-sale PoS data in the U.S. and Europe, has changed up its tactics to target e-commerce sites. According to researchers at IBM X-Force Incident Response and Intelligence Services IRIS, FIN6 a.k.a. ITG08...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/07/08 8:7 p.m.44 views

Rules-Based Policy Approaches Need to Go

Enterprises are making tremendous investments in their digital transformations, and no wonder: Increasingly, those who can more rapidly part from old, manual and antiquated ways of managing technology and shift to new ways of thinking will come out on top. That’s especially true when it comes to...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/12/05 3:47 p.m.44 views

Kubernetes Flaw is a "Huge Deal," Lays Open Cloud Deployments

A critical privilege-escalation vulnerability CVE-2018-1002105 has been uncovered in the Kubernetes open-source container software, which is a fixture in much of today’s cloud infrastructure. It could allow an attacker unfettered, remote access for stealing data or crashing production application...

7.5CVSS8.6AI score0.86978EPSS
Exploits10References10
ThreatPost
ThreatPost
added 2018/10/17 4:6 p.m.44 views

Podcast: A Utility Ransomware Attack, Post-Hurricane

A “critical water utility” was hit by a recent ransomware attack, significantly impeding the service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority ONWASA said in a Monday release that a “sophisticated ransomware attack… has left the utili...

0.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/06/07 1:14 p.m.44 views

Adobe Patches Critical Flash Player Bug With Active Exploit

Adobe has patched two critical and two important vulnerabilities in its Flash Player on Thursday, including one that is being exploited in the wild in targeted attacks against Windows users. The critical vulnerability with an existing exploit CVE-2018-5002 is a stack-based buffer overflow bug tha...

10CVSS8.7AI score0.25353EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2018/03/13 12:56 p.m.44 views

Samba Patches Two Critical Vulnerabilities in Server Software

Two critical patches for the free networking software Samba were released Tuesday, addressing vulnerabilities that could allow an unprivileged remote attacker to launch a denial of service attack against servers running the software or allow an adversary to change user passwords, including the...

6.5CVSS1AI score0.10308EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2017/10/31 3:12 p.m.44 views

Apple Patches KRACK Vulnerability in iOS 11.1

Apple has patched iOS, macOS and other products to protect against the KRACK vulnerability recently disclosed in the WPA2 Wi-Fi security protocol. KRACK, short for key re-installation attack, allows an attacker within range of a victim’s Wi-Fi network to read encrypted traffic with varying degree...

2.9CVSS7.1AI score0.02285EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2017/10/18 9:51 a.m.44 views

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code...

7.5CVSS0.6AI score0.43492EPSS
Exploits4References4
ThreatPost
ThreatPost
added 2017/04/14 6:0 a.m.44 views

Exploit Kit Activity Quiets, But is Far From Silent

Over the past six months, the roar of exploit kits has quieted to a whimper. But that doesn’t mean exploit kit threats are nonexistent. According to security experts, gangs behind them are regrouping, tweaking code and finding fresh software exploits to target. Here are the exploit kits and explo...

9.3CVSS9.2AI score0.67922EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2016/11/03 3:15 p.m.44 views

Outlook Web Access Two-Factor Authentication Bypass Exists

Enterprises running Exchange Server have been operating under a false sense of security with regard to two-factor authentication implementations on Outlook Web Access OWA adding an extra layer of protection. A design weakness has been exposed that can allow an attacker to easily bypass 2FA and...

9.3CVSS0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2016/10/24 5:15 p.m.44 views

St. Jude Faces New Claim Heart Devices are Hackable

St. Jude Medical is facing fresh allegations its heart implant devices are vulnerable to cyberattacks. The claims were introduced by the defense as part of St. Jude’s defamation lawsuit against short seller Muddy Waters and security firm MedSec. In a legal filing submitted Monday, experts hired b...

7.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/06/14 12:59 p.m.44 views

Fix Coming for Flash Vulnerability Under Attack

Adobe today said it will patch Flash Player this week, addressing a vulnerability being exploited in “limited, targeted attacks.” The flaw, CVE-2016-4171, exists in versions of Flash prior to, and including, 21.0.0.242 on Windows, Macintosh, Linux and ChromeOS platforms. “Successful exploitation...

