Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2012/08/08 8:16 p.m.34 views

Nepalese Government Sites Hacked, Serving Zegost Malware

Researchers have uncovered another in an ongoing series of targeted attacks against government agencies and activists, this time an attack that compromised a pair of Nepalese government web sites with code that exploits a Java vulnerability to install a backdoor on vistors’ machines. The attacker...

10CVSS2AI score0.98113EPSS
Exploits13References3
ThreatPost
ThreatPost
added 2012/08/07 4:47 p.m.34 views

OpFake, FakeInst Android Malware Variants Continue to Resist Detection

Android devices have remained a constant target of attacks over the last quarter thanks in part to new variants from the FakeInst and OpFake families of malware. According to the latest version of the F-Secure Mobile Threat Report, the firm found 5033 malicious Android application packages APKs, ...

1.9AI score
Exploits0References6
ThreatPost
ThreatPost
added 2012/08/06 1:46 p.m.34 views

Attackers Go Phishing for Payroll Workers With Java CVE-2012-1723 Exploit

The Java CVE-2012-1723 vulnerability is suddenly the golden child of bugs. The flaw, which Oracle patched in June, has been the target of several pieces of malware and Web-based attacks of late, and now researchers say there is a phishing scam targeting payroll and HR employees that involves and...

10CVSS0.9AI score0.93688EPSS
Exploits9References2
ThreatPost
ThreatPost
added 2012/08/03 3:17 p.m.34 views

Yahoo Sued By User Following Breach of 450,000 Passwords

Internet search conglomerate Yahoo is being sued by one of its users for negligence after the usernames and passwords of approximately 450,000 of its users were leaked by a hacker online last month. According to a complaint .PDF filed earlier this week in a federal court in San Jose, Calif., the...

10CVSS0.9AI score0.93688EPSS
Exploits9References3
ThreatPost
ThreatPost
added 2012/07/03 4:3 p.m.34 views

New Version of Sykipot Trojan Linked To Targeted Attacks On Aerospace Industry

A new version of the Sykipot Trojan is being pushed to unsuspecting users in a wave of online attacks, including targeted attacks on attendees of an international aerospace conference, according to researchers at the security firm AlienVault. The latest edition of the common Trojan Horse program...

9.3CVSS1.6AI score0.83638EPSS
Exploits12References7
ThreatPost
ThreatPost
added 2011/11/17 8:42 p.m.34 views

New Version of Stoned Bootkit Said to Bypass Windows 8 Secure Boot

A security researcher who has in the past has created low-level rootkits capable of staying resident on an infected machine after reboots, said he has now accomplished the same feat on Windows 8, which hasn’t even hit the shelves yet. Peter Kleissner said he has created a new version of his Stone...

9.3CVSS8.2AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2011/08/28 11:44 p.m.34 views

Weaknesses in Webkit Becoming Problematic

Attackers interested in getting the most bang for their buck focus on ubiquitous software. Microsoft’s Office, Adobe’s Acrobat and Oracle’s Java have all become popular platforms exploited by cybercriminals intent on compromising end users’ systems. Another platform has quietly made its way onto...

9.3CVSS9.1AI score0.03964EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2011/07/14 3:40 p.m.34 views

Anonymous Shifts Attention to Big Oil, Monsanto

Just days after infiltrating military contractor Booz Allen Hamilton, hacktivist group Anonymous has confirmed they’ve set their next target: Big oil. In a post on the AnonNews website, the group has announced their intent to shift their ongoing Operation Green Rights initiative to “protest...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2011/06/07 7:5 p.m.34 views

Google Fixes 15 Bugs in Chrome, Gives Users Ability to Delete Flash Cookies

Google has fixed more than a dozen security bugs in its Chrome browser, including five high-severity vulnerabilities and one that qualified for the company’s highest bug bounty, a $3133.7 reward. The new version of Chrome has fixes for 15 separate security vulnerabilities, the most critical of...

7.5CVSS0.1AI score0.01573EPSS
Exploits0References17
ThreatPost
ThreatPost
added 2010/11/09 8:55 p.m.34 views

Critical Office Hole Patched In November Release

Microsoft issued its monthly patch on Tuesday, releasing three security bulletins to fix security holes in a range of products, including a critical hole in versions of the Microsoft Office Suite. The three bulletins, MS10-087, 088 and -089 fixed a total of 11 vulnerabilities, five in Microsoft...

