15946 matches found
Snatch Team Steals Data and Hammers Orgs with Ransomware
A fresh ransomware variant known as “Snatch” has been spotted in campaigns, forcing Windows machines to reboot into Safe Mode before beginning the encryption process. It’s one of multiple components of a malware constellation being used in carefully orchestrated attacks that also feature rampant...
Adobe Fixes 17 Critical Acrobat, Photoshop and Brackets Flaws
Adobe Systems is stomping out 17 critical vulnerabilities in Acrobat Reader, Photoshop and Brackets, which could lead to arbitrary code execution if exploited. Overall, Adobe released patches – as part of its regularly-scheduled updates – addressing 25 CVEs across various products, including its...
Amazon's Blink Smart Security Cameras Open to Hijack
Multiple high-severity vulnerabilities have been discovered in Amazon-owned Blink XT2 security camera systems, which if exploited could give attackers complete control over them. The internet of things IoT cameras not to be confused with the Blink open-source browser engine, consist of a wireless...
Download: The 2020 Cybersecurity Salary Survey Results
The 2020 Cybersecurity Salary Survey was an online survey published to gain insight into the details related to cybersecurity compensation. It was completed by over 1,500 security professional respondents. Today you can access the aggregated and analyzed 2020 Cybersecurity Salary Survey Results a...
DHS Rolls Back Facial-Recognition Expansion Plan
The Department of Homeland Security DHS has reconsidered a plan to use facial-recognition technology on all U.S. citizens traveling internationally through airports, deciding to roll back the plan after meeting with privacy experts. Last week the DHS said it would expand facial recognition checks...
Birth Certificate Data Laid Bare on the Web in Multiple States
A third-party government supplier has exposed hundreds of thousands of applications containing birth-certificate data. The trove of information is owned by a company that provides an online platform to state governments – including California, New York and Texas – that allows residents to request...
Romanian Duo Receives Jailtime For Infecting 400,000 With Malware
A Romanian duo has been sentenced to jailtime for infecting 400,000 computers with malware that stole credentials and financial information, and scammed victims out of millions of dollars. The two Romanian hackers, Bogdan Nicolescu, 37, and Radu Miclaus, 37, were sentenced to 20 years and 18 year...
Elder Scrolls Online Targeted by Cybercrooks Hunting In-Game Loot
Phishers are out in force to scam aficionados of the Elder Scrolls Online video game into giving up their account details. The crooks are posing as developers for the game under the moniker “ElderScrollDevs,” and targeting those with PlayStation consoles and possibly others, according to a Reddit...
GE, Dunkin', Forever 21 Caught Up in Broad Internal Document Leak
A marketing firm exposed hashed passwords and sensitive public relations documents of thousands of customers via a leaky Amazon S3 database – including big-name brands like GE, Dunkin’ Donuts, Forever 21 and more. Researchers with UpGuard in October discovered a misconfigured Amazon S3 storage...
Reddit Says Influence Campaign is Behind Leaked U.S.-U.K. Trade Documents
Reddit has revealed that key U.S.-U.K. trade documents posted on its site were likely done so as part of a broader political-influence campaign that first appeared on Facebook and tied to Russia-based operatives. The online media aggregator says it has linked documents that were leaked on its sit...
Email Voted a Weak Link for Election Security, with DMARC Lagging
As the 2020 Presidential election looms closer in the United States, a key focus will be on securing election infrastructure to prevent tampering. In a recent analysis, researchers found that email remains a potential weak link, with most counties failing to implement DMARC protections. DMARC whi...
Feds Crack Down on Money Mules, Warn of BEC Scams
The Justice Department said this week that it is cracking down on money mules, i.e., middlemen who assist in fraud schemes by receiving money from victims and forwarding proceeds to foreign-based perpetrators. So far, feds say they have halted more than 600 domestic money mules – exceeding the 40...
News Wrap: Authorities Target Evil Corp., Imminent Monitor, Money Mules
In this week’s Threatpost news wrap, editors Tara Seals and Lindsey O’Donnell break down the top infosec news, including: Authorities crack down on cybercrime group Evil Corp. with sanctions and charges against its leader, known for his lavish lifestyle. The developers behind a commodity...
Linux Bug Opens Most VPNs to Hijacking
A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers. According to researchers at University of New Mexico and Breakpointin...
Facebook Alleges Company Infiltrated Thousands for Ad Fraud
Facebook has sued a Chinese company that it alleges used malware to compromise hundreds of thousands of user accounts – and then used them to run “deceptive ads” promoting counterfeit goods. The company in question is Hong Kong-based ILikeAd Media International Company Ltd., which was incorporate...
Stealthy MacOS Malware Tied to Lazarus APT
Researchers have identified new MacOS malware that can execute remote code in memory that they believe is the work of the powerful North Korean APT group Lazarus, they said Thursday. Security researcher Dinesh Devadoss on Twitter posted a hash for a MacOS trojan he discovered that hides behind a...
