15946 matches found
Building Multilayered Security for Modern Threats
Considering recent announcements of major attacks caused by external malicious actors, including a ransomware attack on a U.S. gasoline pipeline, the need for increased security posture is as important as ever, and multilayered security remains the key. With rampant ransomware attacks and other...
Combatting Insider Threats with Keyboard Security
As cyberattacks snowball and insider threats become an ever-larger part of the problem, it may be time to move beyond purely software-based cyber-defenses. Implementing hardware-based security, like secure keyboards, can be an important part of the mix. Those in IT-leadership roles are well aware...
American Express Fined Over Millions of Spam Messages
American Express Services Europe has been fined £90,000 $127,377 by a U.K. regulator, which found the company illegally blasted out 4 million marketing emails to customers who had opted out of receiving them. Critics said the fine, which is nominal for the multi-national financial brand, isn’t...
Reservation System Fixes Easy-to-Exploit XSS Bug
An easy-to-exploit bug impacting the WordPress plugin ReDi Restaurant Reservation allows unauthenticated attackers to pilfer reservation data and customer personal identifiable information by simply submitting a malicious snippet of JavaScript code into the reservation comment field. The bug...
It’s Time to Prepare for a Rise in Insider Threats
Earlier this year, Tesla discovered that an employee had stolen more than 6,000 files containing sensitive code. The software engineer, who was only employed for two weeks, had been hired as one of the few people who could access these files. This incident highlights the danger that insider threa...
Ransomware Going for $4K on the Cyber-Underground
In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That’s according to an analysis by Kaspersky of the three main underground forums where ransomware is circulated...
Why Retailers Fail to Stop Shopping Bots
In the 1970s the United States encountered an “oil embargo” that dramatically curtailed people from being able to purchase gasoline for their vehicles. “No Gas Today” signs were everywhere. Gas rationing was imposed by only allowing car owners to buy gas based on whether the final numbers on thei...
Manufacturing's Cloud Migration Opens Door to Major Cyber-Risk
Web-facing applications continue to be one of the highest security risks present for organizations, with more than 40 percent of them actively leaking data in a way that can have a ripple affect across businesses and their partners, research has found. Moreover, manufacturing is particularly...
Office 365 Cyberattack Lands Disgruntled IT Contractor in Jail
A former IT contractor has been sentenced to two years in prison after hacking into a company’s server and deleting the majority of its employees’ Microsoft Office 365 O365 accounts. The incident resulted in the company completely shutting down for two days. The 32-year-old contractor, Deepanshu...
Teen Behind Twitter Bit-Con Breach Cuts Plea Deal
Thanks to a new plea deal with the Florida State Attorney’s Office, the 18-year-old behind last summer’s breach of Twitter’s high-profile accounts will not be charged as an adult, and instead will serve his sentence in juvenile detention. Graham Ivan Clark was arrested seven months ago, and has...
Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow among others inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept PoC code dependency-confusion exploit that w...
Passwords, Private Posts Exposed in Hack of Gab Social Network
Distributed Denial of Secrets DDoSecrets, a self-proclaimed “transparency collective,” claim they have received more than 70 gigabytes of data exfiltrated from social media network Gab. Gab, which touts itself as “a social network that champions free speech, individual liberty and the free flow o...
Outgoing FCC Chair Issues Final Security Salvo Against China
Outgoing Federal Communications Chair Ajit Pai has issued a final warning about Chinese telcos at the end of a tenure spent cracking down on companies like Huawei, ZTE and China Telecom. Pai, a former telecommunications industry lobbyist and in-house counsel for Verizon, told Reuters that managin...
Ransomware Attackers Publish 4K Private Scottish Gov Agency Files
On the heels of a ransomware attack against the Scottish Environmental Protection Agency SEPA, attackers have now reportedly published more than 4,000 files stolen from the agency – including contracts and strategy documents. After hitting SEPA on Christmas Eve with the attack, cybercriminals...
Most-Wanted Threatpost Stories of 2020
As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go down as defining topics for the cybersecurity world for the year. Threatpost also took a retrospective view on what readers were most interested...
Misery of Ransomware Hits Hospitals the Hardest
Despite hospitals being on the front lines during the pandemic, bad actors have continued to target them with ransomware. In addition to wreaking havoc on operational processes in medical facilities at the worst possible time, the attacks have evolved to threaten patient safety. In September,...
Minecraft Apps on Google Play Fleece Players Out of Big Money
Fans of the popular Minecraft video game are in the crosshairs of cybercriminals, who have loaded up Google Play with scam apps bent on fleecing players out of cash. According to researchers, the mobile apps for Android fool users into spending hundreds of dollars per month, by offering skins,...
Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws
Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. The vulnerabilities could be exploited to execute arbitrary code on affected products. These critical flaws include a heap-based buffer...
Authentication Bug Opens Android Smart-TV Box to Data Theft
A critical bug in the Hindotech HK1 TV Box would allow root-privilege escalation thanks to improper access control. A successful exploit would allow attackers to steal social-networking account tokens, Wi-Fi passwords, cookies, saved passwords, user-location data, message history, emails, contact...
