15946 matches found
TikTok Fixes Flaws That Opened Android App to Compromise
Researchers have disclosed four high-severity flaws in the Android version of TikTok that could have easily been exploited by a seemingly benign third-party Android app. If successful, an attacker could fully compromise the target’s TikTok account. Public disclosure of the vulnerabilities was...
BEC Wire Transfers Average $80K Per Attack
The average wire-transfer loss from business email compromise BEC attacks is significantly on the rise: In the second quarter of 2020 the average was $80,183, up from $54,000 in the first quarter. That’s according to the recently released Anti-Phishing Working Group APWG’s Phishing Activity Trend...
Jack Daniels, Ritz London Face Cyberattacks
A pair of cyberattacks on high-profile targets – the owner of the Jack Daniels distillery and the iconic Ritz London hotel – have resulted in the exposure of sensitive information. The maker behind Jack Daniels and other alcoholic beverages, Brown-Forman Corp., has suffered a recent cyberattack b...
Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts
Canadian authorities said almost 15,000 online accounts for various government services have been targeted in three recent waves of credential-stuffing attacks. These accounts could give attackers access to Canadians’ tax-related and benefits information, coronavirus relief fund money and more...
Google Fixes Mysterious Audio Recording Blip in Smart Speakers
After Google Home users started receiving mysterious alerts when their fire alarms went off or their plates smashed in their homes, Google acknowledged that it accidentally rolled out a feature causing the smart devices to record sounds without the voice prompt. Reports of the privacy faux pas...
Twitter: Epic Account Hack Caused by Mobile Spearphishing Scam
A mobile spearphishing attack targeting “a small number of employees” is what led to the unprecedented, major attack earlier in the month on high-profile Twitter accounts to push out a Bitcoin scam. The company posted an update late Thursday on the situation, which has been unfolding since July 1...
Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware
In this in-depth Threatpost podcast Christoph Hebeisen, who leads the Security Intelligence Research Division at Lookout, shares a behind-the-scenes look at how his team discovered and tracked three never-before-seen surveillanceware tools, dubbed SilkBean, GoldenEagle and CarbonSteal. Hebeisen...
Secret Service Creates Cyber Fraud Task Forces
The U.S. Secret Service has created the Cyber Fraud Task Forces CFTFs, aimed at preventing, detecting and mitigating complex cyber-enabled financial crime – including making arrests and convictions. The CFTF is the result of a formal merging of two of the Secret Service’s existing units into a...
Email Sender Identity is Key to Solving the Phishing Crisis
Email is in crisis. Despite massive advancements in perimeter and endpoint defenses, email remains a cybersecurity weak link for many companies. Why? Email is at the heart of everything we do online. It’s an essential line of communication for one-on-one and group conversations, both...
Report: ‘BlueLeaks’ Exposes Sensitive Data From Police Departments
Thousands of sensitive police department files – including police and FBI reports – were published on Friday by DDoSecrets Distributed Denial of Secrets, a self-proclaimed “transparency collective” that publishes covert data. The almost 270 gigabytes of data, dubbed “BlueLeaks,” is reportedly fro...
Theft of CIA's 'Vault 7' Secrets Tied to 'Woefully Lax" Security
A just-released report on the 2016 Central Intelligence Agency CIA data breach, which led to the Vault 7 document dump on WikiLeaks, blames “woefully lax” security by the nation’s top spy agency. The conclusions were part of an internal 2017 Department of Justice DoJ report on the CIA breach. On...
Protecting Unmanaged & IoT Devices: Why Traditional Security Tools Fail
We are currently experiencing the single largest explosion of network-enabled devices that we’ve ever witnessed. Many of these devices are running on the same networks as critical business solutions and may even be connecting directly to critical assets or delivering a critical capability...
Android 'ActionSpy' Malware Targets Turkic Minority Group
Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. The spyware is distributed either via watering-hole websites or fake websites. Researchers believe ActionSpy is being used in ongoing campaigns to target Uyghur victims. The...
Phishing Attack Hits German Coronavirus Task Force
Researchers are warning of an ongoing phishing attack that’s targeting the credentials of more than 100 high-profile executives at a German multinational corporation that’s tasked with procuring coronavirus medical gear for Germany. The company, left unnamed by researchers, is part of a task forc...
New iOS Jailbreak Tool Works on iPhone Models iOS 11 to iOS 13.5
A hacker team has released a new method to jailbreak iPhones that they claim uses a zero-day exploit that allows them to jailbreak iPhones running iOS 11 through Apple’s most recent version of its mobile operating system – iOS 13.5. Calling it a “big milestone for jailbreaking,” one of its...
New Mirai Variant 'Mukashi' Targets Zyxel NAS Devices
Another variant of the shape-shifting Mirai botnet is attacking Zyxel network-attached storage NAS devices using a critical vulnerability that was only recently discovered, according to security researchers. The variant, dubbed Mukashi, takes advantage of a pre-authentication command injection...
