Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2021/02/17 6:20 p.m.36 views

U.S. Accuses DPRK Hackers of Stealing Millions

The U.S. Department of Justice has indicted three North Korean computer programmers for their alleged participation in widespread, destructive cyberattacks as part of the advanced persistent threat APT known as Lazarus Group. The indictment broadens the scope of crimes that the DoJ has linked to...

Exploits0References10
ThreatPost
ThreatPost
added 2021/02/11 12:0 p.m.36 views

Military, Nuclear Entities Under Target By Novel Android Malware

Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat APT group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call “Hornbill” and “SunBird,” have sophisticated...

1.1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/01/07 6:34 p.m.36 views

Threatpost Poll: Weigh in on Ransomware Security

It’s no secret that ransomware attacks continue to rise – with the number of attacks jumping by 350 percent since 2018. Healthcare systems have been hit particularly hard over the past year by ransomware actors, with a recent report saying that healthcare organizations have seen a 45 percent...

7.2AI score
Exploits0References19
ThreatPost
ThreatPost
added 2020/12/17 11:7 p.m.36 views

Nuclear Weapons Agency Hacked in Widening Cyberattack

The Energy Department and its National Nuclear Security Administration NNSA, which is the agency that maintains the U.S. nuclear stockpile, have been compromised as part of the widespread cyberattack uncovered this week stemming from the massive SolarWinds hack. An exclusive report by Politico...

0.5AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/12/17 5:0 p.m.36 views

Code42 Incydr Series: Bringing Shadow IT into the light with Code42 Incydr

Shadow IT is hardly a hidden threat to security professionals. Gartner was warning, way back in 2016, that 1 in 3 successful attacks experienced by enterprises would come from the use of unsanctioned apps by 2020. Code42’s Data Exposure Report just about proves Gartner’s prediction, showing that...

7.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/12/10 4:26 p.m.36 views

PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers

Researchers are warning on an active ransomware campaign that’s targeting MySQL database servers. The ransomware, called PLEASEREADME, has thus far breached at least 85,000 servers worldwide – and has posted at least 250,000 stolen databases on a website for sale. MySQL is an open-source relation...

6.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/12/03 2:0 p.m.36 views

Code42 Incydr Series: Honing in on high-risk users with Code42 Incydr

The crux of the insider threat challenge is that everyone can be a risk. That’s why most security teams are focusing on gaining broader and deeper visibility into all file activity — especially the surge in remote, off-network activity. But this doesn’t mean that security teams should discount...

Exploits0References4
ThreatPost
ThreatPost
added 2020/12/02 5:9 p.m.36 views

Healthcare 2021: Cyberattacks to Center on COVID-19 Spying, Patient Data

Sophisticated cybercriminals have been trying to steal COVID-19 vaccine research – and researchers say there’s more of that to come going into 2021. Intellectual property theft will join ransomware, cloud-stored patient data theft and advanced phishing efforts as the main hallmarks of...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/10/28 5:23 p.m.36 views

How the Pandemic is Reshaping the Bug Bounty Landscape

The pandemic has overhauled the bug-bounty landscape, both for companies looking to adopt such programs and the bounty hunters themselves. Casey Ellis, founder and CTO of Bugcrowd, said that COVID-19’s far-reaching implications — including increasing the acceptance of remote work, pushing more...

6.7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/10/16 1:26 p.m.36 views

TikTok Launches Bug Bounty Program Amid Security SNAFUs

TikTok has expanded its vulnerability disclosure policy to include a global bug-bounty program through a partnership with the ethical hacker platform HackerOne. The bug-bounty program launch signals a new direction for the Chinese-owned video-sharing app, which has been much maligned for its...

8.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/07 7:15 p.m.36 views

Feds Sound Alarm Over Emotet Attacks on State, Local Govs

A dramatic uptick in Emotet phishing attacks since July has led the U.S. Cybersecurity and Infrastructure Security Agency CISA to issue a warning that state and local governments need to fortify their systems against the trojan. “This increase has rendered Emotet one of the most prevalent ongoing...

