Tag: Threatpost

This article has been indexed from Threatpost The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn. Read the original article: ChromeLoader Browser Hijacker Provides Gateway…

Read more →

This article has been indexed from Threatpost Malware loads itself from remote servers and bypasses Microsoft’s Defender AV scanner, according to reports. Read the original article: Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack

Read more →

This article has been indexed from Threatpost Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks. Read the original article: Critical Flaws in Popular ICS Platform Can Trigger…

Read more →

This article has been indexed from Threatpost Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin. Read the original article: Cybergang Claims REvil is…

Read more →

This article has been indexed from Threatpost 2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. Read the original article: Verizon Report: Ransomware, Human Error Among Top…

Read more →

This article has been indexed from Threatpost The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Read the original article: Zoom Patches ‘Zero-Click’ RCE Bug

Read more →

This article has been indexed from Threatpost A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names. Read the original article: Link Found Connecting Chaos, Onyx and Yashma Ransomware

Read more →

This article has been indexed from Threatpost Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda. Read the original article: Fronton IOT Botnet Packs Disinformation Punch

Read more →

This article has been indexed from Threatpost Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments. Read the original article: Zero Trust for Data Helps Enterprises Detect, Respond and…

Read more →

This article has been indexed from Threatpost Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug. Read the original article: Snake Keylogger Spreads Through Malicious PDFs

Read more →

This article has been indexed from Threatpost Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell. Read the original article: Closing the Gap Between Application Security and Observability

Read more →

This article has been indexed from Threatpost More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. Read the original article: 380K Kubernetes API Servers Exposed to Public Internet

Read more →

This article has been indexed from Threatpost Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. Read the original article: Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

Read more →

This article has been indexed from Threatpost The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind. Read the original article: DOJ Says Doctor is Malware Mastermind

Read more →

This article has been indexed from Threatpost Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild. Read the original article: April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell

Read more →

This article has been indexed from Threatpost Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. Read the original article: APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days

Read more →

This article has been indexed from Threatpost Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins. Read the original article: Sysrv-K Botnet Targets Windows, Linux

Read more →

This article has been indexed from Threatpost Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware. Read the original article: iPhones Vulnerable to Attack Even When…

Read more →

This article has been indexed from Threatpost Microsoft’s May Patch Tuesday update is triggering authentication errors. Read the original article: Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors

Read more →

This article has been indexed from Threatpost An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers. Read the original article: Threat Actors Use Telegram to…

Read more →

This article has been indexed from Threatpost Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. Read the original article: Malware Builder Leverages Discord Webhooks

Read more →

This article has been indexed from Threatpost Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company’s attack surface and the “blast radius” of a potential attack. Read the original article: You Can’t Eliminate Cyberattacks, So…

Read more →

This article has been indexed from Threatpost The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. Read the original article: Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks

Read more →

This article has been indexed from Threatpost A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains. Read the original article: Novel Phishing Trick Uses Weird Links to Bypass Spam Filters

Read more →

This article has been indexed from Threatpost Dell and HP were among the first to release patches and fixes for the bug. Read the original article: Intel Memory Bug Poses Risk for Hundreds of Products

Read more →

This article has been indexed from Threatpost Microsoft’s May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments. Read the original article: Actively Exploited Zero-Day Bug Patched…

Read more →

This article has been indexed from Threatpost Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. Read the original article: Ransomware Deals Deathblow to 157-year-old…

Read more →

This article has been indexed from Threatpost The bug has a severe rating of 9.8, public exploits are released. Read the original article: Hackers Actively Exploit F5 BIG-IP Bug

Read more →

This article has been indexed from Threatpost The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks. Read the original article: Conti Ransomware Attack Spurs State of Emergency in Costa…

Read more →

This article has been indexed from Threatpost Researchers say a hacker is selling access to quality malware for chump change. Read the original article: Low-rent RAT Worries Researchers