Authorities Eye Using Mobile Phone Tracking COVID-19's Spread
Authorities in the United States and Israel are eyeing ways to use mobile-phone and other location-based data to help control the spread of the new coronavirus COVID-19, raising serious privacy concerns about the practice of using and sharing people’s personal data during the time of a global...
A COVID-19 Cybersecurity Poll: Securing a Remote Workforce
As the coronavirus pandemic continues to sweep the globe, and cities and states impose social-distancing measures, businesses are sending their users home to work. And this massive, unprecedented shift to distance working brings with it a whole new set of cybersecurity challenges. For instance, a...
Phishing Attack Skirts Detection With YouTube
Researchers are warning of an increase in phishing emails that use YouTube redirect links, which help attackers skirt traditional defense measures. If certain malicious URLs are blocked by web browser phishing filters, attackers commonly use a redirector URL to bypass these filters and redirect t...
Zynga Faces Lawsuit Over Massive Words with Friends Breach
Mobile game developer Zynga could face a class-action lawsuit stemming from a massive data breach last September, which impacted 218 million users of the Words with Friends mobile app. The news comes as other big names face security incidents: T-Mobile and Carnival Cruise Lines have admitted this...
Download Guide: Advanced Threat Protection Beyond the AV
At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment. The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutio...
Ring Mandates 2FA After Rash of Hacks
Connected doorbell-maker Ring is now requiring two-factor authentication 2FA for all users when they sign into their accounts. The new requirement comes after Ring faced a backlash in December following a rash of disturbing hacks and security issues tied to the smart doorbell. While Amazon-owned...
Metamorfo Returns with Keylogger Trick to Target Financial Firms
Researchers have discovered a recent spate of phishing emails spreading a new variant of Metamorfo, a financial malware known for targeting Brazilian companies. Now, however, it’s expanding its geographic range and adding a new technique. Metamorfo was first discovered in April 2018, in various...
Podcast: The Roadblocks and Opportunities For Women in Cybersecurity
In 2019, diversity in the cybersecurity was thrust to the forefront with recognition from both vendors and experts. The tech industry is facing challenges around diversity in general, but women are particularly underrepresented. And with an estimated 3.5 million jobs are expected to remain unfill...
Podcast: What We've Learned from the Year of the Breach
This podcast is sponsored by Arctic Wolf. Large-scale data breaches hitting organizations like Capital One and Georgia Tech in 2019 show that companies continue to be targeted in malicious cyberattacks that expose customers’ personal data and valuable records. Threatpost host Cody Hackett sat dow...
Signal Tests Upgraded Cryptography for Groups Function
Signal, the encrypted messaging platform, is planning to launch an upgraded secure group messaging and communities function. Signal’s groups are private, meaning that the service itself doesn’t keep a record of a user’s group memberships, group titles, group avatars or group attributes. But the w...
CISO and Security Vendor Relationships are Good for a Laugh in New Comic Videos
It’s not easy being a CISO. One could say “intense” might be the perfect descriptor for the CISO work environment. Tasked with the unenviable job of keeping the organization safe, carrying the burden of failed protection and taking hits for successful breaches, CISOs can never rest. They are...
France's 'Secure' Telegram Replacement Hacked in an Hour
The French Government last week launched a custom messaging application called Tchap, touting it as being “more secure than Telegram.” One small snag however: The platform has already – quelle dommage! – been hacked. French security researcher Robert Baptiste, a.k.a. Elliot Alderson, downloaded t...
Microsoft Issues Multiple Critical Patches for Edge Browser
Microsoft patched a bevy of critical bugs impacting its Edge browser that could allow an attacker to hijack a targeted PC simply by steering a victim to a rigged website harboring specially crafted exploit code. In all, Microsoft tackled four critical Edge vulnerabilities, part of the company’s...
Adobe December 2018 Security Update Fixes Reader, Acrobat
Adobe has patched 87 vulnerabilities for Acrobat and Reader in its December Patch Tuesday update, including a slew of critical flaws that would allow arbitrary code-execution. The scheduled update comes less than a week after Adobe released several out-of-band fixes for Flash Player, including a...
Recently-Patched Adobe ColdFusion Flaw Exploited By APT
An Adobe ColdFusion vulnerability, patched two months ago, was being exploited in the wild by a China-linked APT group, researchers found. The vulnerability, CVE-2018-15961, is a critical unrestricted file upload bug that could also lead to arbitrary code-execution, researchers at Volexity, who...
In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack
A “critical water utility” has been targeted in a recent ransomware attack, significantly impeding its ability to provide service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority ONWASA said in a Monday release that a “sophisticated ransomwa...
