Tag: Threatpost

This article has been indexed from Threatpost Dangerous security bugs stemming from widespread inconsistencies among 16 popular third-party URL-parsing libraries could affect a wide swath of web applications. Read the original article: URL Parsing Bugs Allow DoS, RCE, Spoofing &…

Read more →

This article has been indexed from Threatpost Cyberattacks increased 50 percent YoY in 2021 and peaked in December due to a frenzy of Log4j exploits, researchers found. Read the original article: Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time…

Read more →

This article has been indexed from Threatpost End of life, end of support, pandemic-induced shipping delays and remote work, scanning failures: It’s a recipe for a patching nightmare, federal cyberserurity CTO Matt Keller says. Read the original article: EoL Systems…

Read more →

This article has been indexed from Threatpost Fertility Centers of Illinois’ security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files. Read the original article: Cyberattackers Hit Data of 80K Fertility Patients

Read more →

This article has been indexed from Threatpost Attackers are trading millions of records from a trio of pre-holiday breaches on an online forum. Read the original article: 3.7M FlexBooker Records Dumped on Hacker Forum

Read more →

This article has been indexed from Threatpost There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned. Read the original article: QNAP: Get NAS Devices Off the Internet Now

Read more →

This article has been indexed from Threatpost Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat. Read the original article: Log4J-Related RCE Flaw in H2 Database Earns…

Read more →

This article has been indexed from Threatpost Activision is suing to shut down the EngineOwning cheat-code site and hold individual developers and coders liable for damages. Read the original article: Activision Files Unusual Lawsuit over Call of Duty Cheat Codes

Read more →

This article has been indexed from Threatpost The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week. Read the original article:…

Read more →

This article has been indexed from Threatpost ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch. Read the original article:…

Read more →

This article has been indexed from Threatpost The ‘NoReboot’ technique is the ultimate in persistence for iPhone malware, preventing reboots and enabling remote attackers to do anything on the device while remaining completely unseen. Read the original article: Apple iPhone…

Read more →

This article has been indexed from Threatpost A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said. Read the original article: Attackers Exploit Flaw in Google…

Read more →

This article has been indexed from Threatpost The accounts fell victim to credential-stuffing attacks, according to the New York State AG. Read the original article: 1.1M Compromised Accounts Found at 17 Major Companies

Read more →

This article has been indexed from Threatpost The group blends into an environment before loading up trivial, thickly stacked, fraudulent financial transactions too tiny to be noticed but adding up to millions of dollars. Read the original article: ‘Elephant Beetle’…

Read more →

This article has been indexed from Threatpost More than 1.3 million patient records were stolen in the just-disclosed breach, which occurred back in October. Read the original article: Broward Breach Highlights Healthcare Supply-Chain Problems

Read more →

This article has been indexed from Threatpost A simple-to-exploit bug that allows bad actors to send emails from Uber’s official system — skating past email security — went unaddressed despite multiple flagging by researchers. Read the original article: Uber Bug,…

Read more →

This article has been indexed from Threatpost Companies that fail to protect secure consumer data from Log4J attacks are at risk of facing Equifax-esque legal action and fines, the FTC warned. Read the original article: FTC to Go After Companies…

Read more →

This article has been indexed from Threatpost The info-stealing campaign using ZLoader malware – previously used to deliver Ryuk and Conti ransomware – already has claimed more than 2,000 victims across 111 countries. Read the original article: ‘Malsmoke’ Exploits Microsoft’s…

Read more →

This article has been indexed from Threatpost Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December. Read the original article: Microsoft Sees Rampant Log4j…

Read more →

This article has been indexed from Threatpost The campaign was an opportunistic supply-chain attack abusing a weaponized cloud video player. Read the original article: Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites

Read more →

This article has been indexed from Threatpost SEGA’s disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets. Read the original article: SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access…

Read more →

This article has been indexed from Threatpost Multiple malicious installers were delivering the same Purple Fox rootkit version using the same attack chain, possibly distributed via email or phishing sites. Read the original article: Purple Fox Rootkit Dropped by Malicious…

Read more →

This article has been indexed from Threatpost The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack. Read the original article: McMenamins Data Breach Affects 12 Years of Employee Info

Read more →

This article has been indexed from Threatpost The websites of the company and the Expresso newspaper, as well as all of its SIC TV channels remained offline Tuesday after the New Year’s weekend attack. Read the original article: Portugal Media…

Read more →

This article has been indexed from Threatpost Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs. Read the original article: What the Rise in…

Read more →

This article has been indexed from Threatpost Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution. Read the original article: APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit…

Read more →

This article has been indexed from Threatpost Jason Kent, hacker-in-residence at Cequence Security, discusses sneaky shopping bot tactics (i.e., domain parking) seen in a mass campaign, and what retail security teams can do about them. Read the original article: Threat…

Read more →

This article has been indexed from Threatpost Here’s what cybersecurity watchers want infosec pros to know heading into 2022. Read the original article: 5 Cybersecurity Trends to Watch in 2022