Office 365: A Favorite for Cyberattack Persistence
Threat actors are consistently leveraging legitimate services and tools from within Microsoft Office 365 to pilfer sensitive data and launch phishing, ransomware, and other attacks across corporate networks from a persistent position inside the cloud-based suite, new research has found. Office 36...
Grindr's Bug Bounty Pledge Doesn't Translate to Security
SAS@Home 2020– After a Grindr security flaw was disclosed this week, the dating site promised it would launch a bug-bounty program in an effort to “keep its service secure.” But Katie Moussouris, CEO of Luta Security and a bug bounty program expert, warned at this week’s SAS@home virtual event th...
COVID-19 Clinical Trials Slowed After Ransomware Attack
A ransomware attack has hit eResearchTechnology, a medical software company that supplies pharma companies with tools for conducting clinical trials – including trials for COVID-19 vaccines. The attackers could be financially motivated — or could be backed by a nation-state looking to gain...
Why Web Browser Padlocks Shouldn't Be Trusted
For years, Apple, Firefox, Google and Microsoft relentlessly made the point that in order to avoid rogue sites you must make sure your browser “padlock” is either locked, green or is otherwise indicating a site as being “secure.” Now, cybersecurity firms are stressing that those padlocks are not...
Free Apple iPhone 12? Chatbot Phish Spreads Via Texts
A mobile phishing campaign is spreading via text messages purporting to come from an Apple chatbot – and offering “free trials” of iPhone 12. The iPhone 12 is due to be released in October, and the buzz is high for Appleheads who are anxiously awaiting the launch. Cybercriminals are taking...
SecOps Teams Wrestle with Manual Processes, HR Gaps
Only about half of enterprises are satisfied with their ability to detect cybersecurity threats, according to a survey from Forrester Consulting – with respondents painting a picture of major resource and technology gaps hamstringing their efforts to block cyberattacks. According to the...
The Enemy Within: How Insider Threats Are Changing
Insider threats are ramping up – with new kinds of concerns in this category beginning to emerge. This is happening against a heady backdrop: Makeshift home offices, a cavalcade of new distractions and a tectonic shift to the cloud have recently collided to create an entirely new world for...
Smartwatch Hack Could Trick Dementia Patients into Overdosing
Researchers are warning vulnerabilities in a smartwatch application for dementia patients could allow an attacker to convince patients to overdose. The vulnerabilities stem from the SETracker application, which is developed by Chinese developer 3G Electronics based out of Shenzhen City. The app,...
Notorious Hacker 'Fxmsp' Outed After Widespread Access-Dealing
“Fxmsp,” a notorious hacker who made headlines last year for allegedly stealing and selling source code and customer access from McAfee, Symantec and Trend Micro, has been outed. He’s a Kazakh national named Andrey Turchin, and according to unsealed court documents, he faces hacking charges datin...
Anubis Malware Upgrade Logs When Victims Look at Their Screens
The Anubis malware, which threat actors use to persistently attack Google’s Android-based smartphones, is set to evolve once again, this time adding a feature that allows the malware to identify if a victim is looking at his or her screen. The new feature is one of several that haven’t been...
New Android Malware Targets PayPal, CapitalOne App Users
An Android mobile malware has been uncovered that steals payment data from users of popular financial apps like PayPal, Barclays, CapitalOne and more. The infostealer, called EventBot, has targeted users of more than 200 different banking, money-transfer services and general cryptocurrency wallet...
‘Black Rose Lucy’ is Back, Now Pushing Ransomware
Cybercriminals behind the Android-based dropper malware Black Rose Lucy have shifted attacks from info-stealing to ransomware – with a sextortion twist. The malware family, operated by the Lucy Gang, encrypts targeted Android devices and delivers a spoofed FBI message. The ransom note claims the...
Privacy Experts Skeptical of Proposed Data Protection Agency
A new federal bureaucracy, the Data Protection Agency DPA, has been proposed to completely revamp how the U.S. government regulates data collection and misuse by big tech companies. However, while privacy experts call the agency a “good first step,” they remain skeptical about how effective it...
Google Sets Record High in Bug-Bounty Payouts
Google paid out $6.5 million in bug-bounty rewards in 2019, which doubles the internet behemoth’s previous annual top total. It has also highlighted additional bonuses that are now in effect for Chrome and Android. Last year saw some notable changes for Google’s Vulnerability Reward Programs VRPs...
Google Account Security Keys Launch for iPhone
Google has extended its Advanced Protection Program for account security to the iPhone platform, aimed at those that are the most-targeted by cybercriminals: Members of political campaign teams, journalists, activists, executives, employees in regulated industries such as finance or government, a...
4 Ring Employees Fired For Spying on Customers
Smart doorbell company Ring said that it has fired four employees over the past four years for inappropriately accessing customer video footage. The disclosure comes in a recent letter to senators in response to a November inquiry into the company’s data policies from Amazon-owned Ring as it...