Google Warns of DoS and RCE Bugs in Dnsmasq
Seven flaws in what is known as Dnsmasq can be exploited by attackers who can use the bugs to carry out remote code execution, information exposure or a denial of service attacks against affected devices. Google researchers identified the flaws in a research paper published Monday, the same day a...
Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method
A group of researchers recently identified a real-time way to detect credential spearphishing attacks in enterprise settings. The discovery net the researchers $100,000 last week from Facebook, which awards money as part of its annual Internet Defense Prize partnership with USENIX Association. Th...
Emergency Update Patches Zero Day in Microsoft Malware Protection Engine
Microsoft made quick work of what two prominent Google researchers called the worst Windows vulnerability in recent memory, releasing an emergency patch Monday night, 48 hours after Google’s private disclosure was made. The mystery Windows zero day CVE-2017-0290 was in the Microsoft Malware...
Unpatched WordPress Password Reset Vulnerability Lingers
A zero-day vulnerability exists in WordPress Core that in some instances could allow an attacker to reset a user’s password and gain access to their account. Researcher Dawid Golunski of Legal Hackers disclosed the vulnerability on Wednesday via his new ExploitBox service. All versions of...
ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs
Adobe today released an important security hotfix for several versions of its ColdFusion rapid web application development platform. The company said the update addresses an input validation vulnerability CVE-2017-3008 in the software that could be used in reflected cross-site scripting XSS...
Google Play Hit With Rash of Auto-Rooting Malware
Researchers have identified a recent wave of malware targeting the Google Play app marketplace that entices users to download utilities and games that when installed surreptitiously root devices. The exploit, which mobile security firm Lookout calls autorooting malware, gives attackers complete...
Cerber Ransomware On The Rise, Fueled By Dridex Botnet
Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex...
Adobe Emergency Update Patches Flash Zero Day
As promised earlier this week, Adobe today released an updated version of Flash Player that includes a patch for a zero-day vulnerability. Adobe said it is aware of the existence of a public exploit for CVE-2016-4117, but said the flaw has not been publicly attacked. The vulnerability affects Fla...
OpenSSH Implementations with X11Forwarding Enabled Should Heed Recent Security Update
Users who choose to enable X11Forwarding in OpenSSH, or those who use software products that re-enable it, should pay close attention to last Wednesday’s OpenSSH security update. The latest version of the open source implementation of the SSH protocol patches a flaw that exposes it to command...
Google Updates Chrome, Fixes Three High Severity Issues
Google pushed out the latest version of its flagship browser Chrome on Tuesday, fixing three high severity bugs in the process. The update graduates the browser to version number 49.0.2623.87 for Windows, Mac, and Linux, according to a post on Google’s Chrome Releases blog this week. Two of the...
Five-Year 'Dust Storm' APT Campaign Seen Targeting Japanese Critical Infrastructure
A five-year campaign primarily focused on extracting sensitive information from Japanese oil, gas, and electric utilities was outlined by researchers on Tuesday. Referred to as Operation Dust Storm .PDF by researchers at Cylance, the campaign has managed to stay persistent over the years, and...
Latest EMET Bypass Targets WoW64 Windows Subsystem
Backwards compatibility, a necessary evil for Microsoft in its need to support so many legacy applications on Windows, may be its undoing as researchers have found a way to exploit this layer in the operating system to bypass existing mitigations against memory-based exploits. Specifically in thi...
Microsoft Brings Perfect Forward Secrecy to Windows
Microsoft yesterday added four cryptographic cipher suites to its default priority ordering list in Windows, a move that brings Perfect Forward Secrecy to the operating system. Update 3042058 is available for now only on the Microsoft Download Center, affording users the opportunity to test the...
Lessons Learned in Building a Vulnerability Coordination Program
CANCUN – Bounty programs are mislabeled creatures, too often pigeonholed as a payoff for finding individual vulnerabilities in software. Wrong. “The name bug bounty is actually a false categorization of what is truly just an incentive program,” said Katie Moussouris, chief policy officer at...
Adobe Releases Emergency Flash Player Patch
Adobe today revised a security bulletin it released more than a month ago, adding a patch for a code-execution vulnerability in Flash Player already included in some exploit kits. French researcher Kafeine found the exploits in the Angler and Nuclear kits less than a week after Adobe released an...
Another Java 6 Vulnerability Found in the Wild
Unless you have an Oracle product that requires Java 6 or are paying for support for that version of the platform, you’d seen the last publicly available updates as of February. That doesn’t mean attackers have pushed back from targeting Java 6, and that certainly doesn’t mean that organizations...
Attackers Target Older Java Bugs
It’s no secret that Java has moved to the top of the target list for many attackers. It has all the ingredients they love: ubiquity, cross-platform support and, best of all, lots of vulnerabilities. Malware targeting Java flaws has become a major problem, and new statistics show that this epidemi...
Rocra Espionage Malware Campaign Uncovered After Five Years of Activity
For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by...