10CVSS0.6AI score0.19903EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2016/05/12 12:55 p.m.44 views

Adobe Emergency Update Patches Flash Zero Day

As promised earlier this week, Adobe today released an updated version of Flash Player that includes a patch for a zero-day vulnerability. Adobe said it is aware of the existence of a public exploit for CVE-2016-4117, but said the flaw has not been publicly attacked. The vulnerability affects Fla...

10CVSS1.5AI score0.94354EPSS
Exploits6References4
ThreatPost
ThreatPost
added 2016/05/11 1:43 p.m.44 views

FireEye Details Microsoft Zero Day Attack on 100 Companies

More than 100 North American companies were attacked by crooks exploiting a Windows zero day vulnerability. The attacks began in early March and involved the zero day vulnerability CVE-2016-0167 reported and partially fixed in April’s Patch Tuesday security bulletins by Microsoft. The zero day wa...

7.2CVSS0.3AI score0.05729EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/02/01 2:0 p.m.44 views

February 2016 Android Nexus Security Bulletin

Google today patched Nexus devices in an over-the-air update against a critical vulnerability that could be exploited by an attacker on the same Wi-Fi network. The patch addresses multiple vulnerabilities in the Broadcom Wi-Fi driver that could be abused to allow for remote code execution. The...

10CVSS0.7AI score0.33367EPSS
Exploits4References2
ThreatPost
ThreatPost
added 2015/07/17 8:29 a.m.44 views

Samy Kamkar's ProxyGambit Picks Up for Defunct ProxyHam

Without fail in the weeks leading up to Black Hat and DEF CON, there are inevitably talks that are either pulled by organizers, cancelled by presenters, or strong suggestions are made that the talks don’t happen. This year’s first casualty, Ben Caudill’s scheduled DEF CON demonstration of ProxyHa...

6.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2015/02/05 7:20 a.m.44 views

Hanjuan Exploit Kit, Malvertising Dangers in Flash Zero Days

The recent trio of Flash zero days has not only caused a lot of scrambling at Adobe—which yesterday released a patch for the last in that line of vulnerabilities—but also shined light on a fairly unknown exploit kit, exposed the evolving danger associated with malvertising, and made clear the pai...

7.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2014/06/11 10:31 a.m.44 views

Mozilla Patches Seven Flaws in Firefox 30

Mozilla has fixed seven security vulnerabilities in Firefox 30, including five critical flaws that could enable remote code execution. Firefox 30 is a relatively minor release of the popular browser, with the most notable change being the addition of a sidebar button that allows users to quickly...

7.5CVSS1.5AI score0.01699EPSS
Exploits0References15
ThreatPost
ThreatPost
added 2014/04/25 2:48 p.m.44 views

Vulnerability in Viber Allows Snooping of Images, Videos

UPDATE – Viber, a messaging and VoIP application similar to WhatsApp, is in the middle of patching a vulnerability that could allow an attacker to view sensitive information shared between users like images, videos and location information. The problem is that information transferred by Viber is...

10CVSS0.88013EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2014/03/17 11:24 a.m.44 views

Google Patches Four Pwn2Own Bugs in Chrome 33

Now that the dust has settled after the Pwn2Own contest, the browser manufacturers are beginning to roll out patches for the vulnerabilities exploited by contestants. Google on Monday released fixes for a number of bugs in Chrome discovered and exploited during Pwn2Own, releasing new versions of...

7.5CVSS0.4AI score0.04822EPSS
Exploits4References8
ThreatPost
ThreatPost
added 2013/10/01 3:45 p.m.44 views

Three New APTs Spotted Piling On IE Zero Day

Attackers are continuing to pile on a critical Internet Explorer zero day that remains unpatched two weeks after it was reported. During the last two weeks, it appears that at least three separate targeted attack campaigns have been using the same bug previously used by Operation Deputy Dog, a...

9.3CVSS8.9AI score0.8593EPSS
Exploits18References3
ThreatPost
ThreatPost
added 2013/05/20 2:47 p.m.44 views

Safe Targeted Espionage Campaign Borrows from Cybercriminals

More and more, we’re hearing about a crossing of the streams, if you will, between cybercrime and state-sponsored attackers. Elements of malware, code persistence and distribution techniques are bleeding over between one realm of hacking into the other as each side tries to fill gaps in their...

