Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2016/02/15 11:0 a.m.43 views

VMware vCenter Server Patch Reissue

VMware on Saturday reissued a patch from October that incompletely addressed a critically rated remote code execution vulnerability in vCenter Server. The original vulnerability, CVE-2015-2342, was a poorly configured JMX RMI service in vCenter Server that was remotely accessible. The flaw allowe...

10CVSS3.2AI score0.89048EPSS
Exploits2References3
ThreatPost
ThreatPost
added 2015/12/08 11:21 a.m.43 views

December 2015 Android Over-the-Air Nexus Security Update

Google has patched another critical Android vulnerability in Mediaserver, which has been maligned since this summer’s barrage of patches for the Stagefright vulnerability, along with a critical rooting vulnerability in the mobile operating system’s kernel. In all, 19 vulnerabilities were patched ...

9.3CVSS0.9AI score0.0227EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2015/06/11 1:48 p.m.43 views

OpenSSL Patches Five Flaws, Adds Protection Against Logjam Attack

The OpenSSL project has patched several moderate- and low-severity security vulnerabilities and also has added protection against the Logjam attack in new releases of the software. Most of the vulnerabilities fixed in the new releases are denial-of-service bugs, but one of them can potentially...

4.3CVSS0.5AI score0.9986EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2015/05/18 3:3 p.m.43 views

APT Group Embeds C&C Data on TechNet Pages

The so-called Deputy Dog APT group has surfaced again with a means of keeping its command and control servers under wraps that involves Microsoft’s TechNet online resources. New research published last week by Microsoft and FireEye revealed targeted attacks against organizations have been...

9.3CVSS0.2AI score0.8593EPSS
Exploits18References4
ThreatPost
ThreatPost
added 2015/03/26 2:50 p.m.43 views

AntLabs InnGate security vulnerability patch

ANTLabs today is expected to roll out patches for a vulnerability in its InnGate Internet gateways that are popular in hospitality and convention locations. The gateways provide temporary Internet access to hotel guests or conference attendees using kiosks, for example. The vulnerability...

10CVSS1.3AI score0.0559EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2013/12/17 11:45 a.m.43 views

Apple Fixes Security in WebKit, SAfari

Apple updated its Mac OS X Mavericks platform yesterday with a number of security fixes for the Safari browser and WebKit layout engine. The operating system update will move users to OS X Mavericks version 10.9.1. It appears that the broad operating system release is merely a repackaging of a...

7.5CVSS1.5AI score0.02259EPSS
Exploits3References2
ThreatPost
ThreatPost
added 2013/05/20 2:47 p.m.43 views

Safe Targeted Espionage Campaign Borrows from Cybercriminals

More and more, we’re hearing about a crossing of the streams, if you will, between cybercrime and state-sponsored attackers. Elements of malware, code persistence and distribution techniques are bleeding over between one realm of hacking into the other as each side tries to fill gaps in their...

9.3CVSS6.9AI score0.99966EPSS
Exploits12References2
ThreatPost
ThreatPost
added 2013/04/24 10:0 a.m.43 views

Microsoft Releases Updated MS13-036 Patch

Microsoft has released a new version of the MS13-036 patch that was causing some customers’ machines to crash. The company had recommended in the days after the original fix was first released that customers uninstall the MS13-036 patch while Microsoft investigated the cause of the problems. The...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2013/02/01 3:42 a.m.43 views

Yahoo Mail Breach Linked to Old WordPress Vulnerability

Researchers at Australia-based BitDefender say they’ve found how some Yahoo Mail accounts are being hijacked, and it leads back to “buggy” blog software Yahoo’s developers used. For about a month Yahoo Mail account holders have been falling for a scam in which they click on a short link that...

4.3CVSS6AI score0.09088EPSS
Exploits10References2
ThreatPost
ThreatPost
added 2012/04/05 6:42 p.m.43 views

Google Patches 12 Flaws in Chrome

Google has 12 vulnerabilities in Chrome, including seven high-risk flaws. The new release of Chrome also includes an updated version of the Adobe Flash player. This is the second update for Chrome in the last few days from Google. The company updates its browser on a rolling basis, pushing out a...

7.5CVSS9.8AI score0.02106EPSS
Exploits10
ThreatPost
ThreatPost
added 2011/10/04 7:0 p.m.43 views

Google Fixes Seven Flaws in New Chrome 14 Release

Google has fixed seven security vulnerabilities in its Chrome browser with a new release on Tuesday. Six of the bugs fixed in Chrome are rated high, with just one listed as critical. The company paid out $10,000 in bounties for the bugs it fixed in this release. In addition to the security fixes,...

