15946 matches found
Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack
The advanced persistent threat APT known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found that Lazarus Group — widely...
Joker's Stash Carding Site Taken Down
Joker’s Stash, the carding site where cybercriminals hawk their payment-card wares, has suffered a blow after law enforcement apparently seized one of its domains. Joker’s Stash is a popular cybercriminal destination that specializes in trading in payment-card data, offering millions of stolen...
Defending Against State and State-Sponsored Threat Actors
Security threats from states and state-sponsored actors have been around since before the field of cybersecurity was defined. They have now evolved to cyberspace, and present unique challenges for defenders. While there are fundamental differences between activist and criminal activity, and those...
Facebook Shutters Accounts Used in APT32 Cyberattacks
Facebook has shut down several accounts and Pages on its platform, which were used to launch phishing and malware attacks by two cybercriminal groups: APT32 in Vietnam and an unnamed threat group based in Bangladesh. Click to register. The social-media giant said it has removed both groups’ abili...
Think-Tanks Under Attack by Foreign APTs, CISA Warns
The Cybersecurity and Infrastructure Security Agency CISA and the FBI have issued a warning on what they say are persistent, continued cyberattacks by advanced persistent threat APT actors targeting U.S. think-tanks. The attackers are looking to steal sensitive information, acquire user credentia...
Microsoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash
Microsoft has announced what it calls a more privacy-friendly version of its Productivity Score enterprise feature, following backlash from security experts who condemned it as a “full-fledged workplace surveillance tool.” The Productivity Score feature, which was launched as part of the Microsof...
Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout
Just in time for a busy online holiday shopping season, the Magecart gang has come up with a new credit-card skimming technique for hijacking PayPal transactions during checkout. A security researcher who identifies himself as Affable Kraut discovered the technique, which uses...
Food-Supply Giant Americold Admits Cyberattack
Americold, a company whose cold-storage capabilities are integral to the U.S. food-supply chain and soon, COVID-19 vaccine distribution, has confirmed an operations-impacting cyberattack, according to a filing with the Securities and Exchange Commission SEC. The filing was brief and read in part:...
Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack
Cybercriminals are tricking adult website visitors – including sites such as bravoporn.com and xhamster.com – in malvertising attacks that redirect victims to malicious websites serving up malware. The campaign, which is part of a larger malvertising effort dubbed “malsmoke”, has been tracked...
Apple to Deliver 'Privacy Labels' for Apps, Revealing Data-Sharing Details
After years of complaints about over-permissioned apps that collect, use and share private user information, Apple will be making developer privacy policies more transparent for consumers. Starting Dec. 8, iOS and macOS developers will be required to provide detailed information about how their...
Feds Seize $1B in Bitcoin from Silk Road
The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. The federal coffers are now $1 billion richer. Silk Road was known for the place to go to broker illegal drugs, murder-for-hire, child pornography and malware – such as passwo...
Facebook Small Business Grants Spark Identity-Theft Scam
Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts. The perpetrators are trying to dupe people into thinking that the social network is handing out free money to...
Telehealth Poll: How Risky Are Remote Doctor Visits?
Telemedicine is enjoying a healthy boom, as more doctors, clinics and hospitals reduce in-person risks associated with COVID-19. Pre-pandemic, .01 percent of healthcare visits were virtual. The percentage today has leveled off to 21 percent, after peaking at 69 percent earlier this year, accordin...
Joker Android Malware Dupes Its Way Back Onto Google Play
A new variant of the infamous Joker malware has once again made it onto Google Play, with Google removing 11 malicious Android applications from its official app marketplace, researchers disclosed Thursday. Malicious apps spreading the Joker have continued to skirt Google Play’s protections since...
REvil Ransomware Gang Adds Auction Feature for Stolen Data
The REvil ransomware gang also known as Sodinokibi has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns. The auction capability appeared at the beginning of June, according to an analysis from Cyberint. In...
Fighting Cyber Attacks With Game Theory
The role of cybersecurity defenders is usually unfair. They have disadvantages — as they have to continuously build up perimeters that protect their networks and prevent intrusions. An attacker only needs to discover a single flaw, a small hole in the wall, and breach entire complex defenses. How...
Microsoft Outlook Users Targeted By Gamaredon's New VBA Macro
The Gamaredon threat group has given its post-compromise toolset a facelift with the addition of a new Visual Basic for Applications VBA macro. The VBA macro leverages compromised victims’ Microsoft Outlook email accounts to send spear-phishing emails to their contacts – rapidly widening the...