Ransomware Attack Hits Data Center Provider CyrusOne: Report
U.S. data center provider CyrusOne has been hit by a ransomware attack, which has impacted six of its managed services customers, a report has found. CyrusOne, which is based in Texas and is one of the biggest data center providers in the U.S., serves more than 185 of Fortune 1000 customers...
AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web
Hundreds of thousands of mobile phone bills for AT&T, Verizon and T-Mobile subscribers have been laid open to anyone with an internet connection, thanks to the oversight of a contractor working with Sprint. According to a media investigation, the contractor misconfigured a cloud storage bucket on...
Feds Offer $5M Reward to Nab 'Evil Corp' Dridex Hacker
U.S. authorities are offering up $5 million for information leading to the arrest of Evil Corp. leader Maksim V. Yakubets, 32, of Russia, who goes under the moniker “aqua.” The U.S. alleges that Yakubets and his company have stolen millions of dollars from victims using the Dridex banking trojan...
HackerOne Breach Leads to $20,000 Bounty Reward
HackerOne has paid out $20,000 after a high-severity vulnerability was discovered in the bug-bounty platform. The flaw allowed an outside bounty hunter to access customers’ reports and other sensitive information. Disclosed this week in a HackerOne report, the security incident stemmed from a...
OpenBSD Hit with Authentication, LPE Bugs
An authentication bypass and three local privilege-escalation LPE bugs have been uncovered in OpenBSD, the Unix-like open-source operating system known for its security protections. The most severe of the vulnerabilities is the bypass CVE-2019-19521, which is remotely exploitable. OpenBSD uses BS...
'Ultimate' MiTM Attack Steals $1M from Israeli Startup
Hackers pulled off an elaborate man-in-the-middle campaign to rip off an Israeli startup by intercepting a wire transfer from a Chinese venture-capital firm intended for the new business. New research by Check Point Software details how the security vendor uncovered the wire-transfer heist, in...
ThreatList: 90% SMBs Believe Nation-State Actors Are Targeting Them
While APT activity is generally considered to be aimed at large enterprises housing valuable intellectual property, military-industrial entities, dissidents and civil society, and organizations of strategic importance to governments, the vast majority of small- and medium-sized businesses SMBs ar...
Nebraska Medicine Breached By Rogue Employee
Hospital network Nebraska Medicine has disclosed a data breach after a former employee accessed sensitive patient data – including medical records and Social Security numbers. The Nebraska Medicine network encompasses Nebraska’s largest hospital, Nebraska Medical Center, as well as other location...
‘Highly Competitive' Buer Loader Emerges in Underground Markets
A previously undocumented modular loader has emerged as a lucrative tool for cybercriminals in a variety of campaigns. Researchers say the “highly competitive” loader, dubbed Buer, is intended for use by actors seeking a turn-key, off-the-shelf solution. Researchers say they have spotted the load...
Iran Targets Mideast Oil with ZeroCleare Wiper Malware
A freshly-discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services IRIS, ZeroCleare so-named because of the program database pathname of its binary file was...
EFF Talks the Corporate Surveillance of Consumers
You can’t protect your privacy if you don’t know how it’s being violated. That’s the essence of a report by the Electronic Frontier Foundation that shines a bright disinfecting light on how corporations are collecting data on consumers. Think Facebook-like data collection on steroids and you begi...
Dutch Politician Could Get Three Years in Prison for Hacking iCloud Accounts
Prosecutors in the Netherlands are asking for three years in prison for a Dutch politician who hacked into women’s personal iCloud accounts and stole nude photos and other personal digital material belonging to them, then leaked some of it online. The public prosecutor of the North Holland Public...
DHS Plans to Expand Facial Recognition Border Checks
The Department of Homeland Security plans to extend facial recognition checks to all travelers entering and leaving the U.S. – including previously-exempt U.S. citizens. The proposed ruling, outlined in a recent filing that was first reported this week by TechCrunch, signifies a rapid expansion o...
ThreatList: A Third of Biometric Systems Targeted by Malware in Q3
Biometric security – which uses fingerprints, voice or facial recognition or retina identification to authenticate users to services – has crossed the chasm into the mainstream, thanks to the prevalence of features like fingerprint readers on laptops and FaceID for iPhones. However, researchers s...
Android Ups the Mobile Security Ante with Default TLS Encryption
A full 80 percent of Android apps are encrypting their traffic by default, according to a Transport Layer Security TLS adoption update from Google. That percentage is even greater for apps targeting Android 9 and higher, with 90 percent of those encrypting traffic by default, the tech giant said ...
Critical Android Flaw Leads to 'Permanent DoS’
Google has released an update stomping out three critical-severity vulnerabilities in its Android operating system — one of which could result in “permanent denial of service” on affected mobile devices if exploited. The vulnerabilities are part of Google’s December 2019 Android Security Bulletin...
Supply Chain Account Takeover: How Criminals Exploit Third-Party Access
Empower Your Suppliers Against Attack The average business shares data with a complex network of third parties, depending on their operational needs. In a survey of security and risk professionals, Forrester learned that the average business has 4,700 third-party partners with some access to...