9.3CVSS2.2AI score0.99945EPSS
Exploits47References7
ThreatPost
ThreatPost
added 2010/04/01 3:18 p.m.34 views

China Hardest Hit by Latest IE Malware Attacks

Computer users in China and Korea were the hardest hit by the latest wave of zero-day malware attacks targeting a flaw in the Internet Explorer browser, according to data released by the Microsoft Malware Protection Center MMPC. The attacks, first spotted on March 9, included Trojan downloaders a...

9.3CVSS2.1AI score0.82172EPSS
Exploits15
ThreatPost
ThreatPost
added 2022/08/09 5:58 p.m.33 views

Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs

The U.S. government has slapped sanctions on virtual currency mixer Tornado Cash for laundering more than $7 billion in crypto cash derived from cybercriminal activity. At least $455 million of that was moved for state-sponsored Lazarus Group in part to help fund North Korea’s missile program,...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2022/06/14 10:55 a.m.33 views

Linux Malware Deemed ‘Nearly Impossible’ to Detect

A new Linux malware that’s “nearly impossible to detect” can harvest credentials and gives attackers remote access and rootkit functionality by acting in a parasitic way to infect targets, researchers said. Researchers from The BlackBerry Research and Intelligence Team have been tracking the...

8.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2022/06/07 1:25 p.m.33 views

Cyber Risk Retainers: Not Another Insurance Policy

The one-two punch of a cyberattack can be devastating. There is the breach and then the related mitigation costs. Implementing a comprehensive Incident Response IR gameplan into a worst-case-scenario should not be a post-breach scramble. And when that IR strategy includes insurance, it also must...

7.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2022/06/03 12:42 p.m.33 views

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

Evil Corp has shifted tactics once again, this time pivoting to LockBit ransomware after U.S. sanctions have made it difficult for the cybercriminal group to reap financial gain from its activity, researchers have found. Researchers from Mandiant Intelligence have been tracking a “financially...

7.5AI score
Exploits0References12
ThreatPost
ThreatPost
added 2022/01/26 10:39 p.m.33 views

TrickBot Crashes Security Researchers’ Browsers in Latest Upgrade

Trojan titan TrickBot has added a striking anti-debugging feature that detects security analysis and crashes researcher browsers before its malicious code can be analyzed. The new anti-debugging feature was discovered by Security Intelligence analysts with IBM, who reported the emergence of a...

7.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2022/01/26 9:24 p.m.33 views

‘Dark Herring’ Billing Malware Swims onto 105M Android Devices

Nearly 500 malicious apps lurking on the Google Play Store have successfully installed Dark Herring malware — a cash-stealer intended to add sneaky charges onto mobile carrier bills — on more than 100 million Android devices across the globe. That’s quite a school of fish. Dark Herring malware wa...

6.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2022/01/21 6:19 p.m.33 views

20K WordPress Sites Exposed by Insecure Plugin REST-API

More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing scams and more as the result of a high-severity cross-site scripting XSS bug discovered in the WordPress Email Template Designer – WP HTML Mail, a plugin for designing custom emails. The new vulnerability...

8.3CVSS6.7AI score0.70511EPSS
Exploits3References6
ThreatPost
ThreatPost
added 2022/01/13 2:0 p.m.33 views

Adobe Cloud Abused to Steal Office 365, Gmail Credentials

Attackers are leveraging Adobe Creative Cloud to target Office 365 users with malicious links that appear to be coming legitimately from Cloud users but instead direct victims to a link that steals their credentials, researchers have discovered. Researchers from Avanan, a Check Point company, fir...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/12/17 8:17 p.m.33 views

Facebook Bans Spy-for-Hire Firms for Targeting 50K People

Meta, Facebook’s parent company, has kicked six alleged spy-for-hire “cyber-mercenaries” to the curb, along with a mysterious Chinese law-enforcement supplier. It accused the entities of collectively targeting about 50,000 people for surveillance. In a report PDF entitled “Threat Report on the...

7.2AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/11/05 3:12 p.m.33 views

Proofpoint Phish Harvests Microsoft O365, Google Logins

Phishers are impersonating Proofpoint, the cybersecurity firm, in an attempt to make off with victims’ Microsoft Office 365 and Google email credentials. According to researchers at Armorblox, they spotted one such campaign lobbed at an unnamed global communications company, with nearly a thousan...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/11/03 7:47 p.m.33 views

Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign

The Mekotio Latin American banking trojan is bouncing back after several of the gang that operates it were arrested in Spain. More than 100 attacks in recent weeks have featured a new infection routine, indicating that the group continues to actively retool. “The new campaign started right after...

