Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2009/04/21 6:54 p.m.41 views

Charney plugs Microsoft end-to-end trust at RSA Conference

Scott Charney used his keynote speech at the RSA Conference on Tuesday to talk up a variety of hardware and software-based technologies meant to infuse the Internet with more trust. Charney, the head of Microsoft’s Trustworthy Computing team, talked about the need for greater adoption of TPMs, co...

9.3CVSS0.8AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2022/05/13 12:6 p.m.40 views

Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service

Cybercriminals are promoting a new, modular malware-as-a-service offering that allows would-be attackers to choose from a cornucopia of threats via a Telegram channel that to date has more than 500 subscribers, researchers have found. The new malware service, dubbed the Eternity Project by the...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/05/04 1:24 p.m.40 views

Attackers Use Event Logs to Hide Malware

Researchers have discovered a malicious campaign utilizing a never-before-seen technique for quietly planting fileless malware on target machines. The technique involves injecting shellcode directly into Windows event logs. This allows adversaries to use the Windows event logs as a cover for...

7.6AI score
Exploits0References1
ThreatPost
ThreatPost
added 2022/04/25 1:32 p.m.40 views

Lapsus$ Hackers Target T-Mobile

T-Mobile confirmed that the extortion group Lapsus$ gains access to their system “several weeks ago”. The telecom giant responded to a report by a journalist Brian Krebs, who accessed the internal chats from the private Telegram channel of the core Lapsus$ gang members. The company added that it...

7.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2022/01/19 6:30 p.m.40 views

Box 2FA Bypass Opens User Accounts to Attack

UPDATE A security hole in Box, the cloud-based file-sharing service, paved the way for busting its multifactor authentication MFA, researchers said – and it’s the second such MFA bypass they have discovered in the service so far. Clearly, the stakes are high – gaining access to a Box account coul...

7.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/11/24 4:16 p.m.40 views

GoDaddy Breach Widens to Include Reseller Subsidiaries

The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress were also affected. The additional affected companies are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. The world’s larges...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/11/05 7:55 p.m.40 views

Native Tribal Casinos Taking Millions in Ransomware Losses

Ransomware groups have made millions off attacks on native tribal casinos in the U.S., just over the past few months. A notification issued by the Federal Bureau of Investigation FBI cybercrime unit, according to a new report from Bleeping Computer, said that ransomware attacks on tribal casinos...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/08/12 5:32 p.m.40 views

AdLoad Malware 2021 Samples Evade Apple XProtect

A swelling wave of AdLoad malware infections in macOS devices is cresting its way past Apple’s on-device malware scanner, researchers said. The campaign is using around 150 unique samples, some of which are signed by Apple’s notarization service. AdLoad is a well-known Apple threat that’s been...

6.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/08/03 8:0 p.m.40 views

Ransomware Volumes Hit Record Highs as 2021 Wears On

Ransomware has seen a significant uptick so far in 2021, with global attack volume increasing by 151 percent for the first six months of the year as compared with the year-ago half. Meanwhile, the FBI has warned that there are now 100 different strains circulating around the world. From a...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/07/12 8:30 p.m.40 views

BIOPASS RAT Uses Live Streaming Steal Victims’ Data

Online gambling companies in China are being targeted by a new remote access trojan RAT which, in addition to its predictable features — like file assessment and exfiltration — takes the novel approach of using live streaming to spy on the screens of its victims. The malware was identified by a...

7.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/06/22 4:24 p.m.40 views

Kids’ Apps on Google Play Rife with Privacy Violations

About 20 percent of the Top 500 kids’ mobile apps in the Google Play store are collecting data on users in a way that likely violates the Children’s Online Privacy Protection Act COPPA. These have been downloaded by a collective 492 million users, researchers said. That’s according to an analysis...

6.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/05/11 7:46 p.m.40 views

GitHub Prepares to Move Beyond Passwords

GitHub, the ubiquitous host for software development and version control and unfortunate target of a steady pitter-patter of attacks targeting the same, is now supporting security keys when using Git over SSH. In a post on Monday, GitHub security engineer Kevin Jones said that this is the next st...