‘StrandHogg’ Vulnerability Allows Malware to Pose as Legitimate Android Apps
Researchers have discovered a new Android vulnerability that could allow malware to pose as popular apps and ask for various permissions, potentially allowing hackers to listen in on users, take photos, read and send SMS messages, and basically take over various functions as if they are the...
Microsoft OAuth Flaw Opens Azure Accounts to Takeover
A vulnerability in the way Microsoft applications use OAuth for third-party authentication could allow an attacker to take over Azure cloud accounts. OAuth is a protocol that allows app users to share data about their accounts with third-party websites or apps, so that when they sign into the app...
Authorities Break Up Imminent Monitor Spyware Organization
The developers behind a commodity remote-access tool RAT that allows full control of a victim’s computer has been taken down by Australian and global authorities. The Imminent Monitor RAT IM-RAT first appeared in 2012, the work of a developer going by the handle of “Shockwave,” according to...
CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies
The U.S. government’s cybersecurity agency has issued a draft directive mandating all agencies to develop vulnerability disclosure policies, which would give ethical hackers clear guidelines for submitting bugs found in government systems. Security experts hope that the directive will light a fir...
Smart TVs: The Cyberthreat Lurking in Your Living Room, Feds Warn
Black Friday and Cyber Monday sales of smart TVs are likely prodigious this Thanksgiving weekend – but consumers need to be aware of the hole they can punch in home cyber-defenses. That’s the word from the FBI, which warned that smart TVs, which hook up to the internet to allow users to access ap...
Insecure Database Exposes Millions of Private SMS Messages
Tens of millions of SMS messages have been found on an unprotected database, putting the private data of hundreds of millions of people in the United States at risk for theft or exposure and leaving a communications company open for potential intrusion, security researchers discovered. Noam Rotem...
Amazon Plans Ring Facial Recognition-Based 'Watch List', Report
UPDATE Amazon is planning to use facial recognition software and its Ring smart home security devices to create an artificial-intelligence enabled “neighborhood watch list,” according to reports. According to internal documents reviewed by The Intercept, the “watch list” would automatically alert...
ThreatList: Healthcare Breaches Spike in October
October experienced a 44.44 percent month-over-month increase in healthcare data breaches, resulting in 661,830 healthcare records exposed or stolen during the month. That’s according to the Health and Human Services HHS Office for Civil Rights’ monthly report reported via HIPAA Journal. The...
NSO Group President Defends Controversial Tactics
In a rare public appearance by Shiri Dolev, the president of the secretive NSO Group Technologies, the company leader vented over what she called “false myths” about the firm. Dolev also took indirect aim at secure messaging platforms, offered by the likes of Facebook, explaining surveillance...
SDKs Misused to Scrape Twitter, Facebook Account Info
Twitter and Facebook are warning of software development kits SDKs that could be embedded within a mobile application and used to harvest personal user information. The SDKs, which the tech giants said are maintained by oneAudience and MobiBurn, could be used by mobile app developers to craft...
IoT Smartwatch Exposes Kids' Personal, GPS Data
Researchers are warning parents that a children’s connected smartwatch has vulnerabilities that leak users’ personal and GPS data, and allow attackers to listen in on and manipulate conversations. Worse, the smartwatch in question, SMA M2, is currently used by 5,000 children worldwide. Chinese...
Federal Data Privacy Bill Takes Aim at Tech Giants
A new digital privacy bill has been introduced to the the Senate, which would give the Federal Trade Commission FTC more teeth when it comes to providing oversight on tech companies’ use of consumer data. Sen. Maria Cantwell D-Wash., ranking member on the Senate Commerce Committee, led the...
Dexphot Malware Hijacks 80K+ Devices to Mine Cryptocurrency
Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and...
Austin Man Indicted for Stealing Unreleased Music from Artists
A 27-year-old man who allegedly impersonated a music producer in an effort to nab unreleased music from various artists has been indicted. If convicted, he faces 27 years in prison on charges of conspiring with others to commit wire fraud, computer intrusion and committing aggravated identity...
Magecart Group Switches Up Tactics with MiTM, Phishing
A fresh splinter group under the Magecart umbrella has been discovered ramping up activity starting in August-September of 2019. It’s using a unique codebase and different tactics to carry out its attacks, according to researchers. Magecart is an umbrella term encompassing several different threa...
Managing the Human Security Factor in the Age of Ransomware
Security analysts have determined that cybercrime cost the global economy $1.5 trillion in 2018. Ransomware, in particular, is estimated to grow by as much as 350 percent over the next year. And while the ransom for a generic ransomware attack has now risen to nearly $13,000, with recent targeted...
Black Friday Shoppers Targeted By Scams and Fake Domains
Black Friday and Cyber Monday-related scams are nothing new — but researchers warn that this year, they are seeing an uptick in scams using more sophisticated methods to lure users to hand over their payment data. Research released Tuesday by ZeroFOX uncovered some of the threats that attackers a...