Kubernetes Falls to Cryptomining via Machine-Learning Framework
A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft. The Kubeflow open-source project is a popular framework for running machine-learning ML tasks in Kubernetes. According to an...
PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time
A Java-based ransomware known as PonyFinal has galloped onto the scene, targeting enterprise systems management servers as an initial infection vector. According to a warning on Twitter from Microsoft Security Intelligence on Wednesday, PonyFinal is not an automated threat, but rather has humans...
Paying Ransomware Crooks Doubles Clean-up Costs, Report
New research bolsters the often ignored advice to organizations not to pay a ransomware demanded by attackers. The report found paying a ransom to unlock systems can actually cost companies more financially than recovering data themselves in the long run. Research conducted by Vanson Bourne and...
Airplane Hack Exposes Weaknesses of Alert and Avoidance Systems
The aircraft safety system known as the Traffic Alert and Collision Avoidance System TCAS can be coerced into sending an airplane on a mid-air rollercoaster ride – much to the horror of those onboard. Researchers were able to cobble together an effective method for spoofing the TCAS using a $10...
U.S. Universities Hit With 'Adult Dating' Spear-Phishing Attack
Several U.S. universities have been targeted in a widespread spear-phishing attack that uses adult dating as a lure. In reality, the emails spread the Hupigon remote access trojan RAT, known to be leveraged by state-sponsored threat actors. Researchers from Proofpoint warned that the ongoing...
Coronavirus Poll Results: Cyberattacks Ramp Up, WFH Prep Uneven
As the COVID-19 pandemic continues to sweep the globe and Americans are told to isolate from others, many organizations are sending employees home to work. While most respondents in a Threatpost poll this week said they feel prepared from a security standpoint for this transition, a fifth of them...
Researchers Warn of Novel PXJ Ransomware Strain
Researchers have discovered a new strain of ransomware, dubbed “PXJ,” which emerged in the wild in early 2020. While PXJ performs functions similar to other ransomware variants, it does not appear to share the same underlying code with most known ransomware families, researchers said. They first...
Spear-Phishing Attack Lures Victims With 'HIV Results'
Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...
Microsoft OneNote Used To Sidestep Phishing Detection
A phishing campaign was recently discovered leveraging OneNote, Microsoft’s digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims’ systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that...
Report to Your Management with the Definitive ‘IR Management and Reporting’ presentation Template
The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the...
Community Housing Nonprofit Hit with $1.2M Loss in BEC Scam
A non-profit community housing collective has been swindled out of more than $1.2 million in a business email compromise BEC campaign. Red Kite Community Housing, a coop housing association in High Wycombe, U.K. outside of London announced in a recent website notice that £932,000 of the money pai...
ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates
Ransomware costs more than doubled in the fourth quarter of 2019, with the average ransom payment skyrocketing to $84,116, a 104 percent surge up from $41,198 in the third quarter. Researchers said that the leap up in ransomware costs are due in large part to some attackers pushing variants such ...
The Best Templates for Posting Cybersecurity Jobs
The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO’s top priority. Cynet’s Ultimate Cybersecurity Job Posting...
ThreatList: Admin Rights for Third Parties is the Norm
Organizations are continuing to fall down on the job when it comes to addressing cybersecurity risk around third parties; in fact, 61 percent of respondents in a recent survey said they’re unsure if partners, contractors, suppliers and others are accessing or attempting to access unauthorized dat...
Plugging the Data Leak in Manufacturing
More often than not, when then the internet of things IoT is brought up these days, it conjures images of Alexa, Siri and Cortana. These personal assistants can help users turn on a smart light bulb, flick on the oven and get you the day’s news, all in one fell swoop. However, IoT has evolved far...
Critical Bug in Android Antivirus Exposes Address Books
A slew of popular free Android antivirus apps in recent testing proved to have security holes and privacy issues – including a critical vulnerability that exposes user’s address books, and another serious flaw that enables attackers to turn off antivirus protection entirely. According to an...
Is Privacy Really iPhone? Researchers Weigh in on Apple's Targeted Ad Tracking
Apple has a consistent track record of implementing privacy controls, which it has been touting via a series of saturating “Privacy? That’s iPhone” television ads. Yet, though it may be deservedly capitalizing on the increasing privacy-consciousness of consumers out there and the negative headlin...
