Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2013/08/28 12:44 p.m.42 views

Another Java 6 Vulnerability Found in the Wild

Unless you have an Oracle product that requires Java 6 or are paying for support for that version of the platform, you’d seen the last publicly available updates as of February. That doesn’t mean attackers have pushed back from targeting Java 6, and that certainly doesn’t mean that organizations...

10CVSS8.5AI score0.10179EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2013/05/14 4:14 p.m.42 views

Microsoft Patches IE Zero Day Used In Watering Hole Attack

Microsoft wasted no time today delivering a patch for the Internet Explorer 8 vulnerability being exploited in watering hole attacks carried out against the U.S. Department of Labor website and nine others worldwide. Today’s Patch Tuesday security updates also include a fix for IE vulnerabilities...

9.3CVSS9.3AI score0.77889EPSS
Exploits11References14
ThreatPost
ThreatPost
added 2013/05/13 10:30 a.m.42 views

Attackers Target Older Java Bugs

It’s no secret that Java has moved to the top of the target list for many attackers. It has all the ingredients they love: ubiquity, cross-platform support and, best of all, lots of vulnerabilities. Malware targeting Java flaws has become a major problem, and new statistics show that this epidemi...

10CVSS0.4AI score0.98536EPSS
Exploits50References2
ThreatPost
ThreatPost
added 2013/02/13 5:51 p.m.42 views

Ruby on Rails Patches DoS, Remote Execution Flaws

Web app framework Ruby on Rails patched two security flaws this week in the open source framework that could have led to denial of service attacks and remote execution vulnerabilities. With builds 3.2.12, 3.1.11 and 2.3.17, the framework fixed a serialized attributes YAML vulnerability...

10CVSS3.3AI score0.13911EPSS
Exploits2References6
ThreatPost
ThreatPost
added 2013/01/15 8:6 p.m.42 views

Adobe Patches Four ColdFusion Flaws Exploited in Wild

Adobe delivered a security hotfix for its ColdFusion application server today, repairing a host of vulnerabilities being exploited in the wild. The company had recommended a series of mitigations in a Jan. 7 advisory as a stopgap until today’s hotfix was released. Two of the vulnerabilities affec...

6.8CVSS1.7AI score0.93797EPSS
Exploits5References5
ThreatPost
ThreatPost
added 2013/01/14 1:0 p.m.42 views

Rocra Espionage Malware Campaign Uncovered After Five Years of Activity

For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by...

9.3CVSS8AI score0.99966EPSS
Exploits25References9
ThreatPost
ThreatPost
added 2013/01/10 3:1 p.m.42 views

Exploit Code, Metasploit Module Out for Ruby on Rails Flaws

Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proof-of-concept exploit code for a couple of the flaws and the team at Metasploit have released a module for the penetration testing framework that exploit one of the bugs, as...

7.5CVSS0.5AI score0.99449EPSS
Exploits21References5
ThreatPost
ThreatPost
added 2012/09/25 6:8 p.m.42 views

Large-Scale Water Holing Attack Campaigns Hitting Key Targets

A new APT-style espionage campaign launched this summer targeting organizations tied to financial services, government agencies and the defense industry used a technique dubbed water holing to entice victims and silently redirect them to sites hosting zero-day exploits. Researchers at RSA Securit...

9.3CVSS8.5AI score0.83638EPSS
Exploits12References6
ThreatPost
ThreatPost
added 2012/09/13 7:46 p.m.42 views

New PDF Attack Targets Aviation Defense Industry

FireEye reported today it had detected a new critical PDF attack targeting the aviation defense industry. Malware Page exploits a stack-based buffer overflow vulnerability in Adobe Acrobat and Adobe Reader. An attacker would be able to execute code remotely via a crafted argument to the getIcon...

9.3CVSS8.8AI score0.96632EPSS
Exploits14References2
ThreatPost
ThreatPost
added 2012/08/24 2:57 p.m.42 views

The Rise of Cross-Platform Malware

For most of the recorded history of malware, viruses, Trojans and other malicious software have been specialists. Each piece of malware typically targeted one platform, be it Windows, OS X or now, one of the mobile platforms. But the last few months have seen the rise of cross-platform malware th...

10CVSS1.3AI score0.96714EPSS
Exploits13References6
ThreatPost
ThreatPost
added 2012/06/15 7:46 p.m.42 views

What Have We Learned: Flame Malware

When the news about the Flame malware first broke several weeks ago, people from all parts of the security community, political world and elsewhere quickly began trying to figure out what the significance of the tool was and whether it represented anything new. That was difficult at the time, giv...