5.8AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/04/29 6:42 p.m.40 views

Experian API Leaks Most Americans’ Credit Scores

A researcher is claiming that the credit scores of almost every American were exposed through an API tool used by the Experian credit bureau, that he said was left open on a lender site without even basic security protections. Experian, for its part, refuted concerns from the security community...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/04/14 5:21 p.m.40 views

A Post-Data Privacy World and Data-Rights Management

The reality is that today, almost everyone is being tracked and monitored 24/7 with cameras recording our expressions, interactions and speech to determine what we might be thinking, where we are going and who we are meeting. While privacy differs from nation to nation and culture to culture, one...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/03/29 9:7 p.m.40 views

Pair of Apex Legends Players Banned for DDoS Server Attacks

Two high-ranked Apex Legends players have been banned from the platform for cheating by launching distributed denial-of-service DDoS attacks on an Xbox server. The players, who had achieved the rank of “Apex Predators” in the console version of the game haven’t been named, but the whole thing wen...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/17 7:57 p.m.40 views

Ninja Forms WordPress Plugin Opens Websites to Hacks

Click to Register Ninja Forms, a WordPress plugin used by more than 1 million sites, contains four critical security vulnerabilities that together make it possible for a remote attacker to take over a WordPress site and create various kinds of problems. Ninja Forms offers WordPress site designers...

0.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/01/20 4:42 p.m.40 views

Investment Scammers Prey on Dating App Users, Interpol Warns

Cybercriminals are taking advantage of a surge in dating app users with a sophisticated fraud scheme, which convinces victims to join in on an investment opportunity – and ultimately drains their wallets. The social isolation of the COVID-19 pandemic is driving many to online interactions – notab...

0.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/01/11 8:54 p.m.40 views

Researcher Builds Parler Archive Amid Amazon Suspension

A security researcher said she has scraped and is archiving 99 percent of Parler’s public posts, as the social-media network goes offline following suspensions from Amazon, Apple and Google. Archived content includes public posts from the social-media site. These posts reportedly included Parler...

6.3AI score
Exploits0References19
ThreatPost
ThreatPost
added 2020/12/18 4:42 p.m.40 views

Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

UPDATE Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to expect many more victims to come to light as investigations continue. Adversaries were...

6.9AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/12/07 2:18 p.m.40 views

RansomExx Ransomware Gang Dumps Stolen Embraer Data: Report

Hackers have dumped sensitive company data that was stolen during a ransomware attack last month on aircraft manufacturer Embraer. The compromised data appeared on a new dark web site created to publish leaked information, according to a published report. The move appears to be a revenge for the...

Exploits0References14
ThreatPost
ThreatPost
added 2020/11/13 6:10 p.m.40 views

2020 Reader Survey: Share Your Feedback to Help Us Improve

Dear Threatpost Reader, Thank you for taking the time to participate in our anonymous Reader Survey. With your help, we intend to continue bringing you timely and relevant news and information to keep you in touch with the cybersecurity industry. This survey will only take a few minutes of your...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/30 10:34 p.m.40 views

Crippling Cyberattacks, Disinformation Top Concerns for Election Day

What keeps researchers up at night leading up to Nov. 3 isn’t election-day winners and losers. Most cite possible attacks on local infrastructure, crippling ransomware incidents and disinformation campaigns. There are also many concerned voters this year. Election-related cybersecurity attacks ha...

6.9AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/10/28 3:40 p.m.40 views

Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees

Microsoft said that an Iranian threat actor has successfully compromised attendees of two global conferences – including ambassadors and senior policy experts – in an effort to steal their email credentials. The two conferences targeted include the Munich Security Conference, slated for Feb. 19 t...

0.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/10/22 5:52 p.m.40 views

Facebook, News and XSS Underpin Complex Browser Locker Attack

A sophisticated “browser locker” campaign is spreading via Facebook, ultimately pushing a tech-support scam. The effort is more advanced than most, because it involves exploiting a cross-site scripting XSS vulnerability on a popular news site, researchers said. Browser lockers are a type of...

5.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/09/18 9:7 p.m.40 views

Stubborn WooCommerce Plugin Bugs Gets Third Patch

E-commerce sites using the WordPress plugin Discount Rules for WooCommerce are being urged to patch two high-severity cross-site scripting flaws that could allow an attacker to hijack a targeted site. Two fixes for the flaws, first available on Aug. 22 and second on Sept. 2, failed to patch the...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/09/15 10:2 p.m.40 views

Data Breaches Expose Vets, COVID-19 Patients

A pair of healthcare-related data breaches at high-profile government agencies has impacted tens of thousands of people. First, a cyberattack at the U.S. Department of Veterans Affairs VA has impacted about 46,000 veterans, exposing their financial information. And another incident, at the U.K.’s...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/09/15 7:9 p.m.40 views

QR Codes Serve Up a Menu of Security Concerns

Quick Response QR codes are booming in popularity and hackers are flocking to exploit the trend. Worse, according to a new study, people are mostly ignorant to how QR codes can be easily abused to launch digital attacks. The reason QR code use is skyrocketing is tied to more brick-and-mortar...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/07/23 4:56 p.m.40 views

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers

The COVID-19 pandemic continues to shape the face of cybercrime in 2020, with ransomware and attacks on internet of things IoT devices seeing sharp increases in the U.S. for the first half of the year. According to SonicWall’s 2020 Cyber Threat Report ransomware attacks are up, particularly in th...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/23 2:39 p.m.40 views

Hakbit Ransomware Attack Uses GuLoader, Malicious Microsoft Excel Attachments

A ransomware campaign, dubbed Hakbit, is targeting mid-level employees across Austria, Switzerland and Germany with malicious Excel attachments delivered via the popular email provider GMX. The spear-phishing based campaign is low volume and so far targeted the pharmaceutical, legal, financial,...

7.1AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/06/18 12:55 p.m.40 views

Phishing Campaign Targeting Office 365, Exploits Brand Names

Researchers have discovered a sophisticated new phishing campaign that uses recognized brand names to bypass security filters as well as to trick victims into giving up Microsoft Office 365 credentials to gain access to corporate networks. A new report from Check Point Software first observed the...

Exploits0References6
ThreatPost
ThreatPost
added 2020/06/11 4:12 p.m.40 views

Podcast: Would You Use A Contact-Tracing Coronavirus App?

As a world afflicted by the coronavirus pandemic begins to re-open restaurants, retail stores and more, public-health officials remain concerned about the spread of the virus. Technology for contact-tracing apps, intended to help citizens trace whether they were exposed to someone who has tested...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/05/22 2:12 p.m.40 views

NSO Group Impersonates Facebook Security Team to Spread Spyware — Report

According to an investigative journalist team, the Israeli authors of the infamous Pegasus mobile spyware, NSO Group, have been using a spoofed Facebook login page, crafted to look like an internal Facebook security team portal, to lure victims in. The news comes as Facebook alleges that NSO Grou...

Exploits0References16
ThreatPost
ThreatPost
added 2020/05/12 8:53 p.m.40 views

REvil Ransomware Attack Hits A-List Celeb Law Firm

A popular law firm that works with several A-list celebrities, including Lady Gaga, Drake and Madonna, has been hit by a ransomware attack. Hackers are now threatening to release the 756 gigabytes of data allegedly stolen – including non-disclosure agreements, client contracts and personal...

6.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/05/12 4:3 p.m.40 views

WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover

Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover. According to researchers at WordPress, both security bugs can lead to cross-site request forgery CSRF and...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/04/28 3:0 p.m.40 views

Sophisticated Android Spyware Attack Spreads via Google Play

A sophisticated, ongoing espionage campaign aimed at Android users in Asia is likely the work of the OceanLotus advanced persistent threat APT actor, researchers said this week. Dubbed PhantomLance by Kaspersky, the campaign is centered around a complex spyware that’s distributed via dozens of ap...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/04/09 8:34 p.m.40 views

Unique P2P Architecture Gives DDG Botnet 'Unstoppable' Status

The coin-mining botnet known as DDG has seen a flurry of activity since the beginning of the year, releasing 16 different updates over the course of the past three months. Most notably, its operators have adopted a proprietary peer-to-peer P2P mechanism that has turned the DDG into a highly...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/24 12:59 p.m.40 views

Tekya Malware Threatens Millions of Android Users via Google Play

Researchers have discovered a new family of auto-clicker malware that commits mobile ad fraud, lurking in 56 apps on the Google Play store. Collectively, they have been downloaded nearly a million times worldwide. A team from Check Point Software recently discovered the malware, dubbed Tekya, whi...

7.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/03/20 1:54 p.m.40 views

Covid-19 Spurs Facial Recognition Tracking, Privacy Fears

In the midst of the ongoing coronavirus pandemic, facial recognition technology is being adopted globally as a way to track the virus’ spread. But privacy experts worry that, in the rush to implement COVID-19 tracking capabilities, important and deep rooted issues around data collection and...

0.5AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/02/14 5:45 p.m.40 views

SMS Phishing Campaign Targets Mobile Bank App Users in North America

A mobile phishing campaign that targeted customers of more than a dozen North American banks, including Chase, Royal Bank of Canada and TD Bank, managed to hook nearly 4,000 victims. The attacks used an automated SMS tool to blast bogus security text messages to mobile phone users between June an...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/07 3:43 p.m.40 views

FBI Taps Apple to Unlock Pensacola Shooter's iPhone

The Federal Bureau of Investigation is once again asking Apple to help unlock the iPhone of a potential terrorist. The FBI is looking to crack two iPhones that they believe were owned by Mohammed Saeed Alshamrani, the Saudi-born suspect in the shooting attack that killed three people in December ...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/12/10 4:12 p.m.40 views

Amazon's Blink Smart Security Cameras Open to Hijack

Multiple high-severity vulnerabilities have been discovered in Amazon-owned Blink XT2 security camera systems, which if exploited could give attackers complete control over them. The internet of things IoT cameras not to be confused with the Blink open-source browser engine, consist of a wireless...

10CVSS8.6AI score0.03769EPSS
Exploits7References8
ThreatPost
ThreatPost
added 2019/11/26 7:44 p.m.40 views

Magecart Group Switches Up Tactics with MiTM, Phishing

A fresh splinter group under the Magecart umbrella has been discovered ramping up activity starting in August-September of 2019. It’s using a unique codebase and different tactics to carry out its attacks, according to researchers. Magecart is an umbrella term encompassing several different threa...

0.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/07/08 8:39 p.m.40 views

GE Aviation Passwords, Source Code Exposed in Open Jenkins Server

A public Jenkins server owned by GE Aviation has exposed source code, plaintext passwords, global system configuration details and private keys from the company’s internal commercial infrastructure. GE Aviation, a subsidiary of General Electrics, is among the top commercial aircraft engine...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/05/01 8:36 p.m.40 views

Wipro Attackers Have Operated Under the Radar for Years

New details are emerging in the April attack on systems consulting behemoth Wipro, which saw its network hacked and used for mounting attacks on a dozen of its customers. In a fresh analysis of the indicators of compromise IOCs, Flashpoint analysts said that the cyberattackers have actually been...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/04/22 4:45 p.m.40 views

Evil TeamViewer Attacks Under the Guise of the U.S. State Department

UPDATE A targeted, email-borne attack against embassy officials and government finance authorities globally is making use of a malicious attachment disguised as a top-secret U.S. document. It weaponizes TeamViewer, the popular remote-access and desktop-sharing software, to gain full control of th...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/13 4:58 p.m.40 views

MAGA 'Safe Space' App Developer Threatens Security Researcher

UPDATE A newly released 63red Safe mobile app that aims to help wary Trump supporters find “safe” and conservative-friendly places to wear Make America Great Again MAGA gear turns out to have a host of security issues, according to one researcher. Meanwhile, Scott Wallace, the Oklahoma-based mobi...

7.5AI score
Exploits0References17
ThreatPost
ThreatPost
added 2019/01/29 1:0 p.m.40 views

Researchers Allege 'Systemic' Privacy, Security Flaws in Popular IoT Devices

Researchers are highlighting the insecure nature of Internet of Things devices in a report released Tuesday alleging a bevy of popular consumer connected devices sold at major retailers such as Walmart and Best Buy are riddled with security holes and privacy issues. In analyzing 12 different IoT...

7.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2018/10/11 8:19 p.m.40 views

ThreatList: Credential Theft Spikes by Triple Digits in U.S.

Credential theft was substantially up in the United States during the third quarter – even as declines were charted in Europe and Asia. What credentials go for on the Dark Web. Periodic analysis from Blueliv shows a whopping 141 percent increase in compromised credentials from North American...

7.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2018/08/13 5:26 p.m.40 views

GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig

UPDATE GoDaddy, the world’s largest domain name registrar, has exposed high-level configuration information for tens of thousands of systems and competitively sensitive pricing options for running those systems in Amazon AWS, thanks to yet another cloud storage misconfiguration. The documents wer...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/07/26 3:50 p.m.40 views

Sen. Wyden Urges Government Ban on Adobe Flash

Citing security concerns, Sen. Ron Wyden is urging the government to create a plan to transition away from Adobe Flash before the vendor stops supporting it in 2020. To that end, the Oregon Democrat delivered a formal request to the National Security Agency and the National Institute of Standards...

6.8CVSS1AI score0.18002EPSS
Exploits1References10
Total number of security vulnerabilities5000