15946 matches found
Widespread Malvertising Campaign Hijacks 300 Million Sessions
A massive malvertising campaign targeting iOS devices hijacked a whopping 300 million browser sessions in just 48 hours. Researchers at Confiant recorded the campaign Nov. 12, and said that the threat actor behind the campaign is still active to this day. A malicious landing page According to...
Knuddels Flirt App Slapped with Hefty Fine After Data Breach
Germany has slapped a popular in-region dating, flirting and chat service with a €20,000 fine or around $22,667, after a hack affected more than 1.8 million accounts this summer. The Baden-Württemberg Data Protection Authority announced last week it had issued the fine, which is the country’s fir...
Mobile Rotexy Malware Touts Ransomware, Banking Trojan Functions
Mobile malware, dubbed Rotexy, has evolved from being spyware to now a dangerous banking trojan packing a host of new clever features. Researchers report 70,000 attacks between August and October with targets primarily based in Russia. In a technical brief released last week, researchers at...
USPS, Amazon Data Leaks Showcase API Weaknesses
The annual holiday buying bonanza has officially kicked off for 2018, and, as if on cue, a pair of security incidents at two of the most-used services this time of year – the U.S. Postal Service and Amazon – showed up to remind us of the dangers of shopping season. Both hinged on improper API use...
User Confidence in Smartphone Security Abysmal
Smartphone owners are growing worried about data privacy, and will delete apps they don’t trust. And only a quarter feel they are in control of their personal data. Research carried out by the Mobile Ecosystem Forum MEF, a trade body, found that Europeans are among the most wary cellphone users,...
Spotify Phishers Hijack Music Fans' Accounts
A phishing campaign with a clever Spotify lure has been spotted trying to harvest user credentials for the popular streaming service. Researchers at AppRiver detected the offensive earlier this month, in a campaign looking to compromise Spotify customers using bogus – but convincing – emails with...
Threatpost News Wrap Podcast For Nov. 23
With Thanksgiving this week and Cyber Monday right around the corner, Threatpost editors Lindsey O’Donnell and Tara Seals talk about the biggest holiday season-related cybersecurity stories of the week. . Download direct here...
Old Printer Vulnerabilities Die Hard
Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fa...
ThreatList: One-Third of Firms Say Their Container Security Lags
Even as companies move to embrace cloud deployments and containers, most organizations with such deployments don’t feel prepared to adequately secure cloud-native applications. According to StackRox’ State of Container Security report, which polled about 230 respondents in the U.S., more than a...
Zero-Trust Frameworks: Securing the Digital Transformation
Given the ongoing, rapid rise in digital transformation, the “zero-trust” concept is fast gaining traction as the go-to strategy for securing modern business networks. Zero trust refers to the notion of shifting access controls from the perimeter to the individual users and their devices. Thus,...
Podcast: Breaking Down the Magecart Threat (Part One)
Threatpost editor Lindsey O’Donnell talks to Rapid7’s Chief Data Scientist, Bob Rudis, about the dangers that the Magecart group poses when it comes to e-commerce websites. Magecart, a financially motivated cyberattack group made up of several smaller gangs, has been behind recent payment-card...
As Black Friday Looms, IoT Gadgets Take the Risk Spotlight
With the holiday shopping season poised to officially kick off this weekend, it’s likely that connected gadgets and toys are high atop many a consumer wish-list. As those of us in the security space know, however, internet of things IoT devices can quickly go from fun to creepy, depending on how...
Podcast: Why 'Throwing Money' at Threats Won't Work
Randori CTO David Wolpoff better known as Moose, joins the Threatpost Podcast this week to talk cyber-defense strategies with Threatpost’s Lindsey O’Donnell. With high-profile breaches making headlines every day, and enterprises spending more money on tools and solutions than ever before, Moose...
FCC Addresses Robocalling – But Questions Remain
Robocalls and text spam – often in the service of widespread fraud campaigns – continue to persist, dogging consumers despite the existence of the national Do Not Call registry and efforts like the Truth in Caller ID Act. In an effort to alleviate the situation, Federal Communications Commission...
Emotet's Thanksgiving Campaign Delivers New Recipes for Compromise
Emotet, the seemingly ubiquitous banking trojan, has turned up again after a small hiatus, this time as the anchor in a Thanksgiving-themed campaign that cranked up in the U.S. this week. It has also upgraded its capabilities with new tactics and modules, which has boosted its efficacy, according...
Sofacy APT Takes Aim with Novel 'Cannon' Trojan
The Sofacy APT group is back, with a new second-stage custom malware payload that researchers have dubbed “Cannon.” A campaign against several government entities around the globe, including in North America, Europe and a former Soviet state, came in waves during late October and early November,...
Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS
Adobe released a patch for a critical flaw on Tuesday that leaves its Flash Player vulnerable to arbitrary code execution by an adversary. Affected are versions of the Flash Player running on Windows, macOS, Linux and Chrome OS. In tandem, a Microsoft Security Advisory was also issued for the bug...
Gmail Glitch Enables Anonymous Messages in Phishing Attacks
A Gmail bug has been discovered that allows a hacker to tinker with the “from” header in an email and ultimately leave the sender display blank, rendering the email anonymous. The trick could be weaponized for phishing attacks that purport to be official warnings or system messages. Software...
APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
A phishing campaign bent on espionage, believed to be launched by the nation-state threat group known as APT29, is targeting high-value targets across the think-tank, law enforcement, media, U.S. military, imagery, transportation, pharmaceutical, national government and defense contracting sector...
Olympic Destroyer Wiper Changes Up Infection Routine
Olympic Destroyer, the wiper malware that briefly disrupted the Winter Olympic Games in South Korea earlier this year, appears to be back with a new first-stage dropper variant. It contains a few significant changes that indicate an evolution for the APT group behind it, according to researchers...
VisionDirect Blindsided By Magecart in Data Breach
The insidious Magecart threat group has struck again – this time hitting VisionDirect in a data breach that sucked up customer’s personal details and payment card information. In a data-breach notice posted over the weekend, the popular European contact lenses merchant said that the breach occurr...
Ford Eyes Using Personal Data to Boost Profits
UPDATE Ford Motor Company is known for making cars and trucks; but the future for the iconic automaker might look a little more like Facebook than an assembly line. As it struggles with hemorrhaging earnings in markets outside of North America, industry-watchers are speculating that Ford is looki...
Stopping the Infiltration of Things
The Internet of Things – connected devices that contain network sensors to allow for remote monitoring and control, are expected to hit 75-billion devices installed by 2025. These devices include everything from home routers, remote cameras to healthcare devices. This wide-ranging...
Cryptojacking Attack Targets Make-A-Wish Foundation Website
Hackers have been stealing CPU-cycles from visitors to the Make-A-Wish Foundation’s international website in order to mine for Monero cryptocurrency. Researchers said they found the CoinIMP mining script embedded in the non-profit’s website, and that it was taking advantage of the Drupalgeddon 2...
Emoji Attack Can Kill Skype for Business Chat
A denial of service DoS vulnerability in the Skype for Business unified communications platform has been uncovered, which can be triggered by sending large numbers of emojis to the instant messaging client. According to the SEC Consult Vulnerability Lab, which discovered the flaw CVE-2018-8546,...
Gmail Glitch Offers Stealthy Trick for Phishing Attacks
A strange glitch in Gmail can be exploited to place emails into a person’s “Sent” folder — even if that person never sent them. Researchers who discovered the bug worry that it gives phishers and scammers another avenue to trick unsuspecting users into clicking on malicious links or opening rogue...
Critical WordPress Plugin Flaw Grants Admin Access to Any Registered Site User
Another day, another critical WordPress plugin vulnerability. The popular AMP for WP plugin, which helps WordPress sites load faster on mobile browsers, has a privilege-escalation flaw that allows WordPress site users of any level to make administrative changes to a website. The plugin, which has...
Lock-Screen Bypass Bug Quietly Patched in Handsets
A design flaw affecting all in-display fingerprint sensors – that left over a half-dozen cellphone models vulnerable to a trivial lock-screen bypass attack – has been quietly patched. The flaw was tied to a bug in the popular in-display fingerprint reader technology used for user authentication...
tRat Emerges as New Pet for APT Group TA505
A new modular malware written in Delphi dubbed tRat has scurried into the spotlight, after making its debut in large spam campaigns this fall. The remote-access trojan has yet to show all of its cards to researchers, and seems to be in a testing phase, but the fact that well-known APT group TA505...
Managing the Risk of IT-OT Convergence
A few years ago, it wasn’t easy getting executives on board with the concept of operational technology OT security. Having finally come around to acknowledging the need for information technology IT security, boards and C-suite executives at industrial enterprises were then faced with the...
Connected Wristwatch Allows Hackers to Stalk, Spy On Children
Wristwatches with tracking capabilities have gained popularity over the years as an easy way for parents to keep tabs on their children. But a newly-discovered hole in a popular Misafes watch opens up these tracking capabilities to bad actors, which could ultimately threaten the physical safety o...
Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers
No less than 14 malware families are targeting e-commerce brands to steal from unsuspecting consumers ahead of the official holiday shopping season. As the Black Friday post-Thanksgiving buying bonanza looms, in all of its door-busting and elbow-throwing glory, many are opting to stay at home and...
Bitcoin Giveaway Scam Balloons, with Google the Latest Victim
Google’s official G Suite Twitter account, which has more than 800,000 followers, on Tuesday became the latest victim of an increasingly widespread Bitcoin scam, according to researchers. The growing size and scope of the scam — as well as the cybercriminals’ success in hijacking high-profile,...
Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers
Three major mobile phone models – the Samsung Galaxy S9, iPhone X and the Xiaomi Mi6 – failed to survive the hacker onslaught at this year’s Pwn2Own Tokyo 2018. In all, 18 exploits, with some attacks chaining together as many as five exploits, were used to own the three phones and earn hacker tea...
Siemens Patches Firewall Flaw That Put Operations at Risk
Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized acce...
Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2
Microsoft patched a zero-day vulnerability that enabled attackers to escalate privileges on targeted systems, which include Windows 7, Server 2008 and Server 2008 R2 systems. The vulnerability, rated important, was part of Microsoft’s Patch Tuesday November security bulletin, which included 62...
Google's G Suite, Search and Analytics Taken Down in Hijacking
Google said key business services were knocked offline Monday when web traffic to a portion of its cloud platform was hijacked and routed through Chinese, Nigerian and Russian ISPs. The incident lasted for 74 minutes in what is called a Border Gateway Protocol BGP hijacking. BGP is a protocol tha...
Unpatched Android OS Flaw Allows Adversaries to Track User Location
A flaw in the Android mobile operating system could allow an attacker with physical proximity to a WiFi router to track the location of users within the router’s range. The issue CVE-2018-9581 allows information leakage stemming from inter-process communication. While applications on Android are...
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
Adobe on Tuesday released three patches – including a fix for a flaw in Adobe Acrobat and Reader that exposes hashed passwords that already has a proof-of-concept PoC exploit code publicly available. The information disclosure vulnerability, CVE-2018-15979, exists in Adobe Acrobat and Reader for...
Podcast: IoT Firms Face a ‘Tidal Wave' of Lawsuits, Attorney Explains
When it comes to IoT security, legal action is “a matter of when not if.” That’s according to Ijay Palansky, an attorney in Armstrong Teasdale’s Litigation practice group. Palansky represented plaintiffs and class members who alleged in the infamous 2015 Jeep hacking class-action lawsuit that the...
Emotet Campaign Ramps Up with Mass Email Harvesting Module
A large-scale spam campaign has launched, spreading the Emotet banking trojan. Worryingly, the offensive has launched about a week after a fresh module for mass email-harvesting was detected for the malware. Emotet is technically a banking trojan, but it’s most often used as a dropper for a varie...
U.S. Chip Cards Are Being Compromised in the Millions
Chip-and-PIN technology has become the de-facto standard for in-person credit- and debit-card transactions in the U.S. – but a lack of merchant compliance means that cards are still being compromised in the millions. Chip cards, which contain an embedded microprocessor that encrypts the card data...
Malware-Laced App Stayed on Google Play For a Year
An Android app booby-trapped with malware was recently taken down from Google Play — after being available for download for almost a year. The trojan was discovered by ESET malware researcher Lukas Stefanko, wrapped into an app called the Simple Call Recorder. The main purpose of the malware was ...
New Boom in Facial Recognition Tech Prompts Privacy Alarms
Somewhat quietly over the past couple of years there has been a flurry of breakthroughs in biometric technology, led by some leapfrog advances in facial recognition systems. Now facial recognition appears to be on the verge of blossoming commercially, with security use-cases paving the way. Last...
Lawsuits Aim Billions in Fines at Equifax and Ad-Targeting Companies
Equifax, Experian and Oracle are among a slate of companies whose business is consumer information, that could soon face billions of dollars in fines for improper data handling. Privacy International has filed complaints against seven corporations, consisting of data brokers Acxiom and Oracle,...
Recently-Patched Adobe ColdFusion Flaw Exploited By APT
An Adobe ColdFusion vulnerability, patched two months ago, was being exploited in the wild by a China-linked APT group, researchers found. The vulnerability, CVE-2018-15961, is a critical unrestricted file upload bug that could also lead to arbitrary code-execution, researchers at Volexity, who...
ThreatList: Google Play Nine Times Safer Than Third-Party App Stores
Bearing out the conventional wisdom that avoiding third-party app stores is a security best practice, new data from Google shows that Android devices that only download apps from Google Play are nine times less likely to end up with malware. According to Google’s inaugural Android Ecosystem...
Threatpost News Wrap Podcast for Nov. 9
Midterm elections aside, it has been a busy week in the infosec world. On Monday, the Pentagon suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal. On Wednesday, Cisco in an advisory revealed that it had “inadvertently” shipped an in-house...
Embracing the Cybersecurity ‘Grey Space’
It is just as tiring for security teams to keep saying “No” as it is for every other department to keep hearing it. To preserve some level of smooth operations in an organization, security teams need to find a way to let employees move data around while still protecting digital assets like IP and...
Pentagon Draws Back the Veil on APT Malware with Sudden Embrace of VirusTotal
The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that’s used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape. The Cyber...