Cyberattacks on Healthcare Spike 45% Since November

As COVID-19 ravages international healthcare systems, cybercriminals have decided to leverage the increasingly dire circumstances to squeeze a few bucks out of the human suffering. According to new findings from Check Point Software, healthcare organizations have seen a 45-percent increase in...

Telegram Triangulation Pinpoints Users' Exact Locations

A feature that allows Telegram users to see who’s nearby can be misused to pinpoint your exact distance to other users – by spoofing one’s latitude and longitude. According to bug-hunter Ahmed Hassan, the “People Nearby” feature could allow an attacker to triangulate the location of unsuspecting...

Google Warns of Critical Android Remote Code Execution Bug

Google has fixed two critical bugs affecting its Android handsets. The more serious flaws exists in the Android System component and allow remote attackers to execute arbitrary code. The two critical vulnerabilities are part of Google’s January Android security bulletin, released Monday. The...

Major Gaming Companies Hit with Ransomware Linked to APT27

A recent slew of related ransomware attacks on top videogame companies has been associated with the notorious Chinese-linked APT27 threat group, suggesting that the advanced persistent threat APT is swapping up its historically espionage centralized tactics to adopt ransomware, a new report says...

ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands

A new remote access tool RAT has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private keys and ultimately to drain their wallets. The never-before-seen RAT at the center of the campaign, which researchers dub...

Data from August Breach of Amazon Partner Juspay Dumped Online

Data from a breach that occurred five months ago involving Juspay, which handles payments for Amazon and other online retailers in India, has been dumped online, a researcher has found. Security researcher Rajshekhar Rajaharia discovered data of 35 million Indian credit-card holders from a breach...

Ransomware Gang Collects Data from Blood Testing Lab

Apex Laboratory, which provides blood work at home for patients in New York City, Long Island and South Florida, has been hit with a ransomware attack that also resulted in patient data being stolen. Though the company just disclosed the attack, it took place on July 25, when “certain systems in...

Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API

An old attack method dating back to 2017 that uses voice-to-text to bypass CAPTCHA protections turns out to still work on Google’s latest reCAPTCHA v3. That’s according to researcher Nikolai Tschacher, who posted a video proof-of-concept PoC of the attack on Jan. 2. CAPTCHA, introduced in 2014, i...

Leading Game Publishers Hit Hard by Leaked-Credential Epidemic

Leading gaming companies, such as Ubisoft, have become big targets for cybercriminals that aim to turn a profit by selling leaked insider-credentials tied to the top game publishers. Over 500,000 stolen credentials tied to the top 25 gaming firms were found on caches of breached data online and u...

T-Mobile Faces Yet Another Data Breach

T-Mobile USA has reported a data breach – its fourth in three years. The wireless carrier disclosed the breach last week via its website, saying that it detected and shut down “malicious, unauthorized access to some information” related to T-Mobile accounts. Specifically, that data consisted of...

Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business

Ticketmaster must pay a hefty $10 million fine after several employees utilized unlawfully obtained passwords to hack a rival company’s computer systems – in attempts to “choke off” its business. The American ticket sales and distribution giant, which is owned by Live Nation, in 2013 hired an...

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud

After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and application monitoring will top the list of CISO budget and cybersecurity priorities. According to experts, these are just a few of the themes to dominate the ye...

Inbox Attacks: The Miserable Year (2020) That Was

Purging your inbox has become a year-end tradition for many. A short hiatus for the holidays often provides a quiet moment to flush the previous year’s mountain of spam. And, from the looks of our 2020 inbox, years of herculean efforts to harden email defenses have fallen short. The most-targeted...

What's Next for Ransomware in 2021?

Ransomware works. That’s the simplest way to explain why incidents of ransomware attacks have sharply increased over the last year — with no end in sight. The number of ransomware attacks has jumped by 350 percent since 2018, the average ransom payment increased by more than 100 percent this year...

FBI Warn Hackers are Using Hijacked Home Security Devices for 'Swatting'

Stolen email passwords are being used to hijack smart home security systems to “swat” unsuspecting users, the Federal Bureau of Investigation warned this week. The announcement comes after concerned device manufacturers alerted law enforcement about the issue. Swatting is a dangerous prank where...

Taking a Neighborhood Watch Approach to Retail Cybersecurity

Every year retailers face a heightened level of risk during the online holiday shopping season. COVID-19 drastically shifted consumer buying behaviors, forcing retailers to accelerate digital transformation efforts to support an exponentially higher number of online transactions. Projected U.S...

Most-Wanted Threatpost Stories of 2020

As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go down as defining topics for the cybersecurity world for the year. Threatpost also took a retrospective view on what readers were most interested...

Lawsuit Claims Flawed Facial Recognition Led to Man’s Wrongful Arrest

Racial bias against non-white skin in facial recognition landed Nijeer Parks ten days in jail in 2019 after the technology falsely identified him as a shoplifting suspect, a new lawsuit says. It didn’t matter that he hadn’t been to the location of the crime, a Hampton Inn hotel in Woodbridge, New...

6 Questions Attackers Ask Before Choosing an Asset to Exploit

In the past decade or so, we’ve seen a massive shift toward the cloud. The COVID-19 pandemic and associated pivot to remote work has only accelerated this cloud trend, forcing blue-teamers to be more agile to protect their attack surfaces. While defenders are adapting to support cloud-based...

Japanese Aerospace Firm Kawasaki Warns of Data Breach

Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data. According to the company’s data breach notification, it first discovered unauthorized parties accessing a server in Japan, from an overseas offic...

2020 Work-for-Home Shift: What We Learned

Goodbye, 2020 — and good riddance, right? Most of us don’t want to take too much from this year into the next — but let’s make an exception for what we learned about security in the wake of the COVID-19 pandemic. In 2021 after all, more enterprises will permanently downsize their physical spaces...

Hackers Amp Up COVID-19 IP Theft Attacks

Attackers are looking to the healthcare space as a rich repository of intellectual property IP now more than ever, as critical research of COVID-19 therapeutics are developed and Pfizer, Moderna and other biotech firms begin to mass produce vaccines. Several incidents show that nation-states are...

Ransomware in 2020: A Banner Year for Extortion

Remote learning platforms shut down. Hospital chemotherapy appointments cancelled. Ransomware attacks in 2020 dominated as a top threat vector this past year. Couple that with the COVID-19 pandemic, putting strains on the healthcare sector, and we witnessed ransomware exact a particularly cruel...

Windows Zero-Day Still Circulating After Faulty Fix

A high-severity Windows zero-day that could lead to complete desktop takeover remains dangerous after a “fix” from Microsoft failed to adequately patch it. The local privilege-escalation bug in Windows 8.1 and Windows 10 CVE-2020-0986 exists in the Print Spooler API. It could allow a local attack...

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

The advanced persistent threat APT known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found that Lazarus Group — widely...

Third-Party APIs: How to Prevent Enumeration Attacks

When organizations use APIs – the next frontier in cybercrime – to engage with third parties, it’s crucial they understand the associated security exposure they’re introducing. To do so, they must think like a hacker to evaluate whether or not they are introducing a problem or a solution for thei...

Hey Alexa, Who Am I Messaging?

The potential for digital-home assistants like Amazon Alexa to infringe on user privacy by making and saving voice recordings of them is already widely known. Now researchers have discovered that the devices also may be able to “hear” and record what people are typing on nearby smartphones, even...

Emotet Returns to Hit 100K Mailboxes Per Day

After a lull of nearly two months, the Emotet botnet has returned with updated payloads and a campaign that is hitting 100,000 targets per day. Emotet started life as a banking trojan in 2014 and has continually evolved to become a full-service threat-delivery mechanism. It can install a collecti...

Holiday Puppy Swindle Has Consumers Howling

Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scam was discovered by an intrepid researcher at Anomali, who got...

Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

Facebook subsidiary WhatsApp has received new high-caliber support in its case against Israeli intelligence company NSO Group. The court case aims to hold NSO Group accountable for distributing its Pegasus spyware on the popular WhatsApp messaging service with the intent of planting its spyware o...

Joker's Stash Carding Site Taken Down

Joker’s Stash, the carding site where cybercriminals hawk their payment-card wares, has suffered a blow after law enforcement apparently seized one of its domains. Joker’s Stash is a popular cybercriminal destination that specializes in trading in payment-card data, offering millions of stolen...

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

A recently uncovered zer0-click Apple zero-day flaw, used in a spyware campaign against Al Jazeera journalists, shed light this week on the impact of Apple security issues being abused by bad actors. In 2020, the security research community saw an array of “powerful” Apple bugs afflicting iOS,...

Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat

Breakups can be traumatic in all sorts of ways. Now we know they can pose a serious cybersecurity threat too. A new survey found that an alarming number of people are still accessing their exes’ accounts without their knowledge — a handful for malicious reasons. The survey conducted during Novemb...

Smart Doorbell Disaster: Many Brands Vulnerable to Attack

Smart doorbells, designed to allow homeowners to keep an eye on unwanted and wanted visitors, can often cause more security harm than good compared to their analog door bolt alternatives. Consumer-grade digital doorbells are riddled with potential cybersecurity vulnerabilities ranging from...

Defending Against State and State-Sponsored Threat Actors

Security threats from states and state-sponsored actors have been around since before the field of cybersecurity was defined. They have now evolved to cyberspace, and present unique challenges for defenders. While there are fundamental differences between activist and criminal activity, and those...

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

Four nation-state-backed advanced persistent threats APTs hacked Al Jazeera journalists, producers, anchors and executives, in an espionage attack leveraging a zero-day exploit for Apple iPhone, researchers said. The attack, carried out in July and August, compromised 36 personal phones belonging...

Simplifying Proactive Defense With Threat Playbooks

Security defense strategy can be extremely complex, with security teams grappling with tens of thousands of information points and evolving attacker techniques, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs. Derek Manky FortiGuard Labs has...

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

Cybercriminals are vying for Remote Desktop Protocol RDP access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing. During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the...

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop. The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said. Thin clients...

Hacker Dumps Crypto Wallet Customer Data; Active Attacks Follow

On Monday a hacker dumped sensitive data stolen earlier this year from the Ledger cryptocurrency wallet’s website. The data was put up for grabs on sites frequented by criminals. And in a twist that surprised no one, the data is now actively being exploited in phishing campaigns. Researchers at...

Telemed Poll Uncovers Biggest Risks and Best Practices

Healthcare organizations have gone virtual during the COVID-19 pandemic, just like the rest of us – with the use of telehealth services becoming the go-to format for med checks, routine consultations and therapist visits. But how safe are these services when it comes to patient data? In an...

Cloud is King: 9 Software Security Trends to Watch in 2021

IT security professionals have largely spent the year managing a once-in-a-generation workforce shift from office to home in 2020. With the initial push over, experts predict that 2021 will be focused on shoring up the cloud and re-imagining organizational workflows under this new normal. Softwar...

Sunburst's C2 Secrets Reveal Second-Stage SolarWinds Victims

More information has come to light about the Sunburst backdoor that could help defenders get a better handle on the scope of the sprawling SolarWinds espionage attack. The campaign is known to have affected six federal departments, Microsoft, FireEye and dozens of others so far. Sunburst, a.k.a...

Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

UPDATE Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to expect many more victims to come to light as investigations continue. Adversaries were...

Cyberpunk 2077 Headaches Grow: New Spyware Found in Fake Android Download

Threat actors continue to take advantage of the hype surrounding the release of the videogame Cyberpunk 2077 in a variety of ways. The latest twist is ransomware targeting Android devices disguised as a legitimate download of the new open-world game. Kaspersky researcher Tatyana Shishkova...

Insider Threats: What Are They, Really?

What an insider threat really is The idea of an “insider threat” sounds like some sort of double agent hiding away in a cubicle—someone hired to steal company secrets and take you down. That sounds pretty exciting, but it’s not very accurate. When we talk about insider threats, in reality, we’re...

How to Increase Your Security Posture with Fewer Resources

With the number of COVID-19 cases increasing, another round of attacks is looming over schools and universities as they move into holiday break and prepare for the spring semester. According to a recent article the Wall Street Journal, there have been “nearly three dozen ransomware attacks agains...

Nuclear Weapons Agency Hacked in Widening Cyberattack

The Energy Department and its National Nuclear Security Administration NNSA, which is the agency that maintains the U.S. nuclear stockpile, have been compromised as part of the widespread cyberattack uncovered this week stemming from the massive SolarWinds hack. An exclusive report by Politico...

5M WordPress Sites Running 'Contact Form 7' Plugin Open to Attack

A patch for the popular WordPress plugin called Contact Form 7 was released Thursday. It fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version...

Police Vouch for Hacker Who Guessed Trump’s Twitter Password

When Dutch ethical hacker Victor Gevers tried to alert Secret Service that he was able to guess the password to President Donald Trump’s Twitter handle last October, there were plenty of skeptics, most notably at the White House. Now, Dutch prosecutors have determined Gevers did, in fact, guess t...