Read more →

This article has been indexed from Threatpost A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. Read the original article: FBI: Rise in Business Email-based Attacks is a $43B Headache

Read more →

This article has been indexed from Threatpost In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well…

Read more →

This article has been indexed from Threatpost In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well…

Read more →

This article has been indexed from Threatpost Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. Read the original article: USB-based Wormable Malware Targets Windows Installer

Read more →

This article has been indexed from Threatpost The vulnerability is ‘critical’ with a CVSS severity rating of 9.8 out of 10. Read the original article: F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

Read more →

This article has been indexed from Threatpost A close look at a new type of network, known as a Cloud Area Network. Read the original article: CANs Reinvent LANs for an All-Local World

Read more →

This article has been indexed from Threatpost Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said. Read the original article: VHD Ransomware Linked to North Korea’s…

Read more →

This article has been indexed from Threatpost A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data. Read the original article: China-linked APT Caught Pilfering Treasure Trove of IP

Read more →

This article has been indexed from Threatpost A sophisticated campaign utilizes a novel anti-detection method. Read the original article: Attackers Use Event Logs to Hide Fileless Malware

Read more →

This article has been indexed from Threatpost A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices. Read the original article: Unpatched DNS Bug Puts Millions of…

Read more →

This article has been indexed from Threatpost Popular apps to support people’s psychological and spiritual well-being can harm them by sharing their personal and sensitive data with third parties, among other privacy offenses. Read the original article: Mozilla: Lack of…

Read more →

This article has been indexed from Threatpost Aamir Lakhani, global security strategist and researcher at FortiGuard Labs, zeroes in on how adversaries are targeting ‘remote everything’. Read the original article: Bad Actors Are Maximizing Remote Everything

Read more →

This article has been indexed from Threatpost A deep dive into securing containerized environments and understanding how they present unique security challenges. Read the original article: Deep Dive: Protecting Against Container Threats in the Cloud

Read more →

This article has been indexed from Threatpost Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps. Read the original article: Security Turbulence in the Cloud: Survey Says…

Read more →

This article has been indexed from Threatpost The threat group known as TA410 that wields the sophisticated FlowCloud RAT actually has three subgroups operating globally, each with their own toolsets and targets. Read the original article: Cyberespionage APT Now Identified…

Read more →

This article has been indexed from Threatpost GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations. Read the…

Read more →

This article has been indexed from Threatpost At least five APTs are believed involved with attacks tied ground campaigns and designed to damage Ukraine’s digital infrastructure. Read the original article: Cyberattacks Rage in Ukraine, Support Military Operations

Read more →

This article has been indexed from Threatpost The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default. Read the original article: Emotet is Back From ‘Spring Break’ With New Nasty…

Read more →

This article has been indexed from Threatpost Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found. Read the original article: Millions of…

Read more →

This article has been indexed from Threatpost Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk. Read the original article: Firms Push for CVE-Like Cloud Bug System

Read more →

This article has been indexed from Threatpost A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight. Read the original article: Nation-state Hackers Target Journalists with Goldbackdoor Malware

Read more →

This article has been indexed from Threatpost No government and customer data was accessed. Read the original article: Lapsus$ Hackers Target T-Mobile

Read more →

This article has been indexed from Threatpost How to use zero-trust architecture effectively in today’s modern cloud-dependent infrastructures. Read the original article: Zero-Trust For All: A Practical Guide

Read more →

This article has been indexed from Threatpost Nate Warfield, CTO at Prevailion, discusses the dangers of focusing on zero-day security vulnerabilities, and how security teams are being distracted from the day-to-day work that prevents most breaches. Read the original article:…

Read more →

This article has been indexed from Threatpost In this time of unprecedented cyberwar, organizations must protect the personal digital lives of their executives in order to reduce the company’s risk of direct or collateral damage. Read the original article: Protect…

Read more →

This article has been indexed from Threatpost Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia. Read the original article: ‘CatalanGate’ Spyware Infections Tied to NSO Group

