15946 matches found
Underground Market Selling Cheap Access to Hacked Servers
Criminals and advanced attackers for two years have had at their disposal an extensive trading platform selling access to hacked servers worldwide. For as little as $6 USD, attackers can purchase access to a compromised machine and launch attacks or get a one-time peek at all the data on a server...
Telegram Calls Claims of Bug in Messaging Service Bogus
A flaw in the popular Telegram Messenger app that allows attackers to crash devices and run up wireless data charges is being disputed by the app maker who calls the claims false. According to two Iranian-based researchers, Sadegh Ahmadzadegan and Omid Ghaffarinia, Telegram users are vulnerable t...
Microsoft June Patch Tuesday Fixes 44 Vulnerabilities
Microsoft pushed out 16 bulletins on Tuesday addressing 44 different vulnerabilities in its software, including Windows, Exchange Server, Office, Edge, and Internet Explorer. Five of the bulletins have been branded critical because each vulnerability associated with them could be used to carry ou...
Verizon Patches Serious Email Flaw That Left Millions Exposed
Verizon fixed a critical flaw in its Verizon.net messaging system that permitted attackers to hack the email settings of other customers and forward email to any email account. The flaw, found by Randy Westergren, a senior software developer with XDA Developers, impacted any of Verizon’s estimate...
DNC Hacked, Research on Trump Stolen
Two separate APT groups believed to have ties to the Russian government have been fingered in attacks against the Democratic National Committee resulting in the theft of research done by the DNC on presumptive Republican nominee Donald Trump. Researchers at Crowdstrike, called in to investigate b...
Fix Coming for Flash Vulnerability Under Attack
Adobe today said it will patch Flash Player this week, addressing a vulnerability being exploited in “limited, targeted attacks.” The flaw, CVE-2016-4171, exists in versions of Flash prior to, and including, 21.0.0.242 on Windows, Macintosh, Linux and ChromeOS platforms. “Successful exploitation...
RAA Ransomware Composed Entirely of JavaScript
We’ve already seen ransomware take on many forms this year, but researchers this week claim they’ve noticed a new strain unlike any they’ve seen prior–a type composed entirely of JavaScript. The ransomware, dubbed RAA by researchers, has been circulating through attachments masquerading as Word...
Meaningful Surveillance Reform Risks Defeat Over US House Rules Change
Civil liberties groups are anxiously waiting to see if an anti-surveillance amendment will be added to a Department of Defense spending bill Tuesday. The so-called Massie-Lofgren amendment would rein in U.S. domestic mass surveillance by the NSA and protect U.S. encryption standards. The amendmen...
D-Link Patches Weak Crypto in mydlink Devices
Browser makers and other tech companies have gone to great pains to beef up weak crypto libraries, in particular those that are exposed to fallback attacks such as POODLE. Attackers exploiting these vulnerabilities are able to dial back the encryption protecting communication to SSLv2 and SSLv3,...
Let's Encrypt Accidentally Spills 7,600 User Emails
Certificate authority Let’s Encrypt accidentally disclosed the email addresses of several thousand of its users this weekend. Josh Aas, Executive Director for the Internet Security Research Group ISRG, the nonprofit group that helped launch the CA, apologized for the error on Saturday. In what...
Siemens Firmware Updates Patch SIMATIC Vulnerabilities
Siemens has provided firmware updates addressing vulnerabilities in two popular products lines, the SIMATIC WinCC flexible, and the SIMATIC S7-300 CPU family. The SIMATIC S7-300 flaw is a denial-of-service issue that could be remotely exploited to cause the device to go into defect mode, an...
51 Million iMesh Accounts Available on Black Market
LeakedSource, an aggregator of data stolen in breaches, is advertising the availability of the account information of 51 million users of the now defunct iMesh peer-to-peer file-sharing music service. According to LeakedSource, the data is from a 2013 breach and includes email addresses, username...