9.3CVSS6.4AI score0.61655EPSS
Exploits11References9
ThreatPost
ThreatPost
added 2012/05/16 9:1 p.m.42 views

Report: Strategic Web Compromises Behind Recent Hack of Amnesty, Others

A recent string of Web site hacks at Amnesty International and other NGOs are evidence of a campaign of cyber espionage directed against human rights orgnaizations, according to a report from The Shadowserver Foundation. In a report on Tuesday, the Foundation said that its members had witnessed a...

9.3CVSS0.3AI score0.85698EPSS
Exploits10References3
ThreatPost
ThreatPost
added 2012/03/05 8:23 p.m.42 views

Adobe Issues Emergency Fix For Flash Player Vulnerabilities

Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player. Adobe on Monday issued two emergency fixes for...

10CVSS1.5AI score0.9203EPSS
Exploits13References5
ThreatPost
ThreatPost
added 2010/10/28 2:3 p.m.42 views

New Adobe Flash Bug Being Exploited

On the same day that it plans to release a patch for a critical flaw in Shockwave, Adobe confirmed on Thursday morning that there is a newly discovered bug in Flash that is being actively exploited already in attacks against Reader. The vulnerability affects Flash on all of the relevant platforms...

9.3CVSS1.9AI score0.69679EPSS
Exploits14References4
ThreatPost
ThreatPost
added 2010/05/13 6:4 p.m.42 views

End of Support for XP SP2 is End of an Era

Microsoft’s announcement this week that it is preparing to end support for machines running Windows XP SP2 not only represents a challenge for the thousands of businesses still running SP2, but also is the end of an era for both Microsoft and its customers. By the time Microsoft drops support for...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2009/10/06 10:32 p.m.42 views

'High Risk' Flaw Fixed in Google Chrome

Google has pushed out a new version of its Chrome browser to fix a high-severity security hole that could lead to malicious code execution attacks. The vulnerability could be exploited to run arbitrary code within the Google Chrome sandbox, the company said in an advisory. The raw details: The v8...

6.8CVSS6.6AI score0.28167EPSS
Exploits43References2
ThreatPost
ThreatPost
added 2009/08/13 8:34 p.m.42 views

Adam Shostack on Privacy and the PETS '09 Workshop

Dennis Fisher talks with Microsoft’s Adam Shostack about the Privacy Enhancing Technologies Symposium, the definition of privacy in today’s world and the role of technology in helping to enhance and protect that privacy. Show notes: Adam’s blog post on “Understanding Privacy” by Dan Solove...

9.3CVSS1.2AI score0.99945EPSS
Exploits33References7
ThreatPost
ThreatPost
added 2022/08/12 6:20 p.m.41 views

Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics

Zeppelin ransomware is back and employing new compromise and encryption tactics in its recent campaigns against various vertical industries—particularly healthcare—as well as critical infrastructure organizations, the feds are warning. Threat actors deploying the ransomware as a service RaaS are...

7.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/07/15 4:26 p.m.41 views

Emerging H0lyGh0st Ransomware Tied to North Korea

Microsoft researchers have linked an emerging ransomware threat that already has compromised a number of small-to-mid-sized businesses to financially motivated North Korean state-sponsored actors that have been active since last year. The group has successfully compromised small-to-mid-sized...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2022/01/19 6:30 p.m.41 views

Box 2FA Bypass Opens User Accounts to Attack

UPDATE A security hole in Box, the cloud-based file-sharing service, paved the way for busting its multifactor authentication MFA, researchers said – and it’s the second such MFA bypass they have discovered in the service so far. Clearly, the stakes are high – gaining access to a Box account coul...

7.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/09/28 10:0 a.m.41 views

Credential Spear-Phishing Uses Spoofed Zix Encrypted Email

Armorblox researchers have spotted an ongoing credential-phishing attack that spoofs an encrypted Zix email – one coming, weirdly enough, from what looks like a legitimate domain associated with the Baptist religion. At least, the threat actor is sending the phishing attack from...

7.3AI score
Exploits0References22
ThreatPost
ThreatPost
added 2021/09/22 7:41 p.m.41 views

Netgear SOHO Security Bug Allows RCE, Corporate Attacks

A high-severity security bug affecting several Netgear small office/home office SOHO routers could allow remote code execution RCE via a man-in-the-middle MiTM attack. The bug CVE-2021-40847 exists in a third-party component that Netgear includes in its firmware, called Circle – it handles the...