9.3CVSS6.9AI score0.99966EPSS
Exploits12References2
ThreatPost
ThreatPost
added 2013/05/07 12:58 p.m.44 views

Hacked Media Sites Serving Fake AV Malware

Websites belonging to a number of Washington, D.C.-area media outlets have been compromised in a series of opportunistic attacks with criminals using a watering-hole tactic to spread scareware, or phony antivirus software. Popular D.C. radio station WTOP, sister station Federal News Radio, and th...

10CVSS0.5AI score0.97612EPSS
Exploits64References2
ThreatPost
ThreatPost
added 2012/10/02 2:51 p.m.44 views

The Tale of One Thousand and One DSL Modems

This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on...

10CVSS9.3AI score0.8316EPSS
Exploits11
ThreatPost
ThreatPost
added 2012/08/30 4:14 p.m.44 views

Use of Java Zero-Day Flaws Tied to Nitro Attack Crew

Researchers say that one of the attack groups using the two new Java zero-day vulnerabilities is the same group that was behind an earlier targeted attack campaign from 2011. That group was traced back to China and was essentially running a spear-phishing campaign, but now the crew, known as Nitr...

10CVSS0.3AI score0.98536EPSS
Exploits10References8
ThreatPost
ThreatPost
added 2012/05/08 2:46 p.m.44 views

PHP Group Set to Release Another Patch for CVE-2012-1823 Flaw

The PHP Group on Tuesday is planning to release another new version of the scripting language that’s designed to address, again, the remotely exploitable flaw that came to light last week. That bug, which requires no authentication, was supposed to have been fixed in new releases pushed out on Ma...

7.5CVSS9.9AI score0.99998EPSS
Exploits42References3
ThreatPost
ThreatPost
added 2010/06/08 10:56 a.m.44 views

Adobe to Release Flash Patch June 10

Adobe said on Monday that it will have a patch available for the newly discovered critical vulnerability in Flash ready by June 10 for most platforms. The patches for Adobe Reader and Acrobat, which also are affected by the flaw, won’t be released until June 29. The new flaw was discovered late...

9.3CVSS7.9AI score0.82365EPSS
Exploits22References5
ThreatPost
ThreatPost
added 2010/06/05 3:10 a.m.44 views

Adobe Warns of Flash, PDF Zero Day Attack

Adobe issued an alert late Friday night to warn about zero-day attacks against an unpatched vulnerability in its Reader and Flash Player software products. The vulnerability, described as critical, affects Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris...

9.3CVSS0.8AI score0.82365EPSS
Exploits22References2
ThreatPost
ThreatPost
added 2010/03/10 9:37 p.m.44 views

Recently Patched Adobe PDF Flaw Being 'Actively Exploited'

Malicious hackers have pounced on a newly patched Adobe PDF Reader vulnerability to plant Trojan downloaders on tardy Windows users. According to researchers in Microsoft’s malware protection center, the vulnerability CVE-2010-0188 was patched less than a month ago, proving that malicious hackers...

9.3CVSS1.2AI score0.88246EPSS
Exploits12References4
ThreatPost
ThreatPost
added 2009/04/22 7:52 p.m.44 views

Experts call for better measurement of security

If there’s one key message coming through all of the noise at the RSA Conference this week it’s the fact that there’s a pressing need for more data. Data on attacks, data on vulnerabilities, data on data breaches, data on software security, data on everything having to do with security. The...

9.3CVSS0.3AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2022/07/19 3:33 p.m.43 views

Authentication Risks Discovered in Okta Platform

Researchers at Authomize have discovered four “high impact” security risks in the identity and access management IAM platform Okta, according to a Tuesday report. The risks include cleartext password leakage via SCIM – the System for Cross-domain Identity Management – sharing of passwords and oth...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2022/06/29 8:18 p.m.43 views

Leaky Access Tokens Exposed Amazon Photos of Users

The Amazon Photos app for Android insufficiently protected user access tokens, according to a blog post published on Wednesday. Theoretically, with exposed tokens, an attacker could’ve accessed users’ personal data from a number of different Amazon apps – not just Photos but also, for example,...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2022/06/22 12:49 p.m.43 views

Gamification of Ethical Hacking and Hacking Esports

While ethical hacking is by no means a new or groundbreaking practice, the scale at which organizations and individuals are undertaking such initiatives continues to intensify, especially considering recent events such as the log4j vulnerability. Traditionally, ethical hacking is undertaken by...

7.3AI score
Exploits0References4
Total number of security vulnerabilities5000