IRS Reinstates Get Transcript Service Following Hack
The Internal Revenue Service has reinstated its Get Transcript service, more than a year after hackers managed to manipulate settings in the system in order to steal information on more than 720,000 U.S. taxpayers. The IRS suspended the service – which gives citizens a way to look up line-by-line...
Netgear Router Update Removes Hardcoded Crypto Keys
Netgear has released firmware updates for two of its router products lines, patching vulnerabilities that were reported in January. Users should update to firmware version 1.0.0.59, which includes fixes for an authentication bypass vulnerability and also addresses a hard-coded cryptographic key...
Decryption Utilities Unlock Files Encrypted by All TeslaCrypt Versions
For close to a month, the master encryption key unlocking files ravaged by TeslaCrypt has been publicly available, putting an end to a profitable strain of ransomware. In the weeks since, various decryptors have been developed that can be used to unlock files. Kaspersky Lab, for one, updated its...
On Password Reuse, Ransomware, and the Lack of Secured Internet Services
Mike Mimoso and Chris Brook discuss news from the week, including how the recent data breaches have fed off password reuse, how a Canadian university paid $20K CDN following a ransomware attack, a scan that showed a lack of secured services on the internet, and more. Download:...
Twitter Forces Password Reset on Some Exposed Accounts
Twitter has forced a password reset on an unnamed number of accounts exposed this week in a dump of 32.8 million account names and credentials. A Russian hacker known as Tessa88 has been involved in a number of recent password disclosures with Twitter being the most recent. He shared the cache of...
$90K Windows Zero Day Gets a Price Cut
A Windows zero-day for sale on the black market for $90,000 just received a price drop. The flaw that allegedly leaves all versions of Windows users exposed to a local privilege escalation LPE vulnerability can now be snatched up for $85,000. According to Trustwave, which has been monitoring the...
uTorrent Forums User List Stolen
BitTorrent has warned users of its uTorrent client to change their passwords after a third-party breach allowed hackers to walk off with a list of its forum users. “On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums,” the company said in ...
Google Patches High Severity Browser PDF Exploit
A high-severity vulnerability in Google’s Chrome browser that allows attackers to execute code on targeted systems via a PDF exploit has been patched by Google. Researchers at Cisco said users were at risk if they were enticed to view a specially crafted PDF document with an embedded jpeg2000 ima...
Stolen Twitter Credentials Latest Dataset For Sale
Tens of millions of Twitter account records including cleartext passwords are up for sale on a black market site, the latest cache of bundled credentials for major online services to be made available. The Twitter records have been analyzed by LeakedSource, which said in a post yesterday that a...
CryptXXX Jumps From Angler to Neutrino Exploit Kit
Crooks behind the revamped CryptXXX 3.100 ransomware have switched its distribution from the Angler Exploit Kit to the Neutrino Exploit Kit. The sudden change in distribution was spotted on Monday by researchers at the SANS Internet Storm Center. “This is not the first time we’ve seen campaigns...
University of Calgary Pays $20,000 Following Ransomware Attack
Officials at the University of Calgary admitted this week that the school recently paid $20,000 CDN to rid its systems of ransomware that hampered productivity for 10 days. Linda Dalgetty, the school’s VP of Finance and Services, acknowledged via press release on Wednesday that the school paid th...
Windows BITS 'Notification' Feature Used to Deliver Malware
Attackers have found a new way to exploit the Widows Background Intelligent Transfer Service BITS which is being used to infect and reinfect targeted PCs with malware even after the initial infection has been removed. According to security researchers at Dell SecureWorks, attackers are exploiting...
Unpatched D-Link Wi-Fi Camera Flaw Remotely Exploitable
D-Link is wrestling with a vulnerability in its DCS930L Wi-Fi camera that was privately disclosed by security company Senrio. The flaw exposes the cameras to remote code execution, a Senrio report says. CEO Stephen Ridley told Threatpost that his company is working with D-Link on remediation...