9.3CVSS7.9AI score0.10051EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2021/09/01 3:55 p.m.41 views

LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files

After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline’s encrypted files on its leak site. BleepingComputer posted an image shown...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/08/18 2:30 p.m.41 views

Memory Bugs in BlackBerry’s QNX Embedded OS Open Devices to Attacks

The potential danger from a raft of memory-allocation bugs discovered by Microsoft in April has now spread to older versions of multiple BlackBerry QNX products. The Cybersecurity Infrastructure and Security Agency CISA and BlackBerry warned in separate alerts Tuesday that threat actors can take...

9.8CVSS9.4AI score0.018EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2021/08/10 2:43 p.m.41 views

Fuzz Off: How to Shake Up Code to Get It Right – Podcast

LAS VEGAS – In 2014, two teams of security researchers independently started fuzz testing OpenSSL. Within days, the advanced black-box software technique led to an exploitable vulnerability in OpenSSL: namely, the Heartbleed vulnerability. What is fuzzing? That’s what the FuzzCon event is all...

7.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/13 8:51 p.m.41 views

Ransomware Giant REvil Disappears

All of REvil’s Dark Web sites slipped offline as of early Tuesday morning, and it’s not clear whether it’s due to the ransomware gang getting busted or whether the threat actors did it on purpose. The REvil ransomware operation, a.k.a. Sodinokibi, uses both clear web and Dark Web sites to negotia...

6.9AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/06/18 11:56 a.m.42 views

Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors

Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide – the ransomware gang behind the Colonial Pipeline hack. According to researchers at Trend Micro, threat actors are taking advantage of the notoriety around the pipeline...

6.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/04 2:15 p.m.41 views

Supreme Court Limits Scope of Controversial Hacking Law

The United States Supreme Court has ruled that a police officer who received money for obtaining data from a law-enforcement database for an associate did not violate a controversial federal hacking law, marking a victory for the ethical hacking community by limiting the law’s scope. In a landmar...

6.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/06/03 12:0 p.m.41 views

Securing Privileged Access Within Healthcare Orgs

Healthcare organizations have always been high-value targets for cybercriminals, as their networks store large volumes of personally identifiable information PII including Social Security numbers, dates of birth, addresses and very sensitive personal health data. Since the beginning of the COVID-...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/05/17 7:40 p.m.41 views

What a Year It’s Been: RSA 2021 Embraces ‘Resilience’

Clearly, the months since the world shut down in March of 2020 fomented a radical shift in how people work and live, and it’s brought a range of crises and challenges to bear across the spectrum of our lives. These profound changes and experiences were also felt in cybersecurity, bringing...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/04/14 2:48 p.m.41 views

100,000 Google Sites Used to Install SolarMarker RAT

Hackers are using search-engine optimization SEO tactics to lure business users to more than 100,000 malicious Google sites that seem legitimate, but instead install a remote access trojan RAT, used to gain a foothold on a network and later infect systems with ransomware, credential-stealers,...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/03/25 6:31 p.m.41 views

Facebook Disrupts Spy Effort Aimed at Uyghurs

Facebook has taken on a group of hackers in China that target the Uyghur ethnic group with cyberespionage activity. The hacking group, known as Earth Empusa or Evil Eye, was targeting activists, dissidents and journalists involved in the Uyghur community, primarily those living abroad in Australi...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/02/26 1:25 p.m.41 views

Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World

The payment processing system has steadily evolved over time. Greatly amplified by the COVID-19 pandemic, the use of electronic payment systems in this economy has soared nearly overnight. With online shopping at an all-time high as consumer behaviors shift toward more convenience and flexibility...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/02/08 4:39 p.m.41 views

WestRock Ransomware Attack Hinders Packaging Production

WestRock – the second-largest packaging company in the U.S. – continues to restore its systems, two weeks after it discovered it was the victim of a ransomware attack. WestRock, which has more than 320 manufacturing facilities globally, creates packaging supplies for a bevy of high-profile client...

0.9AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/01/21 8:0 p.m.41 views

Einstein Healthcare Network Announces August Breach

Einstein Health Network, a Pennsylvania-based company operating medical rehab, outpatient and primary care centers, announced a breach of its employee email system, which exposed patient personal and medical information. The company waited more than five months to make the compromise public...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/01/08 8:44 p.m.41 views

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

The new year started off with a bang, with the SolarWinds hack revealed in late December acting as a jarring reminder to companies and U.S. government departments alike that cybercriminals continue to successfully exploit security lapses in technology. But beyond the SolarWinds supply-chain...

7.2AI score
Exploits0References21
ThreatPost
ThreatPost
added 2021/01/06 9:20 p.m.41 views

It’s Not the Trump Sex Tape, It’s a RAT

As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/01/04 3:26 p.m.41 views

Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business

Ticketmaster must pay a hefty $10 million fine after several employees utilized unlawfully obtained passwords to hack a rival company’s computer systems – in attempts to “choke off” its business. The American ticket sales and distribution giant, which is owned by Live Nation, in 2013 hired an...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/12/17 5:30 p.m.41 views

Cryptologists Crack Zodiac Killer's 340 Cipher

A remote team of three hobbyist cryptologists have solved one of the Zodiac Killer’s cipher after a half century. And while the name of the elusive serial killer remains hidden, the breakthrough represents a triumph for cryptology and the basic building blocks of cybersecurity — access control an...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/12/01 4:57 p.m.41 views

Electronic Medical Records Cracked Open by Unpatched OpenClinic Bugs

Four vulnerabilities have been discovered in the OpenClinic application for sharing electronic medical records. The most concerning of them would allow a remote, unauthenticated attacker to read patients’ personal health information PHI from the application. OpenClinic is an open-source health...

8AI score0.01669EPSS
Exploits3References6
ThreatPost
ThreatPost
added 2020/11/26 2:0 p.m.41 views

Federated Learning: A Therapeutic for what Ails Digital Health

For researchers and physicians the mountains of data hospitals and healthcare systems hold could be a goldmine for artificial intelligence and machine learning, but data privacy concerns and regulations have kept scientists from being able to harness that information to improve outcomes. Now...

0.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/11/09 8:49 p.m.41 views

Trump Site Alleging AZ Election Fraud Exposes Voter Data

A security flaw on a website set up to gather evidence of in-person voter fraud in Arizona would have opened the door for SQL injection and other attacks. The bug, found on a site set up by Trump campaign called dontpressthegreenbutton.com, was discovered by cybersecurity pro Todd Rossin, almost ...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/11/03 7:10 p.m.41 views

34M Records from 17 Companies Up for Sale in Cybercrime Forum

A whopping 34 million user records have materialized on an underground sales forum, which cybercriminals claim are gleaned from 17 different corporate data breaches. According to reports, the data appeared late last week, and the theft appears to be the work of a single person or group. The...

Exploits0References8
ThreatPost
ThreatPost
added 2020/10/29 10:0 a.m.41 views

Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns

Parked domains, which act as aliases and redirect to other websites, can send visitors to malicious or unwanted landing pages or turn entirely malicious at any point in time – as evidenced by a recent Emotet campaign, a separate effort abusing Comcast and McAfee brands, and an election-themed...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/10/22 5:48 p.m.41 views

Microsoft Teams Phishing Attack Targets Office 365 Users

Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aims to steal Office 365 recipients’ login credentials. Teams is Microsoft’s popular collaboration tool, which has particularly risen in popularity among remote...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/10/20 1:0 p.m.41 views

Mobile Browser Bugs Open Safari, Opera Users to Malware

A set of address-bar spoofing vulnerabilities that affect a number of mobile browsers open the door for malware delivery, phishing and disinformation campaigns. The bugs, reported by Rapid7 and independent researcher Rafay Baloch, affect six browsers, ranging from the common Apple Safari, Opera...

1.4AI score0.00823EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2020/08/03 4:26 p.m.41 views

Garmin Pays Up to Evil Corp After Ransomware Attack — Reports

Garmin, the GPS and aviation tech specialist, reportedly negotiated with Evil Corp for an decryption key to unlock its files in the wake of a WastedLocker ransomware attack. The attack, which started on July 23, knocked out Garmin’s fitness-tracker services, customer-support outlets and commercia...

0.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/07/27 8:17 p.m.41 views

Microsoft Revamps Windows Insider Preview Bug Bounty Program

Microsoft has revamped its Windows Insider Preview bug bounty program with higher rewards and an improved portal for bounty hunters to report flaws, in an effort to help sniff out more vulnerabilities on its platform. The Microsoft Windows Insider Preview bounty program is part of the Microsoft...

1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/07/14 2:46 p.m.41 views

DMARC Adoption Spikes, Higher Ed Remains Behind

Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years — a 2.5 times greater total than in 2018. That’s according to Valimail’s Email Fraud Landscape 2020 report, which also found...

7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/07/14 1:38 p.m.41 views

Leaked Details of 142 Million MGM Hotel Guests Found for Sale Online

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the dark web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. An advertisement on a hacker forum has put 142,479,937 details...

7AI score
Exploits0References8
Total number of security vulnerabilities5000