0.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/10/01 9:5 p.m.36 views

Emotet Emails Strike Thousands of DNC Volunteers

On Thursday, hundreds of U.S. organizations were targeted by an Emotet spear-phishing campaign, which sent thousands of emails purporting to be from the Democratic National Committee and recruiting potential Democratic volunteers. Emotet has historically utilized a variety of lure themes leveragi...

0.4AI score
Exploits0References18
ThreatPost
ThreatPost
added 2020/09/30 7:14 p.m.36 views

Android Spyware Variant Snoops on WhatsApp, Telegram Messages

Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media apps WhatsApp and Telegram. The malware, Android/SpyC32.A, is currently being used in active campaigns...

0.6AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/09/18 5:56 p.m.36 views

Security Takeaways from the Great Work-from-Home Experiment

As states deal with re-opening and in some cases, re-closing, the reality is that for many organizations, remote work will play a significant role in business through 2020 and beyond. And so will increased cybercriminal activity, as demonstrated by a 131 percent increase in viruses and about 600...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/08/18 12:56 p.m.36 views

IcedID Trojan Rebooted with New Evasive Tactics

Threat actors have enhanced a banking trojan that has been widely used during the COVID-19 pandemic with new functionality to help it avoid detection by potential victims and standard security protections. Attackers have implemented several new features — including a password-protected attachment...

7.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/08/05 10:27 p.m.36 views

Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers

Voting machine-maker Election Systems & Software ES&S has formally announced a vulnerability disclosure policy, Wednesday, during a Black Hat USA 2020 session. The move, which comes with the U.S. presidential elections looming in November, shows that voting-machine vendors are beginning to take t...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/06/25 1:9 p.m.36 views

Office 365 Users Targeted By 'Coronavirus Employee Training' Phish

Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/06/15 7:46 p.m.36 views

Intel Adds Anti-Malware Protection in Tiger Lake CPUs

Intel’s upcoming class of mobile CPUs, code named “Tiger Lake,” will feature a long anticipated security layer, called Control-flow Enforcement Technology CET, which aims to protect against common malware attacks. CET protects against attacks on processors’ control flow, which refers to the order...

1.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/05/05 3:32 p.m.36 views

New Kaiji Botnet Targets IoT, Linux Devices

A new botnet has been infecting internet of things IoT devices and Linux-based servers, to then leverage them in distributed denial-of-service DDoS attacks. The malware, dubbed Kaiji, has been written from scratch, which researchers say is “rare in the IoT botnet landscape” today. Kaiji, which wa...

7.6AI score
Exploits0References14
ThreatPost
ThreatPost
added 2020/04/15 2:22 p.m.36 views

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

Much has been publicized about the shortage of personal protective equipment PPE and other supplies for healthcare facilities in the United States during the COVID-19 pandemic. Now, the FBI is warning that threat actors are taking advantage of efforts to procure PPE and critical equipment such as...

6.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/07/08 1:56 p.m.36 views

Post-Data Breach, British Airways Slapped With Record $230M Fine

UPDATE A record $230 million fine has been proposed against British Airways after a 2018 data breach impacted 500,000 of the airline’s customers. If approved, the fee would be the biggest General Data Protection Regulation GDPR fine to be issued to a company so far. On Monday, the Information...

7AI score
Exploits0References13
ThreatPost
ThreatPost
added 2019/04/19 9:16 p.m.36 views

Microsoft’s Latest Patch Hoses Some Antivirus Software

Microsoft’s April 9 security update is bogging down systems running antivirus software packages made by McAfee, Avast, ArcaBit, Avira and Sophos. According to Microsoft, the company’s April Patch Tuesday security update is causing some systems to have slow startup times, sluggish performance or...

2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/04/15 4:46 p.m.36 views

Fake Instagram Apps on Google Play Harvest User Logins

Three apps on Google Play claiming to help Instagram users amass followers have been found stealing usernames and passwords for the social photo service. The fake apps were uncovered by Malwarebytes, and are still available, according to Nathan Collier, a security researcher with the firm. “As th...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/08/14 5:9 p.m.36 views

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

A vulnerability in Microsoft’s Active Directory Federation Services ADFS has been uncovered that would allow malicious actors to bypass multi-factor authentication MFA safeguards. Many organizations rely on ADFS to manage identities and resources across their entire enterprise, and ADFS functions...