Firefox 47 Fixes 13 Vulnerabilities, Removes Click-To-Activate Plugin Whitelist
Mozilla fixed 13 security issues, including two critical vulnerabilities that could have led to spoofing and clickjacking, among other issues, when it updated Firefox to the latest build, Firefox 47, this week. One of the issues, a buffer overflow, could have resulted in a potentially exploitable...
Data Breaches Feed Password Reuse Crimes: No Simple Fixes
It was June 2012 when Dale Meredith was shopping online for a BBQ grill for Father’s Day and found one at Sears.com. The only snag, he had to create a username and password to buy it. That irked him. He was annoyed because it was literally the hundredth-plus service—including his local newspaper,...
Google To Deprecate SSLv3, RC4 in Gmail IMAP/POP Clients
Google said that it will initiate on June 16 a gradual deprecation of SSLv3 and RC4 for Gmail IMAP/POP mail clients. Both the crypto protocols cipher are notoriously unsafe and are being phased out in big chunks of the Internet. Google, for its part, had already announced in May that it would no...
Rapid7 Measures Internet's Unsecured Services
A recent Internet scan threw a bucket of cold water on the notion that wonky, unsecured services have been significantly reduced from the Internet. “Today’s Internet in 2016 looks like the 1996 Internet, which is a little depressing,” said Rapid7 security research manager Tod Beardsley. Beardsley...
Uber Pays Researcher $10K for Login Bypass Exploit
Ridesharing company Uber recently patched a vulnerability in its site that could have allowed an attacker to log into some “.uber.com” sites without a password and further compromise its internal network. Uber awarded Finnish security researcher Jouko Pynnönen $10,000 for discovering the flaw las...
Facebook Messenger Vulnerability Patched
Update Facebook has patched a vulnerability in the desktop and Android mobile versions of its Messenger app that allows an attacker to access and modify chats. Researchers at Check Point Software Technologies privately disclosed the issue May 2 to Facebook, which patched it two weeks later. The...
Mitsubishi Hybrid SUV Hack Puts Drivers At Risk, Says Researcher
Security experts are warning owners of Mitsubishi Outlander Plug-In Hybrid Electric Vehicles that their cars can be hacked via the automobile’s on-board WiFi network used for remote control of key car features. The hybrid electronic vehicle, which is slated to be sold here in the U.S. starting th...
Password Autocorrect Without Compromising Security
Intuitively, auto-correcting passwords would seem to be a terrible idea, and the worst security-for-convenience tradeoff in technology history. But a team of academics from Cornell University, MIT and a Dropbox security engineer say that the degradation of security from the introduction of such a...
June 2016 Android Security Bulletin
Google today pushed out its monthly Android patches, addressing what is becoming a monthly custom of a critical Mediaserver vulnerability, in addition to a half-dozen critical flaws in different Qualcomm drivers. The Android Security Bulletin includes patches for eight critical flaws, and while...
100M Credentials From 'Russian Facebook' VK.com For Sale
News of yet another years-old social media site hack surfaced over the weekend when it was learned that hackers infiltrated the European social network VK.com at some point over the last several years and made off with credentials for 100 million of its users. Breach notification site LeakedSourc...
New Angler Exploits Bypass EMET Mitigations
New Microsoft Silverlight and Adobe Flash exploits that bypass Microsoft’s Enhanced Mitigation Experience Toolkit EMET have found their way into an updated version of the Angler Exploit Kit. EMET is a suite of freely available tools for Windows machines that mitigate memory-based attacks. The...
BlackShades Strain of Ransomware Teases Researchers
Researchers who dig deep through the code of one of the latest strains of ransomware might be surprised and even a little irked at what they find. Hidden inside some of those strings of code are taunts aimed at them. According to Lawrence Abrams who runs BleepingComputer.com, the malware,...