Read more →

This article has been indexed from Threatpost Exploring what’s next for public-cloud security, including top risks and how to implement better risk management. Read the original article: Rethinking Cyber-Defense Strategies in the Public-Cloud Age

Read more →

This article has been indexed from Threatpost Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Read the original article: Google: 2021 was a Banner Year for Exploited 0-Day Bugs

Read more →

This article has been indexed from Threatpost A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs. Read the original article: Most Email Security Approaches Fail to Block…

Read more →

This article has been indexed from Threatpost Threat actors target Office 365 and Google Workspace in a new campaign, which uses a legitimate domain associated with a road-safety center in Moscow to send messages. Read the original article: Attackers Spoof…

Read more →

This article has been indexed from Threatpost The popular underground market traded in drugs, stolen data, forged documents and more — raking in billions in Bitcoin. Read the original article: Authorities Fully Behead Hydra Dark Marketplace

Read more →

This article has been indexed from Threatpost This fresh malware strain extends the functionality of typical trojans with advanced functionality and a series of modules for launching various types of threat activity. Read the original article: No-Joke Borat RAT Propagates…

Read more →

This article has been indexed from Threatpost The vulnerabilities could allow threat actors to disrupt or access kernel activity and may be under active exploit. Read the original article: Apple Rushes Out Patches for 0-Days in MacOS, iOS

Read more →

This article has been indexed from Threatpost Ghostwriter is one of 3 campaigns using war-themed attacks, with cyber-fire coming in from government-backed actors in China, Iran, North Korea & Russia. Read the original article: Belarusian ‘Ghostwriter’ Actor Picks Up BitB…

Read more →

This article has been indexed from Threatpost A bug in Honda is indicative of the sprawling car-attack surface that could give cyberattackers easy access to victims, as global use of ‘smart car tech’ and EVs surges. Read the original article:…

Read more →

This article has been indexed from Threatpost QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch. Read the original article: QNAP Customers Adrift, Waiting…

Read more →

This article has been indexed from Threatpost Mystified? Now’s the time to learn about cryptocurrency-associated risks: Listen to KnowBe4’s Dr. Lydia Kostopoulos explain blockchain, NFTs and how to stay safe. Read the original article: A Blockchain Primer and a Bored…

Read more →

This article has been indexed from Threatpost The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in any number of Java applications. Read the original article: RCE Bug in Spring Cloud Could Be the Next…

Read more →

This article has been indexed from Threatpost The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in literally millions of Java applications. Read the original article: Critical RCE Bug in Spring Could Be the Next…

Read more →

This article has been indexed from Threatpost The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more. Read the original article: Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments

Read more →

This article has been indexed from Threatpost The internet giant issued an update for the bug, which is found in the open-source V8 JavaScript engine. Read the original article: Google Chrome Bug Actively Exploited as Zero-Day

Read more →

This article has been indexed from Threatpost Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers’ DevOps platforms – to its hit list. Read the original article: Lapsus$ ‘Back from Vacation’

Read more →

This article has been indexed from Threatpost A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin. Read the original article: MSHTML Flaw Exploited to Attack Russian Dissidents

Read more →

This article has been indexed from Threatpost Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing. Read the original article: Log4JShell Used to Swarm VMware Servers with Miners, Backdoors

Read more →

This article has been indexed from Threatpost The ever-evolving malware shows off new tactics that use email thread hijacking and other obfuscation techniques to provide advanced evasion techniques. Read the original article: Exchange Servers Speared in IcedID Phishing Campaign

Read more →

This article has been indexed from Threatpost “We made a mistake,” Okta said, owning up to its responsibility for security incidents that hit its service providers and potentially its own customers. Read the original article: Okta Says It Goofed in…

Read more →

This article has been indexed from Threatpost The security vendor’s appliance suffers from an authentication-bypass issue. Read the original article: Critical Sophos Security Bug Allows RCE on Firewalls