Pwn2Own Expands Into Industrial Control Systems Hacking
Industrial control systems ICS used to manage critical infrastructure and manufacturing will be the main target in next year’s popular Pwn2Own’s annual hacking competition. Over the past few years, Pwn2Own – a hacking contest that draws in white-hat hackers looking for fame and fortune through...
2019 and Beyond: The (Expanded) RSAC Advisory Board Weighs in on What’s Next: Pt. 2
Our first 2019 predictions post from the RSA Conference Advisory Board was not all sunshine and roses — cautious optimism was tabled by the acknowledged distance we must still travel as an industry — and our second set of predictions does not belie that theme. This trepidation does not mean we’re...
Microsoft IE Zero Day Gets Emergency Patch
Microsoft patched a zero-day vulnerability in its Internet Explorer browser that is actively being exploited by attackers. The bug, reported by Google, is a remote code execution vulnerability that allowed attackers to infiltrate vulnerable systems via a booby trapped website that could have...
D-Link Patches RCE Bugs in Wireless Access Point Gear
Four vulnerabilities were disclosed in D-Link’s software controller tool used in its enterprise-class wireless network access points. The disclosure, made on Thursday, also included two vulnerabilities that enabled attackers to remotely execute code with system permissions. The flaws were...
Bluetooth Bug Allows Man-in-the-Middle Attacks on Phones, Laptops
A slew of vendors that have built Bluetooth pairing into their devices without requiring public key validation are issuing fixes for their products. Researchers at the Israel Institute of Technology have identified a cryptography-related security vulnerability CVE-2018-5383 in the Bluetooth...
June Patch Tuesday: Microsoft Issues Critical Fixes for DNS, Cortana
Microsoft has fixed 11 critical bugs in its June Patch Tuesday update, including a Windows DNS-related remote code execution flaw. It also patched an easily exploitable problem in the Cortana voice engine. One of the most serious issues is a critical remote code execution vulnerability...
Researchers Hacked Amazon’s Alexa to Spy On Users, Again
A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices – and automatically transcribe every word said. Checkmarx researchers told Threatpost that they created a proof-of-concept Alexa Skill that abuses...
Bugs in Arris Modems Distributed by AT&T Vulnerable to Trivial Attacks
Trivially exploitable vulnerabilities have been discovered in several Arris home modems, routers and gateways distributed to consumers and small businesses through AT&T’s U-verse service. It’s unknown yet whether the firmware vulnerabilities were introduced by the OEM or the ISP since AT&T seems ...
Novel Attack Tricks Servers to Cache And Expose Personal Data
LAS VEGAS—Researcher Omer Gil has devised a way to trick a web server into caching pages and exposing personal data. The so-called web caching attack targets sites that use content delivery network CDN services such as Akamai and Cloudflare. These services act as traffic load balancers and revers...
Nigerian BEC Scams Hit 500 Companies in 50 Countries
Nigerian cybercriminals targeting industrial firms have stolen a slew of sensitive technical drawings, network diagrams, cost estimates, and project plans already this year. The data, exfiltrated by a cocktail of different spyware programs, wasn’t stolen from just executives, but also operators,...
Mozilla Fixes 32 Vulnerabilities in Firefox 54
Mozilla fixed 32 vulnerabilities, including a critical bug that could have resulted in a crash, with the release Tuesday of Firefox 54, the latest version of its flagship browser. The critical bug, a use-after-free vulnerability, was dug up by longtime bug hunter Nils. The vulnerability...
Apple Patches Pwn2Own Vulnerabilities in Safari, macOS, iOS
Apple fixed 66 vulnerabilities across seven product lines, including Safari, iTunes, macOS, and iOS, on Monday. Many of the fixes – especially in macOS and Safari – resolve vulnerabilities uncovered at Pwn2Own, the hacking contest held at CanSecWest each year. Contestants collectively earned...
Apple Patches iTunes, iCloud for Windows, Xcode Server
Apple’s iTunes and iCloud software for Windows PCs received updates on Thursday for vulnerabilities that could allow for the disclosure of personal information and arbitrary code execution. In addition to the Windows fixes, Apple also alerted Mac and iOS app developers to nearly a dozen security...
Cisco Warns of IOS Flaw Vulnerable to ShadowBrokers Attack
Cisco is warning its customers of new activity around the ShadowBrokers data dump, indicating that all versions of its IOS, IOS XE and IOS XR software are vulnerable to one of the many exploits released more than a month ago. “Cisco Product Security Incident Response Team PSIRT is aware of...
HA-CFI Technique Checks Mitigation Bypasses Earlier
LAS VEGAS — It wasn’t long ago that ROP, or return-oriented programming, was a hacker’s best friend when it came to bypassing mitigations against memory-based attacks such as DEP and ASLR. ROP, however, is so 2005. In the last couple of years, researchers and attackers have figured out how to...