NTP Patches Flaws That Enable DDoS
The network time protocol, at the center of a number of high-profile DDoS attacks in 2014, was updated on Thursday to ntp-4.2.8p8. The latest version includes patches for five vulnerabilities, including one rated high-severity. NTP, specifically the NTP daemon, synchronizes system clocks with tim...
Updated CryptXXX Ransomware Big Money Potential
CryptXXX ransomware has received a major overhaul by its authors, putting it on the fast track to unseat Locky as top moneymaker for criminals. Researchers at Proofpoint said that on May 26, cybercriminals released an updated CryptXXX 3.100 version of the ransomware that includes a new StillerX...
On TeamViewer, the MySpace and Tumblr Breaches, and the 90K Windows Zero Day
Mike Mimoso and Chris Brook discuss the news of the week, including the back and forth around whether or not TeamViewer was hacked, the fallout around the years-old MySpace and Tumblr breaches, and a 90K Windows zero day. Download: ThreatpostNewsWrap-June32016.mp3 Music by Chris Gonsalves...
WordPress Patches WP Mobile Detector Plugin Zero Day
A WordPress plugin was patched Thursday night, close to a week after reports began to surface of public attacks against a zero-day vulnerability. WP Mobile Detector was pulled from the WordPress Plugin Directory once the attacks went public. It was restored last night and users are urged to updat...
Researchers Uncover Affiliate Network for Ransomware
Ransomware as a business is maturing and nowhere is that better illustrated than in Russia, according to Flashpoint researchers. The security firm released two reports on Thursday, one on a burgeoning ransomware-as-a-service business model PDF in Russia and the second on new developments in Russi...
Report: Federal Reserve Target of Constant Hack Attacks
Forced to come clean on breaches against the U.S. Federal Reserve, the Fed on Wednesday revealed the agency that drives financial markets around the world has been breached as many as 50 times in the past five years. As part of a Freedom of Information Act request by the Reuters news agency, the...
Google Patches Two High-Severity Flaws in Chrome
Google on Wednesday updated the Chrome browser for the third time since the start of May. Chrome 51.0.2704.79 for Windows, Mac, and Linux patched 15 vulnerabilities. It also paid out $14,000 in bounties to prolific bug hunters Mariusz Mlynski $7,500 and Rob Wu $6,500. The previous Chrome update o...
Lenovo Tells Users to Uninstall Vulnerable Updater
Lenovo has waved the white flag on a vulnerable component of its pre-installed software updater and recommends that users uninstall it from more than 110 notebook and desktop models running Windows 10. The decision to have users yank the Lenovo Accelerator Application comes days after a Duo Labs...
TeamViewer Denies Hack, Blames Password Reuse for Compromises
Remote support software company TeamViewer continues to contest claims this week it was hacked and instead claims that password reuse and careless user actions may have led to some of its customers’ machines being compromised. The German company has been vigilant with its stance since posting a...
New Irongate ICS Malware Steals From Stuxnet Playbook
New malware that targets industrial control systems called Irongate was found by researchers who say the discovery should serve as another wakeup call to the security industry to shore up its detection capabilities around ICS and SCADA threats. Irongate, which shares some of the same attributes a...
Arrests Made In $45M Russian Bank Hack
Russian law enforcement has made 50 arrests in connection with a five-year operation to steal three billion rubles just shy of $45 million USD from the country’s largest bank, Sberbank. The hackers are alleged to have exploited websites, including popular news sites, to infect victims with the Lu...
Moxa Discontinuing Vulnerable Line of ICS Devices
A vulnerability that exists in embedded computers manufactured by Moxa could allow remote authenticated users to overwrite firmware, in turn rendering the devices unusable. Moxa, a Taiwan-based networking company, announced recently that instead of patching the line of products affected by the...
FBI Wants Biometric Database Exempt From Privacy Rules
Civil liberties and privacy groups are petitioning the U.S. government for more time to fight the FBI’s request to exempt itself from lawsuits related to its warehouse of an estimated 100 million biometric records if it’s found in violation of the federal Privacy Act of 1974. At issue is the...