9.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/10/05 2:30 p.m.33 views

Facebook Blames Outage on Faulty Router Configuration

As of Monday night, Facebook had crawled back from what may have been its longest blackout ever and apologized for the mass outage that left billions of users locked out of Facebook, Instagram, WhatsApp, Messenger and Oculus VR for about six hours. \Sincere\ apologies to everyone impacted by...

6.9AI score
Exploits0References16
ThreatPost
ThreatPost
added 2021/09/30 7:32 p.m.33 views

Military’s RFID Tracking of Guns May Endanger Troops

Reports that the military has started outfitting firearms with RFID tags for tracking have raised security alarms. The concern: What if the enemy uses the tags to track soldiers on the battlefield? The Department of Defense, the Marines and the Navy have already rejected the RFID tagging tech for...

6.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/09/29 3:43 p.m.33 views

Conti Ransomware Expands Ability to Blow Up Backups

Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect. That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction ...

7.3AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/09/24 2:1 p.m.33 views

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco’s wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products. The...

10CVSS9.9AI score0.0287EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2021/09/23 2:8 p.m.33 views

FamousSparrow APT Spies on Hotels, Governments

A cyberespionage group dubbed “FamousSparrow” by researchers has taken flight, targeting hotels, governments and private organizations around the world with a custom backdoor called, appropriately, “SparrowDoor.” It’s one of the advanced persistent threats APTs that targeted the ProxyLogon...

8.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/09/23 11:10 a.m.33 views

Large-Scale Phishing-as-a-Service Operation Exposed

Microsoft uncovered a large-scale, well-organization and sophisticated phishing-as-a-service PhaaS operation. The turnkey platform allows users to customize campaigns and develop their own phishing ploys so they can then use the PhaaS platform to help with phishing kits, email templates and hosti...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/09/16 12:1 p.m.33 views

HP Omen Hub Exposes Millions of Gamers to Cyberattack

Millions of devices running the HP Omen Gaming Hub were using on a driver with a bug that could give attackers kernel-mode access without administrator privileges. HP has since released a patch, but a new report on the flaw CVE-2021-3437 from researchers from SentinelLabs details how the gaming...

9.8CVSS9.3AI score0.15551EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2021/09/13 6:8 p.m.33 views

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing

A security vulnerability in the WooCommerce Multi Currency plugin could allow any customer to change the pricing for products in online stores. WooCommerce is a popular eCommerce plugin for WordPress-powered websites; the Multi Currency plugin from Envato meanwhile allows e-tailers using...

7.3AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/09/08 7:0 p.m.33 views

Tooling Network Detection & Response for Ransomware

Everywhere you look, there are new reports coming out about ransomware. And cybercriminals are becoming more aggressive, demanding even more in ransom payments than ever before. According to Palo Alto Networks’ Unit 42, ransom payments are up 82 percent in the first half of 2021, with an average...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2021/08/23 11:18 p.m.33 views

Microsoft Spills 38 Million Sensitive Data Records Via Careless Power App Configs

For months, Microsoft’s Power Apps portals exposed personal data tied to 38 million records ranging from COVID-19 vaccination status, Social Security numbers and email addresses. Consumers most affected by what is being called a “platform issue” are those doing business with American Airlines,...

6.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/06/29 7:49 p.m.33 views

Users Clueless About Cybersecurity Risks: Study

Organizations are facing yet another unprecedented threat to their cybersecurity now that employees are headed back into offices with their personal devices, lax security hygiene and no clue about some of the most catastrophic attacks in history, such as the Colonial Pipeline shutdown. A new surv...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/06/16 12:4 p.m.33 views

Avaddon Ransomware Gang Evaporates Amid Global Crackdowns

Ransomware group Avaddon has decided to shutter its criminal enterprise after landing in the crosshairs of law-enforcement agencies in the U.S. and Australia. Avaddon, a prolific ransomware-as-a-service RaaS provider, released its decryption keys to BleepingComputer — 2,934 in total — with each k...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/03/19 2:52 p.m.33 views

CopperStealer Malware Targets Facebook and Instagram Business Accounts

A malware that until now has gone undocumented has been quietly hijacking online accounts of advertisers and users of Facebook, Apple, Amazon, Google and other web giants since July 2019 and then using them for nefarious activity, researchers have found. Dubbed CopperStealer, the malware acts...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/05 10:21 p.m.33 views

Industrial Networks See Sharp Uptick in Hackable Security Holes

It’s on: Adversaries, CISOs and researchers are all simultaneously involved in a frantic race to find cybersecurity vulnerabilities hiding within industrial networks, according to the latest Biannual ICS Risk and Vulnerability report from Claroty. The report analyzed all publicly disclosed...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/01/06 8:29 p.m.33 views

