Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2020/12/23 7:2 p.m.37 views

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

The advanced persistent threat APT known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found that Lazarus Group — widely...

0.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/12/22 4:5 p.m.37 views

Joker's Stash Carding Site Taken Down

Joker’s Stash, the carding site where cybercriminals hawk their payment-card wares, has suffered a blow after law enforcement apparently seized one of its domains. Joker’s Stash is a popular cybercriminal destination that specializes in trading in payment-card data, offering millions of stolen...

0.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/12/21 9:1 p.m.37 views

Defending Against State and State-Sponsored Threat Actors

Security threats from states and state-sponsored actors have been around since before the field of cybersecurity was defined. They have now evolved to cyberspace, and present unique challenges for defenders. While there are fundamental differences between activist and criminal activity, and those...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/12/11 5:5 p.m.37 views

Facebook Shutters Accounts Used in APT32 Cyberattacks

Facebook has shut down several accounts and Pages on its platform, which were used to launch phishing and malware attacks by two cybercriminal groups: APT32 in Vietnam and an unnamed threat group based in Bangladesh. Click to register. The social-media giant said it has removed both groups’ abili...

6.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/12/02 9:21 p.m.37 views

Think-Tanks Under Attack by Foreign APTs, CISA Warns

The Cybersecurity and Infrastructure Security Agency CISA and the FBI have issued a warning on what they say are persistent, continued cyberattacks by advanced persistent threat APT actors targeting U.S. think-tanks. The attackers are looking to steal sensitive information, acquire user credentia...

0.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/12/02 3:44 p.m.37 views

Microsoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash

Microsoft has announced what it calls a more privacy-friendly version of its Productivity Score enterprise feature, following backlash from security experts who condemned it as a “full-fledged workplace surveillance tool.” The Productivity Score feature, which was launched as part of the Microsof...

Exploits0References11
ThreatPost
ThreatPost
added 2020/12/01 1:18 p.m.37 views

Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout

Just in time for a busy online holiday shopping season, the Magecart gang has come up with a new credit-card skimming technique for hijacking PayPal transactions during checkout. A security researcher who identifies himself as Affable Kraut discovered the technique, which uses...

7AI score
Exploits0References21
ThreatPost
ThreatPost
added 2020/11/19 4:56 p.m.37 views

Food-Supply Giant Americold Admits Cyberattack

Americold, a company whose cold-storage capabilities are integral to the U.S. food-supply chain and soon, COVID-19 vaccine distribution, has confirmed an operations-impacting cyberattack, according to a filing with the Securities and Exchange Commission SEC. The filing was brief and read in part:...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/16 9:47 p.m.37 views

Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack

Cybercriminals are tricking adult website visitors – including sites such as bravoporn.com and xhamster.com – in malvertising attacks that redirect victims to malicious websites serving up malware. The campaign, which is part of a larger malvertising effort dubbed “malsmoke”, has been tracked...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/11/10 5:12 p.m.37 views

Apple to Deliver 'Privacy Labels' for Apps, Revealing Data-Sharing Details

After years of complaints about over-permissioned apps that collect, use and share private user information, Apple will be making developer privacy policies more transparent for consumers. Starting Dec. 8, iOS and macOS developers will be required to provide detailed information about how their...

6.4AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/11/06 7:55 p.m.37 views

Feds Seize $1B in Bitcoin from Silk Road

The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. The federal coffers are now $1 billion richer. Silk Road was known for the place to go to broker illegal drugs, murder-for-hire, child pornography and malware – such as passwo...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/09/30 4:27 p.m.37 views

Facebook Small Business Grants Spark Identity-Theft Scam

Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts. The perpetrators are trying to dupe people into thinking that the social network is handing out free money to...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/09/29 12:0 p.m.37 views

Telehealth Poll: How Risky Are Remote Doctor Visits?

Telemedicine is enjoying a healthy boom, as more doctors, clinics and hospitals reduce in-person risks associated with COVID-19. Pre-pandemic, .01 percent of healthcare visits were virtual. The percentage today has leveled off to 21 percent, after peaking at 69 percent earlier this year, accordin...

1.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/07/09 4:50 p.m.37 views

Joker Android Malware Dupes Its Way Back Onto Google Play

A new variant of the infamous Joker malware has once again made it onto Google Play, with Google removing 11 malicious Android applications from its official app marketplace, researchers disclosed Thursday. Malicious apps spreading the Joker have continued to skirt Google Play’s protections since...