9.3CVSS1.2AI score0.01353EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2010/11/08 3:26 p.m.43 views

Researcher Publishes Android Browser Exploit

UPDATE: A researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google’s Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises. Researcher MJ Keith published a Rever...

9.3CVSS9AI score0.61319EPSS
Exploits13References7
ThreatPost
ThreatPost
added 2010/06/08 10:56 a.m.43 views

Adobe to Release Flash Patch June 10

Adobe said on Monday that it will have a patch available for the newly discovered critical vulnerability in Flash ready by June 10 for most platforms. The patches for Adobe Reader and Acrobat, which also are affected by the flaw, won’t be released until June 29. The new flaw was discovered late...

9.3CVSS7.9AI score0.82365EPSS
Exploits22References5
ThreatPost
ThreatPost
added 2010/06/05 3:10 a.m.43 views

Adobe Warns of Flash, PDF Zero Day Attack

Adobe issued an alert late Friday night to warn about zero-day attacks against an unpatched vulnerability in its Reader and Flash Player software products. The vulnerability, described as critical, affects Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris...

9.3CVSS0.8AI score0.82365EPSS
Exploits22References2
ThreatPost
ThreatPost
added 2022/08/11 3:14 p.m.42 views

New Hacker Forum Takes Pro-Ukraine Stance

A new hacker forum is taking a unique political stance to support Ukraine in its war with Russia, entertaining only topics and threat activity focused against Russia and Belarus, researchers have found. The Russian-language site, DUMPS Forum, has been around since late May, and at first glance...

6.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/08/01 1:29 p.m.42 views

Securing Your Move to the Hybrid Cloud

Infosec Insider contributor Rani Osnat is SVP Strategy at Aqua Security The combination of private and public cloud infrastructure, which most organizations are already using, poses unique security challenges. There are many reasons why organizations adopt the public cloud — from enabling rapid...

6.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/07/12 11:43 a.m.42 views

‘Callback’ Phishing Campaign Impersonates Security Firms

A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2022/05/30 2:53 p.m.42 views

Zero-Day ‘Follina’ Bug Lays Microsoft Office Open to Attack

UPDATE A zero-day vulnerability in Microsoft Office allows adversaries to run malicious code on targeted systems via a flaw a remote Word template feature. The warning comes from Japanese security vendor Nao Sec, which tweeted a warning about the zero day over the weekend. It’s unclear if the...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2022/05/20 12:42 p.m.42 views

Closing the Gap Between Application Security and Observability

Infosec Insiders columnist Daniel Kaar, global director application security engineering at Dynatrace. When it’s all said and done, application security pros may come to look upon the Log4Shell vulnerability as a gift. Potentially one of the most devastating software flaws ever found, Log4Shell...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/01/19 1:36 p.m.42 views

Beijing Olympics App Flaws Allow Man-in-the-Middle Attacks

The mobile app that all attendees and athletes of the upcoming Beijing Winter Olympics must use to manage communications and documentation at the event has a “devastating” flaw in the way it encrypts data that can allow for man-in-the-middle attacks that access sensitive user information,...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/11/22 10:3 p.m.42 views

GoDaddy’s Latest Breach Affects 1.2M Customers

Web-hosting giant GoDaddy has confirmed another data breach, this time affecting at least 1.2 million of its customers. On Monday, the world’s largest domain registrar said in a public filing to the SEC that an “unauthorized third party” managed to infiltrate its systems on Sept. 6 – and that the...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/10/19 1:21 p.m.42 views

Feds Warn BlackMatter Ransomware Gang is Poised to Strike

Federal authorities are warning businesses to shore up cybersecurity defenses as it carefully monitors the reemergence of the DarkSide ransomware gang, believed responsible for the crippling Colonial Pipeline attack in May 2021. The ransomware-as-a-service gang has regrouped under the moniker...

7.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/09/29 11:10 p.m.42 views

Keep Attackers Out of VPNs: NSA, CISA Offer Guidance

Unsecured VPNs can be a hot mess: Just ask Colonial Pipeline which got pwned by the REvil ransomware crooks with an old VPN password or the 87,000 at least Fortinet customers whose credentials for unpatched SSL-VPNs were posted online earlier this month. Vulnerabilities in VPN servers are like...

7.6AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/09/20 1:0 p.m.42 views

Bring Your APIs Out of the Shadows to Protect Your Business

Pankaj Gupta, Senior Director, Citrix APIs are immensely more complex to secure. What was previously one request to one server has become dozens or hundreds of requests to dozens or hundreds of entities. In the past, you defended one large application with a single front door. Now you must defend...

10CVSS8.6AI score0.11084EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2021/08/19 4:38 p.m.42 views

COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate

This week, the Indiana Department of Health issued a notice that the state’s COVID-19 contact-tracing system had been exposed via a cloud misconfiguration, revealing names, emails, gender, ethnicity, race and dates of birth of more than 750,000 people. The incident shows that COVID-19 data could ...

6.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/08/11 7:17 p.m.42 views

NSA Watchdog Will Review Tucker Carlson Spy Claims

The National Security Agency’s Inspector General Robert Storch has announced a review of whether the agency illegally conducted cyber-espionage and collected the electronic communications of Fox News opinion-show host Tucker Carlson, who has accused the NSA of trying to capture embarrassing...

6.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/30 4:28 p.m.42 views

Why MTTR is Bad for SecOps

Mean time to resolution MTTR is a commonly used metric in the security industry. While it has utility to a business’s risk function, it does not belong in security operations SecOps. First, let us level-set on what reporting is versus metrics. Reporting measures activity and does not drive specif...

7.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/06/25 3:50 p.m.42 views

My Book Live Users Wake Up to Wiped Devices

If you haven’t already, stop reading and go yank your My Book Live storage device offline, lest you join the ranks of those who woke up on Thursday to find that years of data had been wiped clean on devices around the world. Western Digital’s My Book storage device is designed for consumers and...

7.1AI score
Exploits0References14
ThreatPost
ThreatPost
added 2021/06/18 3:35 p.m.42 views

What’s Making Your Company a Ransomware Sitting Duck

They thought they were all set. They patched the Exchange Server. They ran Microsoft’s testing script to find out whether the server had been exploited. Nope, the test concluded, you’re clean as a whistle. So how did this unnamed organization wind up having been exploited via ProxyLogon? “It turn...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/06/15 5:5 p.m.42 views

Malicious PDFs Flood the Web, Lead to Password-Snarfing

The pushers behind the SolarMarker backdoor malware are flooding the web with PDFs stuffed with keywords and links that redirect to the password-stealing, credential-snarfing malware. Microsoft Security Intelligence said in a Tweet on Friday that the SolarMarker also known as Jupyter makers are...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/06/02 8:29 p.m.42 views

Effective Adoption of SASE in 2021

Think back to mid-2019: People had already been moving to the cloud, having talked about digital transformation for years. Then, March 2020 shoved transformation into hyperdrive: Suddenly, there was a mass exodus from the office, and everybody was working from home. That’s when the old ways of...

7.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/05/11 3:34 p.m.42 views

200K Veterans’ Med Records May Have Been Stolen by Ransomware Gang

UPDATE A database filled with the medical records of nearly 200,000 U.S. military veterans was exposed online by a vendor working for the Veterans Administration, according to an analyst, who also presented evidence the data might have been exfiltrated by ransomware attackers. The VA for it’s par...

5.8AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/04/29 10:44 p.m.42 views

Babuk Ransomware Gang Mulls Retirement

Just a few days after hackers bragged about purportedly raiding the computer systems of the Washington D.C. Metropolitan Police Department MPD and doxxing what looked like its data, the Babuk ransomware-as-a-service RaaS gang prepared a goodbye note saying that they’re hanging up its spurs...

6.7AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/04/13 8:24 p.m.42 views

COVID-Related Threats, PowerShell Attacks Lead Malware Surge

Surging numbers of COVID-themed attacks, PowerShell trojans, along with the SolarWinds compromise and the continued spread of Sunburst malware were major contributors to a massive spike in the number of observed attacks in the wild during the last half of 2020, which McAfee’s said averaged 588...

0.9AI score
Exploits0References15
ThreatPost
ThreatPost
added 2021/03/23 7:50 p.m.42 views

MangaDex Site Offline Following Hacking Incident

MangaDex, the online repository of manga animation comics, will be closed until further notice following a hacking incident. Last week, the site reported that a cyberattacker had gained access to an administrative account, “through the reuse of a session token found in an old database leak throug...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/03/23 4:39 p.m.42 views

Podcast: Microsoft Exchange Server Attack Onslaught Continues

Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed. Derek Manky Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, said that last week researcher...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/02/26 1:36 p.m.42 views

Podcast: Ransomware Attacks Exploded in Q4 2020

Ransomware attacks continue to plague companies, with researchers from Fortinet’s Fortiguard Labs saying they saw an explosion in ransomware activity towards the end of the fourth quarter of 2020. Derek Manky According to Fortinet’s new “FortiGuard Labs Threat Report: Disruption Key Threat Trend ...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/02/10 9:20 p.m.42 views

Hacker Sets Alleged Auction for Witcher 3 Source Code

The ransomware gang behind an attack on videogame developer CD Projekt Red may have made good on its promise to auction off the company’s data – including source code for Cyberpunk 2077 and an unreleased version of the Witcher 3. Or it may not have. The Twitter account @vxunderground, which bills...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/02/01 9:12 p.m.42 views

SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat

Members of Congress are demanding the U.S. National Security Agency NSA reveal what it knows about the 2015 Juniper Networks supply-chain delivery breach. In a letter sent by U.S. Senator Ron Wyden and nine additional members of Congress, the lawmakers demand a full account of the NSA-designed...

0.2AI score
Exploits0References21
ThreatPost
ThreatPost
added 2021/01/11 9:54 p.m.42 views

Millions of Social Profiles Leaked by Chinese Data-Scrapers

More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere. The leak stems from a misconfigured ElasticSearch database owned...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/01/11 5:53 p.m.42 views

SolarWinds Hack Potentially Linked to Turla APT

New details on the Sunburst backdoor used in the sprawling SolarWinds supply-chain attack potentially link it to previously known activity by the Turla advanced persistent threat APT group. Researchers at Kaspersky have uncovered several code similarities between Sunburst and the Kazuar backdoor...

7.3AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/12/29 4:30 p.m.42 views

6 Questions Attackers Ask Before Choosing an Asset to Exploit

In the past decade or so, we’ve seen a massive shift toward the cloud. The COVID-19 pandemic and associated pivot to remote work has only accelerated this cloud trend, forcing blue-teamers to be more agile to protect their attack surfaces. While defenders are adapting to support cloud-based...

7.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/12/16 5:5 p.m.42 views

The SolarWinds Perfect Storm: Default Password, Access Sales and More

SECOND UPDATE A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week. Researchers said that includes its use of a default password “SolarWinds123” that gave attackers an open door into its...

7.5AI score
Exploits0References19
ThreatPost
ThreatPost
added 2020/12/01 7:35 p.m.42 views

Cayman Islands Bank Records Exposed in Open Azure Blob

A Cayman Island investment firm has removed years of backups, which up until recently were easily available online thanks to a misconfigured Microsoft Azure blob. The blob’s single URL led to vast stores of files including personal banking information, passport data and even online banking PINs —...

6.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/19 4:50 p.m.42 views

IoT Cybersecurity Improvement Act Passed, Heads to President's Desk

Security experts are applauding the recent stamp of approval by the U.S. Senate on a groundbreaking internet-of-things IoT security regulatory effort. The IoT Cybersecurity Improvement Act, which was led in bipartisan sponsorship by Reps. Will Hurd R-Texas and Robin Kelly D-Ill., would require th...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/11/13 5:4 p.m.42 views

Ticketmaster Scores Hefty Fine Over 2018 Data Breach

Ticketmaster’s UK division has been slapped with a $1.65 million fine by the Information Commissioner’s Office ICO in the UK, over its 2018 data breach that impacted 9.4 million customers. The fine £1.25million has been levied after the ICO found that the company “failed to put appropriate securi...

0.6AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/11/03 7:18 p.m.42 views

APT Groups Finding Success with Mix of Old and New Tools

Advanced persistent threat APT groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success. That’s according to Kaspersky’s most recent APT trends report for Q3 2020, which found that...

7.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/10/20 10:48 a.m.42 views

Google’s Waze Can Allow Hackers to Identify and Track Users

A security researcher has discovered a vulnerability in Google’s Waze app that can allow hackers to identify people using the popular navigation app and track them by their location. Security DevOps engineer Peter Gasper discovered an API flaw in the navigation software that allowed him to track...

1.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/10/08 7:46 p.m.42 views

RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims

Researchers with White Ops have uncovered a scam to deliver millions of out-of-context OOC ads through a group of more than 240 Android applications on the official Google Play store, which the team said were collectively delivering more than 15 million impressions per day at their peak. The apps...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/09/16 8:1 p.m.42 views

Hackers Continue Cyberattacks Against Vatican, Catholic Orgs

A state-sponsored threat group linked to China has been engaged in a five-month long cyberattack against the Vatican and other Catholic Church-related organizations. Attacks have come in the form of spear phishing emails laced with the PlugX remote access tool RAT as the payload. Researchers with...

7.3AI score
Exploits0References9
Total number of security vulnerabilities5000