Feds Issue Recommendations for Maritime Cybersecurity

The White House has released cybersecurity guidance for securing the Maritime Transportation System MTS, which operates along 25,000 miles of coastal and inland waterways in the United States. The document points out that the MTS encompasses “361 ports, 124 shipyards, more than 3,500 maritime...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/12/22 8:32 p.m.33 views

Holiday Puppy Swindle Has Consumers Howling

Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scam was discovered by an intrepid researcher at Anomali, who got...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/12/22 2:0 p.m.33 views

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

A recently uncovered zer0-click Apple zero-day flaw, used in a spyware campaign against Al Jazeera journalists, shed light this week on the impact of Apple security issues being abused by bad actors. In 2020, the security research community saw an array of “powerful” Apple bugs afflicting iOS,...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/12/16 6:37 p.m.33 views

Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor

Commodity malware backdoor SystemBC has evolved to now automate a number of key activities, as well as use the anonymizing Tor platform. These overarching changes make it both easier for cybercriminals to deploy the backdoor, as well as cloak the destination of the command-and-control C2 traffic...

0.4AI score
Exploits0References13
ThreatPost
ThreatPost
added 2020/12/08 8:35 p.m.33 views

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic

German divers for the environmental group World Wildlife Fund were searching the ocean floor for abandoned nets threatening marine wildlife. What they found instead is a treasured piece of computing history, a World War II-era German Enigma crypto machine, sunk to the bottom of the Baltic Sea to...

7.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/12/07 5:16 p.m.33 views

Chinese Breakthrough in Quantum Computing a Warning for Security Teams

China’s top quantum-computer researchers have reported that they have achieved quantum supremacy, i.e., the ability to perform tasks a traditional supercomputer cannot. And while it’s a thrilling development, the inevitable rise of quantum computing means security teams are one step closer to...

6.8AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/12/02 2:0 p.m.33 views

DNS Filtering: A Top Battle Front Against Malware and Phishing

Peter Lowe With the proliferation of malicious websites, domain name system DNS filtering has been adopted as an effective method for blacklisting content and blocking out suspicious webpages. Peter Lowe, security researcher with DNSFilter, talks to Cody Hackett on this week’s Threatpost Podcast...

7.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/12/01 9:28 p.m.33 views

Android Messenger App Still Leaking Photos, Videos

The GO SMS Pro Android app has published two new versions on Google Play since a major security weakness was disclosed in November – but neither fixes the original issue, leaving 100 million users at risk for privacy violations, researchers said. Meanwhile, a raft of exploitation tools have been...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/11/27 2:0 p.m.33 views

ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats

Despite being concerned about the security risks behind online shopping, consumers lack knowledge about some of the biggest retail risks – with more than half unaware of digital credit-card skimming threats posed by the Magecart group. In a new report this week, RiskIQ found that a full 64 percen...

6.7AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/11/18 9:53 p.m.33 views

Widespread Scans Underway for RCE Bugs in WordPress Websites

Millions of malicious scans are rolling across the internet, looking for known vulnerabilities in the Epsilon Framework for building WordPress themes, according to researchers. According to the Wordfence Threat Intelligence team, more than 7.5 million probes targeting these vulnerabilities have...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/09 3:43 p.m.33 views

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details. Prestige Software’s “Cloud Hospitality” is used b...

Exploits0References11
ThreatPost
ThreatPost
added 2020/11/04 9:48 p.m.33 views

Google Forms Abused to Phish AT&T Credentials

Researchers are warning of phishing attacks that leverage Google Forms as a landing page to collect victims’ credentials. The forms masquerade as login pages from more than 25 different companies, brands and government agencies. So far, 265 different Google Forms used in these attacks have been...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/27 1:0 p.m.33 views

Holiday Shopping Craze, COVID-19 Spur Retail Security Storm

As online retailers prepare for the upcoming holiday shopping season, security researchers are warning that cybercriminals will be on the prowl this year, with the added factor of the coronavirus pandemic pushing many Black Friday shoppers online. Chris Eng, chief research officer with Veracode,...

7.3AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/10/19 5:34 p.m.33 views

GravityRAT Comes Back to Earth with Android, macOS Spyware

The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time. The GravityRAT remote access trojan has been around since at least 2015, according to researchers from Kaspersky, but it has mainly focused on Windows operating systems. The last piece of...

1.3AI score
Exploits0References4
Total number of security vulnerabilities5000