7.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/06/29 9:3 p.m.37 views

REvil Ransomware Gang Adds Auction Feature for Stolen Data

The REvil ransomware gang also known as Sodinokibi has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns. The auction capability appeared at the beginning of June, according to an analysis from Cyberint. In...

7.3AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/06/17 1:0 p.m.37 views

Fighting Cyber Attacks With Game Theory

The role of cybersecurity defenders is usually unfair. They have disadvantages — as they have to continuously build up perimeters that protect their networks and prevent intrusions. An attacker only needs to discover a single flaw, a small hole in the wall, and breach entire complex defenses. How...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/06/11 8:37 p.m.37 views

Microsoft Outlook Users Targeted By Gamaredon's New VBA Macro

The Gamaredon threat group has given its post-compromise toolset a facelift with the addition of a new Visual Basic for Applications VBA macro. The VBA macro leverages compromised victims’ Microsoft Outlook email accounts to send spear-phishing emails to their contacts – rapidly widening the...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/06/11 6:42 p.m.37 views

Kubernetes Falls to Cryptomining via Machine-Learning Framework

A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft. The Kubeflow open-source project is a popular framework for running machine-learning ML tasks in Kubernetes. According to an...

1.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/05/28 3:59 p.m.37 views

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time

A Java-based ransomware known as PonyFinal has galloped onto the scene, targeting enterprise systems management servers as an initial infection vector. According to a warning on Twitter from Microsoft Security Intelligence on Wednesday, PonyFinal is not an automated threat, but rather has humans...

0.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/05/15 1:17 p.m.37 views

Paying Ransomware Crooks Doubles Clean-up Costs, Report

New research bolsters the often ignored advice to organizations not to pay a ransomware demanded by attackers. The report found paying a ransom to unlock systems can actually cost companies more financially than recovering data themselves in the long run. Research conducted by Vanson Bourne and...

Exploits0References9
ThreatPost
ThreatPost
added 2020/05/04 10:31 p.m.37 views

Airplane Hack Exposes Weaknesses of Alert and Avoidance Systems

The aircraft safety system known as the Traffic Alert and Collision Avoidance System TCAS can be coerced into sending an airplane on a mid-air rollercoaster ride – much to the horror of those onboard. Researchers were able to cobble together an effective method for spoofing the TCAS using a $10...

0.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/04/27 4:14 p.m.37 views

U.S. Universities Hit With 'Adult Dating' Spear-Phishing Attack

Several U.S. universities have been targeted in a widespread spear-phishing attack that uses adult dating as a lure. In reality, the emails spread the Hupigon remote access trojan RAT, known to be leveraged by state-sponsored threat actors. Researchers from Proofpoint warned that the ongoing...

0.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/03/19 9:49 p.m.37 views

Coronavirus Poll Results: Cyberattacks Ramp Up, WFH Prep Uneven

As the COVID-19 pandemic continues to sweep the globe and Americans are told to isolate from others, many organizations are sending employees home to work. While most respondents in a Threatpost poll this week said they feel prepared from a security standpoint for this transition, a fifth of them...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/03/12 8:52 p.m.37 views

Researchers Warn of Novel PXJ Ransomware Strain

Researchers have discovered a new strain of ransomware, dubbed “PXJ,” which emerged in the wild in early 2020. While PXJ performs functions similar to other ransomware variants, it does not appear to share the same underlying code with most known ransomware families, researchers said. They first...

0.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/03/10 10:0 a.m.37 views

Spear-Phishing Attack Lures Victims With 'HIV Results'

Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...

0.1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/03/04 5:48 p.m.37 views

Microsoft OneNote Used To Sidestep Phishing Detection

A phishing campaign was recently discovered leveraging OneNote, Microsoft’s digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims’ systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/02/12 2:0 p.m.37 views

Report to Your Management with the Definitive ‘IR Management and Reporting’ presentation Template

The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/02/04 10:50 p.m.37 views

Community Housing Nonprofit Hit with $1.2M Loss in BEC Scam

A non-profit community housing collective has been swindled out of more than $1.2 million in a business email compromise BEC campaign. Red Kite Community Housing, a coop housing association in High Wycombe, U.K. outside of London announced in a recent website notice that £932,000 of the money pai...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/24 9:34 p.m.37 views

ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates

Ransomware costs more than doubled in the fourth quarter of 2019, with the average ransom payment skyrocketing to $84,116, a 104 percent surge up from $41,198 in the third quarter. Researchers said that the leap up in ransomware costs are due in large part to some attackers pushing variants such ...

1AI score
Exploits0References21
ThreatPost
ThreatPost
added 2019/12/17 8:26 p.m.37 views

The Best Templates for Posting Cybersecurity Jobs

The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO’s top priority. Cynet’s Ultimate Cybersecurity Job Posting...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/11/20 5:0 p.m.37 views

ThreatList: Admin Rights for Third Parties is the Norm

Organizations are continuing to fall down on the job when it comes to addressing cybersecurity risk around third parties; in fact, 61 percent of respondents in a recent survey said they’re unsure if partners, contractors, suppliers and others are accessing or attempting to access unauthorized dat...

0.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/11/12 9:11 p.m.37 views

Plugging the Data Leak in Manufacturing

More often than not, when then the internet of things IoT is brought up these days, it conjures images of Alexa, Siri and Cortana. These personal assistants can help users turn on a smart light bulb, flick on the oven and get you the day’s news, all in one fell swoop. However, IoT has evolved far...

0.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/08/02 5:37 p.m.37 views

Critical Bug in Android Antivirus Exposes Address Books

A slew of popular free Android antivirus apps in recent testing proved to have security holes and privacy issues – including a critical vulnerability that exposes user’s address books, and another serious flaw that enables attackers to turn off antivirus protection entirely. According to an...

5.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/04/22 8:40 p.m.37 views

Is Privacy Really iPhone? Researchers Weigh in on Apple's Targeted Ad Tracking

Apple has a consistent track record of implementing privacy controls, which it has been touting via a series of saturating “Privacy? That’s iPhone” television ads. Yet, though it may be deservedly capitalizing on the increasing privacy-consciousness of consumers out there and the negative headlin...

6.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/01/29 8:30 p.m.37 views

Japan to Hunt Down Citizens' Insecure IoT Devices

The Japanese government is taking the problem of insecure IoT devices into its own hands, with what some say is an audacious plan to carry out wide-scale penetration testing on its citizens’ gadgets. The country’s National Institute of Information and Communications Technology NICT has been taske...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/01/02 3:42 p.m.37 views

Chrome in Android Leaks Device Fingerprinting Info

Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS “working as intended.” The issue – which still doesn’t have a CVE designation despite being partially addressed as a problem – has to do with how...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/09/18 7:40 p.m.37 views

ThreatList: Malware Samples Targeting IoT More Than Double in 2018

It’s no secret that connected devices are posing a security threat in the commercial, consumer and industrial worlds. A fresh report on this expanding threat landscape shows that attacks are accelerating, with MikroTik routers, Telnet password-cracking and the Mirai botnet dominating the...

5CVSS0.8AI score0.1741EPSS
Exploits6References13
ThreatPost
ThreatPost
added 2018/05/30 8:12 p.m.37 views

Bug In Git Opens Developer Systems Up to Attack

UPDATE Git repository hosting services GitHub, GitLab and Microsoft VSTS each patched a serious vulnerability on Tuesday that could lead to arbitrary code execution when a developer uses a malicious repository. Developers behind the open-source development Git tool pushed out Git 2.17.1, addressi...

6.8CVSS8.3AI score0.49188EPSS
Exploits10References4
ThreatPost
ThreatPost
added 2018/03/21 3:56 p.m.37 views

Facebook Fallout Continues as Politicians Call For Legal Action

A legal backlash against Facebook’s latest controversy is starting to gain momentum. Lawmakers from around the country are calling for investigations into Facebook after the company revealed that the data of 50 million platform users had leaked through a third-party app. Both New York and...

0.2AI score
Exploits0References15
ThreatPost
ThreatPost
added 2018/01/30 11:6 a.m.37 views

Cisco Patches Critical VPN Vulnerability

Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on...

10CVSS0.5AI score0.87397EPSS
Exploits7References9
ThreatPost
ThreatPost
added 2018/01/23 6:52 p.m.37 views

Satori Author Linked to New Mirai Variant Masuta

Researchers at NewSky Security say the hacker behind a Mirai malware variant called Satori, also known as Mirai Okiru, is the same hacker behind two new Mirai variants called Masuta and PureMasuta. Based on source code for Masuta malware recently found on the dark web, researchers at NewSky...