4.3CVSS0.5AI score0.07584EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2018/08/09 2:24 p.m.36 views

Black Hat 2018: Cortana Flaw Allowed Takeover of Locked Windows 10 Device

LAS VEGAS – Researchers sounded the security alarm here at Black Hat over issues tied to voice control – specifically with the Windows Cortana service. On Wednesday they outlined a flaw patched in June by Microsoft dubbed “Open Sesame” that allowed an adversary to bypass a Windows 10 lock screen...

4.6CVSS1.9AI score0.01643EPSS
Exploits0
ThreatPost
ThreatPost
added 2018/07/26 7:26 p.m.36 views

Bugs in Samsung IoT Hub Leave Smart Home Open To Attack

Researchers found 20 vulnerabilities in Samsung’s SmartThings Hub, allowing attackers to control smart locks, remotely monitor the home via connected cameras and perform other alarming functions. Cisco Talos researchers, who published a technical breakdown of the vulnerabilities on Thursday, said...

9CVSS0.4AI score0.01753EPSS
Exploits22References3
ThreatPost
ThreatPost
added 2018/05/17 4:16 p.m.36 views

Cisco Warns of Three Critical Bugs in Digital Network Architecture Platform

Cisco Systems patched three bugs on Wednesday that are rated critical, tied to its Digital Network Architecture DNA Center platform. Cisco also warned of four additional vulnerabilities – each rated high. All of the vulnerabilities have available patches for mitigation. All three of the critical...

10CVSS2.1AI score0.05398EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2018/04/12 7:12 p.m.36 views

Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords

A vulnerability in Microsoft Outlook allowed hackers to steal a user’s Windows password just by having the target preview an email with a Rich Text Format RTF attachment that contained a remotely hosted OLE object. The bug was patched by Microsoft as part of its April Patch Tuesday fixes, over a...

4.3CVSS0.7AI score0.09024EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2017/12/13 2:33 p.m.36 views

19-Year-Old TLS Vulnerability Weakens Website Crypto

A vulnerability called ROBOT, first identified in 1998, has resurfaced. Impacted are leading websites ranging from Facebook to Paypal, which are vulnerable to attackers that could decrypt encrypted data and sign communications using the sites’ own private encryption key. The vulnerability is foun...

10CVSS0.3AI score0.95707EPSS
Exploits15References7
ThreatPost
ThreatPost
added 2017/09/19 5:21 p.m.36 views

iOS 11 Update includes Patches for Eight Vulnerabilities

iOS 11 is out today and along with a new look and feel on the iPad especially comes a handful of patches for the Apple mobile OS. Apple addressed eight CVEs in today’s iOS update, and 15 overall as it also updated Safari and the Xcode development framework. Two Webkit bugs, CVE-2017-7106 and...

7.1CVSS0.1AI score0.061EPSS
Exploits6References3
ThreatPost
ThreatPost
added 2017/09/12 3:27 p.m.36 views

Adobe Fixes Eight Vulnerabilities in Flash, RoboHelp, ColdFusion

Adobe fixed eight vulnerabilities across three products, including two critical memory corruption bugs and a critical XML parsing flaw, with its regularly scheduled update on Tuesday. RoboHelp for Windows, ColdFusion, and as usual, Flash Player, all received updates as part of the company’s Patch...

7.5CVSS0.2AI score0.34848EPSS
Exploits8References6
ThreatPost
ThreatPost
added 2017/03/21 2:48 p.m.36 views

Critical Moodle Vulnerability Could Lead to Server Compromise

A critical vulnerability in Moodle, an open source PHP-based learning management system deployed across scores of schools and universities, could expose the server its running on to compromise. Tens of thousands of universities worldwide, including the California State University system, the...