Japan to Hunt Down Citizens' Insecure IoT Devices
The Japanese government is taking the problem of insecure IoT devices into its own hands, with what some say is an audacious plan to carry out wide-scale penetration testing on its citizens’ gadgets. The country’s National Institute of Information and Communications Technology NICT has been taske...
Chrome in Android Leaks Device Fingerprinting Info
Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS “working as intended.” The issue – which still doesn’t have a CVE designation despite being partially addressed as a problem – has to do with how...
ThreatList: Malware Samples Targeting IoT More Than Double in 2018
It’s no secret that connected devices are posing a security threat in the commercial, consumer and industrial worlds. A fresh report on this expanding threat landscape shows that attacks are accelerating, with MikroTik routers, Telnet password-cracking and the Mirai botnet dominating the...
Bug In Git Opens Developer Systems Up to Attack
UPDATE Git repository hosting services GitHub, GitLab and Microsoft VSTS each patched a serious vulnerability on Tuesday that could lead to arbitrary code execution when a developer uses a malicious repository. Developers behind the open-source development Git tool pushed out Git 2.17.1, addressi...
Facebook Fallout Continues as Politicians Call For Legal Action
A legal backlash against Facebook’s latest controversy is starting to gain momentum. Lawmakers from around the country are calling for investigations into Facebook after the company revealed that the data of 50 million platform users had leaked through a third-party app. Both New York and...
Cisco Patches Critical VPN Vulnerability
Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on...
Satori Author Linked to New Mirai Variant Masuta
Researchers at NewSky Security say the hacker behind a Mirai malware variant called Satori, also known as Mirai Okiru, is the same hacker behind two new Mirai variants called Masuta and PureMasuta. Based on source code for Masuta malware recently found on the dark web, researchers at NewSky...
Microsoft December Patch Tuesday Update Fixes Six Critical Bugs
Microsoft patched 34 vulnerabilities that are part of its December Patch Tuesday release. A total of 20 vulnerabilities were rated critical and another 12 were rated important. Impacted are Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint and Exchange. Notable...
Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones
Google patched a critical encryption bug found on its Pixel, Pixel 2 and Nexus phones this week along with delivering 49 other fixes, part of its December Pixel / Nexus Security Bulletin. Five of the patches relate to vulnerabilities rated high. One of the patches CVE-2017-13167 is for an elevati...
Samba Update Patches Two SMB-Related MiTM Bugs
Samba this week released three security updates, including two related to SMB connections that could be abused by an attacker already on the network to hijack connections and manipulate traffic or data sent from a client. The most serious of the bugs is CVE-2017-12150 where with certain...
Cisco Patches IOS XE Vulnerability Leaked in Vault 7 Dump
Cisco released an update this week that addresses a vulnerability in software running in more than 300 of its switches. The flaw was disclosed among the WikiLeaks Vault 7 dump of alleged CIA offensive hacking tools, and proof-of-concept exploit code exists that targets the vulnerability. Cisco sa...
Researcher: 'Baseless Assumptions' Exist About Intel AMT Vulnerability
Researchers at Embedi who found the critical Active Management Technology AMT flaw in Intel chips said in a blog published today there were “a tremendous amount of baseless assumptions” being made about the vulnerability. According Embedi CTO Dmitry Evdokimov, an information vacuum has predictabl...
January 2017 Adobe Flash, Reader, Acrobat Security Patches
Adobe today released its first patches of the year, a familiar refrain of Flash Player and Reader fixes, none of which are under attack. The Flash update addresses 13 vulnerabilities, all but one of which trigger remote code execution attacks. Meanwhile, 29 bugs were patched in Reader and Acrobat...
Google Fixes 12 High-Severity Vulnerabilities In Chrome Browser
Google is urging Windows, Mac and Linux users to update their Chrome browsers to fix multiple vulnerabilities that could allow malicious third parties to take control of targeted systems. Released Thursday, Chrome version 55.0.2883.75 for Windows, Mac, and Linux fixes those security issues. It al...
Apple Squashes 68 Security Bugs With Sierra Release
With the release of macOS Sierra 10.12 Tuesday, Apple snuffed out dozens of lingering security vulnerabilities in OS X El Capitan and Yosemite. Along with updates to its OS, Apple addressed security bugs in its Safari web browser and macOS Server in separate security bulletins, also released...
Google Patches Quadrooter Vulnerabilities in Android
The Quadrooter vulnerabilities made a lot of people take notice because the scale of affected Android devices more than 900,000 put it on a level with Stagefright and other bugs that impact a large majority of the Android ecosystem. Some details on the four vulnerabilities were publicly disclosed...