1.5AI score0.99975EPSS
Exploits8References4
ThreatPost
ThreatPost
added 2017/12/12 5:12 p.m.37 views

Microsoft December Patch Tuesday Update Fixes Six Critical Bugs

Microsoft patched 34 vulnerabilities that are part of its December Patch Tuesday release. A total of 20 vulnerabilities were rated critical and another 12 were rated important. Impacted are Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint and Exchange. Notable...

9.3CVSS8.7AI score0.64164EPSS
Exploits4References9
ThreatPost
ThreatPost
added 2017/12/06 2:48 p.m.37 views

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

Google patched a critical encryption bug found on its Pixel, Pixel 2 and Nexus phones this week along with delivering 49 other fixes, part of its December Pixel / Nexus Security Bulletin. Five of the patches relate to vulnerabilities rated high. One of the patches CVE-2017-13167 is for an elevati...

10CVSS8.2AI score0.01437EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2017/09/22 11:0 a.m.37 views

Samba Update Patches Two SMB-Related MiTM Bugs

Samba this week released three security updates, including two related to SMB connections that could be abused by an attacker already on the network to hijack connections and manipulate traffic or data sent from a client. The most serious of the bugs is CVE-2017-12150 where with certain...

5.8CVSS1.2AI score0.13228EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2017/05/10 10:10 a.m.37 views

Cisco Patches IOS XE Vulnerability Leaked in Vault 7 Dump

Cisco released an update this week that addresses a vulnerability in software running in more than 300 of its switches. The flaw was disclosed among the WikiLeaks Vault 7 dump of alleged CIA offensive hacking tools, and proof-of-concept exploit code exists that targets the vulnerability. Cisco sa...

10CVSS0.9AI score0.98975EPSS
Exploits12References3
ThreatPost
ThreatPost
added 2017/05/03 3:39 p.m.37 views

Researcher: 'Baseless Assumptions' Exist About Intel AMT Vulnerability

Researchers at Embedi who found the critical Active Management Technology AMT flaw in Intel chips said in a blog published today there were “a tremendous amount of baseless assumptions” being made about the vulnerability. According Embedi CTO Dmitry Evdokimov, an information vacuum has predictabl...

10CVSS0.92189EPSS
Exploits7References4
ThreatPost
ThreatPost
added 2017/01/10 12:47 p.m.37 views

January 2017 Adobe Flash, Reader, Acrobat Security Patches

Adobe today released its first patches of the year, a familiar refrain of Flash Player and Reader fixes, none of which are under attack. The Flash update addresses 13 vulnerabilities, all but one of which trigger remote code execution attacks. Meanwhile, 29 bugs were patched in Reader and Acrobat...

7.5CVSS0.9AI score0.06869EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2016/12/02 11:45 a.m.37 views

Google Fixes 12 High-Severity Vulnerabilities In Chrome Browser

Google is urging Windows, Mac and Linux users to update their Chrome browsers to fix multiple vulnerabilities that could allow malicious third parties to take control of targeted systems. Released Thursday, Chrome version 55.0.2883.75 for Windows, Mac, and Linux fixes those security issues. It al...

6.8CVSS0.5AI score0.11182EPSS
Exploits5References4
ThreatPost
ThreatPost
added 2016/09/20 5:14 p.m.38 views

Apple Squashes 68 Security Bugs With Sierra Release

With the release of macOS Sierra 10.12 Tuesday, Apple snuffed out dozens of lingering security vulnerabilities in OS X El Capitan and Yosemite. Along with updates to its OS, Apple addressed security bugs in its Safari web browser and macOS Server in separate security bulletins, also released...

10CVSS2AI score0.05764EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2016/09/06 2:0 p.m.37 views

Google Patches Quadrooter Vulnerabilities in Android

The Quadrooter vulnerabilities made a lot of people take notice because the scale of affected Android devices more than 900,000 put it on a level with Stagefright and other bugs that impact a large majority of the Android ecosystem. Some details on the four vulnerabilities were publicly disclosed...

9.3CVSS1AI score0.00479EPSS
Exploits0References3
Total number of security vulnerabilities5000