Read more →

This article has been indexed from Threatpost Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency. Read the original article: Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Read more →

This article has been indexed from Threatpost Security flaws in the recently released Fisher-Price Chatter Bluetooth telephone can allow nearby attackers to spy on calls or communicate with children using the device. Read the original article: That Toy You Got…

Read more →

This article has been indexed from Threatpost The year wasn’t ALL bad news. These sometimes cringe-worthy/sometimes laughable cybersecurity and other technology stories offer schadenfreude and WTF opportunities, and some giggles. Read the original article: 2021 Wants Another Chance (A Lighter-Side…

Read more →

This article has been indexed from Threatpost Casey Ellis, CTO at Bugcrowd, outlines how international relations have deteriorated into a new sort of Cold War, with espionage playing out in the cyber-domain. Read the original article: Global Cyberattacks from Nation-State…

Read more →

This article has been indexed from Threatpost A look back at what was hot with readers in this second year of the pandemic. Read the original article: The 5 Most-Wanted Threatpost Stories of 2021

Read more →

This article has been indexed from Threatpost The security vulnerability could expose passwords and access tokens, along with blueprints for internal infrastructure and finding software vulnerabilities. Read the original article: 4-Year-Old Microsoft Azure Zero-Day Exposes Web App Source Code

Read more →

This article has been indexed from Threatpost Attackers use the Telegram handle “Smokes Night” to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said. Read the original article: Telegram Abused to Steal Crypto-Wallet…

Read more →

This article has been indexed from Threatpost The origin of the Monero cryptominer file has been traced to a Russian torrent website, researchers report. Read the original article: ‘Spider-Man: No Way Home’ Download Installs Cryptominer

Read more →

This article has been indexed from Threatpost Overtaking the Conti ransomware gang, PYSA finds success with government-sector attacks. Read the original article: PYSA Emerges as Top Ransomware Actor in November

Read more →

This article has been indexed from Threatpost A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers. Read the original article: All in One SEO Plugin Bug Threatens 3M Websites with Takeovers

Read more →

This article has been indexed from Threatpost Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects. Read the original article: Critical Apache HTTPD…

Read more →

This article has been indexed from Threatpost Attackers exploiting bugs in the “link preview” feature in Microsoft Teams could abuse the flaws to spoof links, leak an Android user’s IP address and launch a DoS attack. Read the original article:…

Read more →

This article has been indexed from Threatpost There are 17,000npatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. Read the original article: Java Code Repository Riddled with Hidden Log4j Bugs; Here’s…

Read more →

This article has been indexed from Threatpost A quarter-billion of those passwords were not seen in previous breaches that have been added to Have I Been Pwned. Read the original article: Half-Billion Compromised Credentials Lurking on Open Cloud Server

Read more →

This article has been indexed from Threatpost Microsoft is urging customers to patch two Active Directory domain controller bugs after a PoC tool was publicly released on Dec. 12. Read the original article: Two Active Directory Bugs Lead to Easy…

Read more →

This article has been indexed from Threatpost APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence. Read the original article: FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

Read more →

This article has been indexed from Threatpost Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain. Read the original article: Conti Ransomware Gang Has Full Log4Shell Attack Chain

Read more →

This article has been indexed from Threatpost T-Mobile reported blocking 21 billion scam calls during a record-smashing year for robocalls. Read the original article: Robocalls More Than Doubled in 2021, Cost Victims $30B

Read more →

This article has been indexed from Threatpost The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. Read the original article:…

Read more →

This article has been indexed from Threatpost Meta, Facebook’s parent company, said that the seven banned actors run fake accounts on its platforms to deceive users and plant malware on targets’ phones. Read the original article: Facebook Bans Spy-for-Hire Firms…

Read more →

This article has been indexed from Threatpost Attackers are using the excitement over the new Spider-Man movie to steal bank information and spread malware. Read the original article: Spider-Man Movie Release Frenzy Bites Fans with Credit-Card Harvesting

Read more →

This article has been indexed from Threatpost Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges. Read the original article: Malicious Joker App Scores Half-Million Downloads on Google Play

Read more →

This article has been indexed from Threatpost The discovery, which affects services running as localhost that aren’t exposed to any network or the internet, vastly widens the scope of attack possibilities. Read the original article: Brand-New Log4Shell Attack Vector Threatens…

Read more →

This article has been indexed from Threatpost Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments. Read the original article: Convergence Ahoy: Get Ready for Cloud-Based Ransomware

Read more →

This article has been indexed from Threatpost The incident occurred last weekend at the popular chain of restaurants, hotels and breweries, which is still facing disruptions. Read the original article: Conti Gang Suspected of Ransomware Attack on McMenamins

Read more →

This article has been indexed from Threatpost Analysts warn that the attack group, now known as ‘Earth Centaur,’ is honing its attacks to go after transportation and government agencies. Read the original article: ