Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/09/14 4:23 p.m.42 views

TikTok Fixes Flaws That Opened Android App to Compromise

Researchers have disclosed four high-severity flaws in the Android version of TikTok that could have easily been exploited by a seemingly benign third-party Android app. If successful, an attacker could fully compromise the target’s TikTok account. Public disclosure of the vulnerabilities was...

7.5AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/09/02 8:57 p.m.42 views

BEC Wire Transfers Average $80K Per Attack

The average wire-transfer loss from business email compromise BEC attacks is significantly on the rise: In the second quarter of 2020 the average was $80,183, up from $54,000 in the first quarter. That’s according to the recently released Anti-Phishing Working Group APWG’s Phishing Activity Trend...

Exploits0References8
ThreatPost
ThreatPost
added 2020/08/17 5:43 p.m.42 views

Jack Daniels, Ritz London Face Cyberattacks

A pair of cyberattacks on high-profile targets – the owner of the Jack Daniels distillery and the iconic Ritz London hotel – have resulted in the exposure of sensitive information. The maker behind Jack Daniels and other alcoholic beverages, Brown-Forman Corp., has suffered a recent cyberattack b...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/08/17 4:7 p.m.42 views

Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts

Canadian authorities said almost 15,000 online accounts for various government services have been targeted in three recent waves of credential-stuffing attacks. These accounts could give attackers access to Canadians’ tax-related and benefits information, coronavirus relief fund money and more...

1.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/08/10 9:31 p.m.42 views

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

After Google Home users started receiving mysterious alerts when their fire alarms went off or their plates smashed in their homes, Google acknowledged that it accidentally rolled out a feature causing the smart devices to record sounds without the voice prompt. Reports of the privacy faux pas...

7.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/07/31 1:21 p.m.42 views

Twitter: Epic Account Hack Caused by Mobile Spearphishing Scam

A mobile spearphishing attack targeting “a small number of employees” is what led to the unprecedented, major attack earlier in the month on high-profile Twitter accounts to push out a Bitcoin scam. The company posted an update late Thursday on the situation, which has been unfolding since July 1...

0.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/07/22 4:14 p.m.42 views

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

In this in-depth Threatpost podcast Christoph Hebeisen, who leads the Security Intelligence Research Division at Lookout, shares a behind-the-scenes look at how his team discovered and tracked three never-before-seen surveillanceware tools, dubbed SilkBean, GoldenEagle and CarbonSteal. Hebeisen...

7.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/07/13 4:1 p.m.42 views

Secret Service Creates Cyber Fraud Task Forces

The U.S. Secret Service has created the Cyber Fraud Task Forces CFTFs, aimed at preventing, detecting and mitigating complex cyber-enabled financial crime – including making arrests and convictions. The CFTF is the result of a formal merging of two of the Secret Service’s existing units into a...

Exploits0References6
ThreatPost
ThreatPost
added 2020/07/06 2:7 p.m.42 views

Email Sender Identity is Key to Solving the Phishing Crisis

Email is in crisis. Despite massive advancements in perimeter and endpoint defenses, email remains a cybersecurity weak link for many companies. Why? Email is at the heart of everything we do online. It’s an essential line of communication for one-on-one and group conversations, both...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/06/22 9:31 p.m.42 views

Report: ‘BlueLeaks’ Exposes Sensitive Data From Police Departments

Thousands of sensitive police department files – including police and FBI reports – were published on Friday by DDoSecrets Distributed Denial of Secrets, a self-proclaimed “transparency collective” that publishes covert data. The almost 270 gigabytes of data, dubbed “BlueLeaks,” is reportedly fro...

7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/16 4:54 p.m.42 views

Theft of CIA's 'Vault 7' Secrets Tied to 'Woefully Lax" Security

A just-released report on the 2016 Central Intelligence Agency CIA data breach, which led to the Vault 7 document dump on WikiLeaks, blames “woefully lax” security by the nation’s top spy agency. The conclusions were part of an internal 2017 Department of Justice DoJ report on the CIA breach. On...

7AI score
Exploits0References17
ThreatPost
ThreatPost
added 2020/06/15 1:0 p.m.42 views

Protecting Unmanaged & IoT Devices: Why Traditional Security Tools Fail

We are currently experiencing the single largest explosion of network-enabled devices that we’ve ever witnessed. Many of these devices are running on the same networks as critical business solutions and may even be connecting directly to critical assets or delivering a critical capability...

0.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/06/12 4:15 p.m.42 views

Android 'ActionSpy' Malware Targets Turkic Minority Group

Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. The spyware is distributed either via watering-hole websites or fake websites. Researchers believe ActionSpy is being used in ongoing campaigns to target Uyghur victims. The...

0.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/06/08 3:16 p.m.42 views

Phishing Attack Hits German Coronavirus Task Force

Researchers are warning of an ongoing phishing attack that’s targeting the credentials of more than 100 high-profile executives at a German multinational corporation that’s tasked with procuring coronavirus medical gear for Germany. The company, left unnamed by researchers, is part of a task forc...

0.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/05/26 12:10 p.m.42 views

New iOS Jailbreak Tool Works on iPhone Models iOS 11 to iOS 13.5

A hacker team has released a new method to jailbreak iPhones that they claim uses a zero-day exploit that allows them to jailbreak iPhones running iOS 11 through Apple’s most recent version of its mobile operating system – iOS 13.5. Calling it a “big milestone for jailbreaking,” one of its...

6.9AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/20 1:27 p.m.42 views

New Mirai Variant 'Mukashi' Targets Zyxel NAS Devices

Another variant of the shape-shifting Mirai botnet is attacking Zyxel network-attached storage NAS devices using a critical vulnerability that was only recently discovered, according to security researchers. The variant, dubbed Mukashi, takes advantage of a pre-authentication command injection...

10CVSS10AI score0.99988EPSS
Exploits2References22
ThreatPost
ThreatPost
added 2020/03/18 1:28 p.m.42 views

Authorities Eye Using Mobile Phone Tracking COVID-19's Spread

Authorities in the United States and Israel are eyeing ways to use mobile-phone and other location-based data to help control the spread of the new coronavirus COVID-19, raising serious privacy concerns about the practice of using and sharing people’s personal data during the time of a global...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/03/17 9:55 p.m.42 views

A COVID-19 Cybersecurity Poll: Securing a Remote Workforce

As the coronavirus pandemic continues to sweep the globe, and cities and states impose social-distancing measures, businesses are sending their users home to work. And this massive, unprecedented shift to distance working brings with it a whole new set of cybersecurity challenges. For instance, a...

7.3AI score
Exploits0References20
ThreatPost
ThreatPost
added 2020/03/11 7:28 p.m.42 views

Phishing Attack Skirts Detection With YouTube

Researchers are warning of an increase in phishing emails that use YouTube redirect links, which help attackers skirt traditional defense measures. If certain malicious URLs are blocked by web browser phishing filters, attackers commonly use a redirector URL to bypass these filters and redirect t...

7.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/05 8:42 p.m.42 views

Zynga Faces Lawsuit Over Massive Words with Friends Breach

Mobile game developer Zynga could face a class-action lawsuit stemming from a massive data breach last September, which impacted 218 million users of the Words with Friends mobile app. The news comes as other big names face security incidents: T-Mobile and Carnival Cruise Lines have admitted this...

7.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/03 2:0 p.m.42 views

Download Guide: Advanced Threat Protection Beyond the AV

At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment. The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutio...

7.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/02/18 8:9 p.m.42 views

Ring Mandates 2FA After Rash of Hacks

Connected doorbell-maker Ring is now requiring two-factor authentication 2FA for all users when they sign into their accounts. The new requirement comes after Ring faced a backlash in December following a rash of disturbing hacks and security issues tied to the smart doorbell. While Amazon-owned...

Exploits0References11
ThreatPost
ThreatPost
added 2020/02/06 6:16 p.m.42 views

Metamorfo Returns with Keylogger Trick to Target Financial Firms

Researchers have discovered a recent spate of phishing emails spreading a new variant of Metamorfo, a financial malware known for targeting Brazilian companies. Now, however, it’s expanding its geographic range and adding a new technique. Metamorfo was first discovered in April 2018, in various...

1.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/27 2:0 p.m.42 views

Podcast: The Roadblocks and Opportunities For Women in Cybersecurity

In 2019, diversity in the cybersecurity was thrust to the forefront with recognition from both vendors and experts. The tech industry is facing challenges around diversity in general, but women are particularly underrepresented. And with an estimated 3.5 million jobs are expected to remain unfill...

6.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/23 2:0 p.m.42 views

Podcast: What We've Learned from the Year of the Breach

This podcast is sponsored by Arctic Wolf. Large-scale data breaches hitting organizations like Capital One and Georgia Tech in 2019 show that companies continue to be targeted in malicious cyberattacks that expose customers’ personal data and valuable records. Threatpost host Cody Hackett sat dow...

0.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/12/11 6:52 p.m.42 views

Signal Tests Upgraded Cryptography for Groups Function

Signal, the encrypted messaging platform, is planning to launch an upgraded secure group messaging and communities function. Signal’s groups are private, meaning that the service itself doesn’t keep a record of a user’s group memberships, group titles, group avatars or group attributes. But the w...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/10/10 1:1 p.m.42 views

CISO and Security Vendor Relationships are Good for a Laugh in New Comic Videos

It’s not easy being a CISO. One could say “intense” might be the perfect descriptor for the CISO work environment. Tasked with the unenviable job of keeping the organization safe, carrying the burden of failed protection and taking hits for successful breaches, CISOs can never rest. They are...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/04/22 3:28 p.m.42 views

France's 'Secure' Telegram Replacement Hacked in an Hour

The French Government last week launched a custom messaging application called Tchap, touting it as being “more secure than Telegram.” One small snag however: The platform has already – quelle dommage! – been hacked. French security researcher Robert Baptiste, a.k.a. Elliot Alderson, downloaded t...

7.7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/01/08 8:49 p.m.42 views

Microsoft Issues Multiple Critical Patches for Edge Browser

Microsoft patched a bevy of critical bugs impacting its Edge browser that could allow an attacker to hijack a targeted PC simply by steering a victim to a rigged website harboring specially crafted exploit code. In all, Microsoft tackled four critical Edge vulnerabilities, part of the company’s...

9.3CVSS0.8AI score0.82902EPSS
Exploits17References12
ThreatPost
ThreatPost
added 2018/12/11 5:42 p.m.42 views

Adobe December 2018 Security Update Fixes Reader, Acrobat

Adobe has patched 87 vulnerabilities for Acrobat and Reader in its December Patch Tuesday update, including a slew of critical flaws that would allow arbitrary code-execution. The scheduled update comes less than a week after Adobe released several out-of-band fixes for Flash Player, including a...

10CVSS0.2AI score0.81971EPSS
Exploits13References4
ThreatPost
ThreatPost
added 2018/11/09 9:16 p.m.42 views

Recently-Patched Adobe ColdFusion Flaw Exploited By APT

An Adobe ColdFusion vulnerability, patched two months ago, was being exploited in the wild by a China-linked APT group, researchers found. The vulnerability, CVE-2018-15961, is a critical unrestricted file upload bug that could also lead to arbitrary code-execution, researchers at Volexity, who...

10CVSS10AI score0.9995EPSS
Exploits11References2
ThreatPost
ThreatPost
added 2018/10/16 5:0 p.m.42 views

In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack

A “critical water utility” has been targeted in a recent ransomware attack, significantly impeding its ability to provide service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority ONWASA said in a Monday release that a “sophisticated ransomwa...

7.2AI score
Exploits0References15
ThreatPost
ThreatPost
added 2017/10/03 1:16 p.m.42 views

Google Warns of DoS and RCE Bugs in Dnsmasq

Seven flaws in what is known as Dnsmasq can be exploited by attackers who can use the bugs to carry out remote code execution, information exposure or a denial of service attacks against affected devices. Google researchers identified the flaws in a research paper published Monday, the same day a...

7.8CVSS0.7AI score0.93307EPSS
Exploits32References14
ThreatPost
ThreatPost
added 2017/08/21 2:28 p.m.42 views

Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method

A group of researchers recently identified a real-time way to detect credential spearphishing attacks in enterprise settings. The discovery net the researchers $100,000 last week from Facebook, which awards money as part of its annual Internet Defense Prize partnership with USENIX Association. Th...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2017/05/09 9:12 a.m.42 views

Emergency Update Patches Zero Day in Microsoft Malware Protection Engine

Microsoft made quick work of what two prominent Google researchers called the worst Windows vulnerability in recent memory, releasing an emergency patch Monday night, 48 hours after Google’s private disclosure was made. The mystery Windows zero day CVE-2017-0290 was in the Microsoft Malware...

9.3CVSS0.8AI score0.77207EPSS
Exploits5References5
ThreatPost
ThreatPost
added 2017/05/04 12:46 p.m.42 views

Unpatched WordPress Password Reset Vulnerability Lingers

A zero-day vulnerability exists in WordPress Core that in some instances could allow an attacker to reset a user’s password and gain access to their account. Researcher Dawid Golunski of Legal Hackers disclosed the vulnerability on Wednesday via his new ExploitBox service. All versions of...

4.3CVSS7AI score0.26699EPSS
Exploits7References11
ThreatPost
ThreatPost
added 2017/04/25 12:36 p.m.42 views

ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs

Adobe today released an important security hotfix for several versions of its ColdFusion rapid web application development platform. The company said the update addresses an input validation vulnerability CVE-2017-3008 in the software that could be used in reflected cross-site scripting XSS...

4.3CVSS2.1AI score0.03094EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2016/06/28 12:29 p.m.42 views

Google Play Hit With Rash of Auto-Rooting Malware

Researchers have identified a recent wave of malware targeting the Google Play app marketplace that entices users to download utilities and games that when installed surreptitiously root devices. The exploit, which mobile security firm Lookout calls autorooting malware, gives attackers complete...

7.2CVSS0.5AI score0.37233EPSS
Exploits15References5
ThreatPost
ThreatPost
added 2016/05/13 1:24 p.m.42 views

Cerber Ransomware On The Rise, Fueled By Dridex Botnet

Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex...

10CVSS0.8AI score0.22487EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2016/05/12 12:55 p.m.42 views

Adobe Emergency Update Patches Flash Zero Day

As promised earlier this week, Adobe today released an updated version of Flash Player that includes a patch for a zero-day vulnerability. Adobe said it is aware of the existence of a public exploit for CVE-2016-4117, but said the flaw has not been publicly attacked. The vulnerability affects Fla...

10CVSS1.5AI score0.94354EPSS
Exploits6References4
ThreatPost
ThreatPost
added 2016/03/15 4:6 p.m.42 views

OpenSSH Implementations with X11Forwarding Enabled Should Heed Recent Security Update

Users who choose to enable X11Forwarding in OpenSSH, or those who use software products that re-enable it, should pay close attention to last Wednesday’s OpenSSH security update. The latest version of the open source implementation of the SSH protocol patches a flaw that exposes it to command...

5.5CVSS0.37016EPSS
Exploits13References2
ThreatPost
ThreatPost
added 2016/03/09 10:15 a.m.42 views

Google Updates Chrome, Fixes Three High Severity Issues

Google pushed out the latest version of its flagship browser Chrome on Tuesday, fixing three high severity bugs in the process. The update graduates the browser to version number 49.0.2623.87 for Windows, Mac, and Linux, according to a post on Google’s Chrome Releases blog this week. Two of the...

9.3CVSS0.8AI score0.02749EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2016/02/24 2:11 p.m.42 views

Five-Year 'Dust Storm' APT Campaign Seen Targeting Japanese Critical Infrastructure

A five-year campaign primarily focused on extracting sensitive information from Japanese oil, gas, and electric utilities was outlined by researchers on Tuesday. Referred to as Operation Dust Storm .PDF by researchers at Cylance, the campaign has managed to stay persistent over the years, and...

9.3CVSS8.8AI score0.9941EPSS
Exploits26References5
ThreatPost
ThreatPost
added 2015/11/02 3:29 p.m.42 views

Latest EMET Bypass Targets WoW64 Windows Subsystem

Backwards compatibility, a necessary evil for Microsoft in its need to support so many legacy applications on Windows, may be its undoing as researchers have found a way to exploit this layer in the operating system to bypass existing mitigations against memory-based exploits. Specifically in thi...

10CVSS1.7AI score0.99945EPSS
Exploits38References4
ThreatPost
ThreatPost
added 2015/05/13 12:14 p.m.42 views

Microsoft Brings Perfect Forward Secrecy to Windows

Microsoft yesterday added four cryptographic cipher suites to its default priority ordering list in Windows, a move that brings Perfect Forward Secrecy to the operating system. Update 3042058 is available for now only on the Microsoft Download Center, affording users the opportunity to test the...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2015/02/16 1:59 p.m.42 views

Lessons Learned in Building a Vulnerability Coordination Program

CANCUN – Bounty programs are mislabeled creatures, too often pigeonholed as a payoff for finding individual vulnerabilities in software. Wrong. “The name bug bounty is actually a false categorization of what is truly just an incentive program,” said Katie Moussouris, chief policy officer at...

9.3CVSS8.9AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2014/11/25 1:22 p.m.42 views

Adobe Releases Emergency Flash Player Patch

Adobe today revised a security bulletin it released more than a month ago, adding a patch for a code-execution vulnerability in Flash Player already included in some exploit kits. French researcher Kafeine found the exploits in the Angler and Nuclear kits less than a week after Adobe released an...

10CVSS0.3AI score0.90208EPSS
Exploits10References8
ThreatPost
ThreatPost
added 2013/08/28 12:44 p.m.42 views

Another Java 6 Vulnerability Found in the Wild

Unless you have an Oracle product that requires Java 6 or are paying for support for that version of the platform, you’d seen the last publicly available updates as of February. That doesn’t mean attackers have pushed back from targeting Java 6, and that certainly doesn’t mean that organizations...

10CVSS8.5AI score0.10179EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2013/05/13 10:30 a.m.42 views

Attackers Target Older Java Bugs

It’s no secret that Java has moved to the top of the target list for many attackers. It has all the ingredients they love: ubiquity, cross-platform support and, best of all, lots of vulnerabilities. Malware targeting Java flaws has become a major problem, and new statistics show that this epidemi...

10CVSS0.4AI score0.98536EPSS
Exploits50References2
ThreatPost
ThreatPost
added 2013/01/14 1:0 p.m.42 views

Rocra Espionage Malware Campaign Uncovered After Five Years of Activity

For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by...

9.3CVSS8AI score0.99966EPSS
Exploits25References9
Total number of security vulnerabilities5000