7.5CVSS0.1AI score0.1453EPSS
Exploits4References15
ThreatPost
ThreatPost
added 2016/11/04 5:58 p.m.36 views

Inside the RIG Exploit Kit

Today’s most prolific exploit kit is RIG, which has filled a void left by the departure of Angler, Neutrino and Nuclear. That has made it public enemy No. 1 when it comes exploit kits. Now Cisco Talos researchers are hoping to shed new light into the ongoing development of the potent EK in hopes ...

9.3CVSS8.5AI score0.74096EPSS
Exploits9References3
ThreatPost
ThreatPost
added 2016/09/15 1:48 p.m.36 views

Microsoft Patches Zero Day Used in AdGholas Malvertising Campaigns

An attack group behind a long-running malvertising campaign made effective use of a previously unreported low-level vulnerability in Microsoft’s Internet Explorer and Edge browsers to rake in money via banking Trojans and ad fraud. Microsoft patched the zero-day this week among dozens of other...

2.6CVSS0.2AI score0.26286EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2016/06/02 12:59 p.m.36 views

Google Patches Two High-Severity Flaws in Chrome

Google on Wednesday updated the Chrome browser for the third time since the start of May. Chrome 51.0.2704.79 for Windows, Mac, and Linux patched 15 vulnerabilities. It also paid out $14,000 in bounties to prolific bug hunters Mariusz Mlynski $7,500 and Rob Wu $6,500. The previous Chrome update o...

6.8CVSS0.01849EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2016/03/17 6:41 p.m.36 views

Stagefright Variant 'Metaphor' Puts Millions Of Samsung, LG and HTC Phones At Risk

Millions of Android users are at risk of a new Metaphor exploit that can take over Samsung, LG and HTC phones in under 20 seconds. The hack gives attackers access to the targeted phones including the ability to inject malware and take control over key smartphone functions. Discovered by...

10CVSS7AI score0.87125EPSS
Exploits6References4
ThreatPost
ThreatPost
added 2016/03/14 9:24 a.m.36 views

Broken 2013 Java Patch Leads to Sandbox Bypass

Java’s miserable 2013 just will not go away. One of the endless parade of bugs found in the platform throughout 2013—many of which were zero-day vulnerabilities exploited in targeted attacks—apparently wasn’t closed off completely by an October 2013 patch released by Oracle. Researchers at Polish...

9.3CVSS9AI score0.04652EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2015/12/08 2:57 p.m.36 views

December 2015 Microsoft Patch Tuesday Security Bulletins

Forgive your local Windows admin if they’re a little shy on holiday cheer in the coming days. Blame instead Microsoft for foisting upon them on Tuesday 71 security patches, including two for vulnerabilities in Office and the Windows kernel currently under attack. Microsoft also issued a separate...

9.3CVSS1.3AI score0.99945EPSS
Exploits33References13
ThreatPost
ThreatPost
added 2015/10/21 5:27 p.m.36 views

Apple Patches Vulnerabilities in OS X, iOS, Including Pangu Jailbreak

It was only three weeks ago that Apple patched its core line of products and pushed its latest version of OS X, El Capitan. Yet another wave of patches arrived Thursday however to address scores of vulnerabilities in OS X, iOS, Safari, iTunes, and even the company’s smart watch operating system,...

4.3CVSS0.4AI score0.01533EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2015/08/13 1:0 p.m.36 views

Stagefright Patch Incomplete Leaving Android Devices Still Exposed

Google today released to open source a new patch for the infamous Stagefright vulnerability found in 950 million Android devices after researchers at Exodus Intelligence discovered the original patch was incomplete and Android devices remain exposed to attack. “We’ve already sent the fix to our...

10CVSS7.3AI score0.90483EPSS
Exploits6References5
ThreatPost
ThreatPost
added 2015/08/04 9:0 a.m.36 views

Rig Exploit Kit 3.0 Claims 1 Million Malvertising Victims

LAS VEGAS – A rampant malvertising campaign fueled by a new version of the Rig Exploit Kit has claimed at least 950,000 victims worldwide and is doing so with an unprecedented success rate. Researchers at Trustwave said in advance of this week’s Black Hat conference that they have been watching...