Read more →

This article has been indexed from Threatpost The supply-chain attack on the U.S. energy sector targeted thousands of computers at hundreds of organizations, including at least one nuclear power plant. Read the original article: DOJ Indicts Russian Gov’t Employees Over…

Read more →

This article has been indexed from Threatpost Two separate campaigns from different threat actors targeted users with the same exploit kit for more than a month before the company fixed an RCE flaw found in February. Read the original article:…

Read more →

This article has been indexed from Threatpost London Police can’t say if they nabbed the 17-year-old suspected mastermind & multimillionaire – but researchers say they’ve been tracking an Oxford teen since mid-2021. Read the original article: UK Cops Collar 7…

Read more →

This article has been indexed from Threatpost A large-scale, automated typosquatting attack saw 200+ malicious packages flood the npm code repository, targeting popular Azure scopes. Read the original article: Microsoft Azure Developers Awash in PII-Stealing npm Packages

Read more →

This article has been indexed from Threatpost A patch fixes exploit hidden in Elden Ring that traps PC players in a ‘death loop.’ Read the original article: Just-Released Dark Souls Game, Elden Ring, Includes Killer Bug

Read more →

This article has been indexed from Threatpost ~30 crypto companies were affected, including BlockFi, Swan Bitcoin and NYDIG, providing an uncomfortable reminder about how much data CRM systems snarf up. Read the original article: HubSpot Data Breach Ripples Through Crytocurrency…

Read more →

This article has been indexed from Threatpost Mustang Panda’s already sophisticated cyberespionage campaign has matured even further with the introduction of a brand-new PlugX RAT variant. Read the original article: Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection

Read more →

This article has been indexed from Threatpost Attackers are hiding interesting malware in a boring place, hoping victims won’t bother to look. Read the original article: Microsoft Help Files Disguise Vidar Malware

Read more →

This article has been indexed from Threatpost Threat actors are impersonating such wildly popular personal-finance apps (which are used more than social media or streaming services) to try to fool people into giving up their credentials. Read the original article:…

Read more →

This article has been indexed from Threatpost Bots & automated attacks have exploded, with attackers and developers alike in love with APIs, according to a new Cequence Security report. Hacker-in-residence Jason Kent explains the latest. Read the original article: Top…

Read more →

This article has been indexed from Threatpost A new steady stream of attacks against network-attached storage devices from the Taiwan-based vendor is similar to a wave that occurred in January. Read the original article: DeadBolt Ransomware Resurfaces to Hit QNAP…

Read more →

This article has been indexed from Threatpost The data-extortion gang got at Microsoft’s Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack. Read the original article:…

Read more →

This article has been indexed from Threatpost Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana. Read the original article: Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta

Read more →

This article has been indexed from Threatpost “Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared. Read the original article: Russia Lays…

Read more →

This article has been indexed from Threatpost “Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared. Read the original article: Russia Lays…

Read more →

This article has been indexed from Threatpost “Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared. Read the original article: Russia Lays…

Read more →

This article has been indexed from Threatpost After years of promising a passwordless future – really, any day now! – FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts aren’t so sure. Read the…

Read more →

This article has been indexed from Threatpost An unusual attack using an open-source Python package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies. Read the original article: Serpent Backdoor Slithers into Orgs Using Chocolatey Installer

Read more →

This article has been indexed from Threatpost Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft,…

Read more →

This article has been indexed from Threatpost The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it’s actually spyware capable of stealing any and all information from victims’ social-media accounts. Read the original…

Read more →

This article has been indexed from Threatpost The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code. Read the original article: Conti Ransomware V. 3, Including Decryptor, Leaked

Read more →

This article has been indexed from Threatpost A ransomware attack struck Bridgestone Americas, weeks after another Toyota supplier experienced the same and a third reported some kind of cyber hit. Read the original article: Bridgestone Hit as Ransomware Torches Toyota…

Read more →

This article has been indexed from Threatpost The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure. Read the original article: Agencies Warn on Satellite Hacks…

Read more →