10CVSS0.93688EPSS
Exploits5References4
ThreatPost
ThreatPost
added 2015/07/20 3:4 p.m.36 views

Microsoft Issues Critical, Out-of-Band Patch for All Versions of Windows

Microsoft released an out-of-band patch Monday that addresses a critical remotely exploitable flaw in all versions of Windows. The vulnerability stems from how Windows’ Adobe Type Manager Library handles OpenType fonts. If a user was tricked into either opening a rigged document or visiting an...

9.3CVSS0.6AI score0.99945EPSS
Exploits34References2
ThreatPost
ThreatPost
added 2015/07/14 11:47 a.m.36 views

Adobe Patches Hacking Team Zero Days in Flash

Adobe has put the two outstanding Hacking Team Flash Player zero-day vulnerabilities in check. Today, Adobe released an updated Flash Player that patches CVE-2015-5122 and CVE-2015-5123, two use-after-free bugs uncovered and exploited by the controversial Italian surveillance software vendor. The...

10CVSS0.9AI score0.99344EPSS
Exploits11References11
ThreatPost
ThreatPost
added 2015/06/22 12:5 p.m.36 views

Google Fixes Handful of Bugs in Chrome

Google has fixed several vulnerabilities in Chrome, including a pair of cross-origin bypasses and a high-risk scheme validation error. The new release updates Chrome to version 43.0.2357.130 and there are patches for other security flaws as well, though Google has only published information on fo...

5CVSS0.1AI score0.02306EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2015/02/26 10:1 a.m.36 views

DDoS Exploit Targets Open Source Rejetto HFS

Apparently no vulnerability is too small, no application too obscure, to escape a hacker’s notice. A honeypot run by Trustwave’s SpiderLabs research team recently snared an automated attack targeting users of the open source Rejetto HTTP File Server Rejetto HFS. Someone was trying to exploit a...

7.5CVSS9.4AI score0.99323EPSS
Exploits23References3
ThreatPost
ThreatPost
added 2015/02/04 4:44 p.m.36 views

Adobe Begins Patching Third Flash Player Zero Day

Adobe announced today that it will begin distributing a patch for the third and most recent zero-day vulnerability in Flash Player. Version 16.0.0.305 will be distributed to users who have enabled auto-update. Adobe said it expects to have a manual update available tomorrow. “We are working with...

10CVSS1.4AI score0.95683EPSS
Exploits9References3
ThreatPost
ThreatPost
added 2014/03/31 3:59 p.m.36 views

Second NSA Crypto Tool Found in RSA BSafe

A team of academics released a study on the maligned Dual EC DRBG algorithm used in RSA Security’s BSafe and other cryptographic libraries that includes new evidence that the National Security Agency used a second cryptographic tool alongside Dual EC DRBG in Bsafe to facilitate spying. Allegation...

1.9CVSS0.1AI score0.00942EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2013/06/27 12:4 p.m.36 views

OpenSSL Man-in-the-middle flaw fixed in Ruby

The maintainers of Ruby have fixed a serious flaw in its SSL client that could have allowed an attacker to conduct man-in-the-middle attacks by spoofing an SSL server. The vulnerability lies in the OpenSSL toolkit that’s built in to Ruby and is present in several versions of the software from 1.8...

6.8CVSS4.3AI score0.02767EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2013/04/22 3:33 p.m.36 views

Details Available for Chrome, Java Pwn2Own Flaws

Details have been disclosed about vulnerabilities exploited in Chrome and Java during the Pwn2Own contest. Google made patches available for the Chrome flaw within 24 hours, while Oracle patched Java fully last week. Details were not disclosed by the researchers, who netted tens of thousands for...

10CVSS0.1AI score0.87227EPSS
Exploits10References6
ThreatPost
ThreatPost
added 2013/02/14 1:32 p.m.36 views

Flaws in Emergency Alert System Hardware Allow Remote Login, Zombie Alert Insertion

There are a set of easily exploited vulnerabilities in the appliances used in the emergency alert system EAS that could be used by attackers to log in to these boxes remotely and send fake emergency alerts like the one that interrupted a TV broadcast in Montana on Monday. The vulnerabilities...

1.4AI score
Exploits0References2
Total number of security vulnerabilities5000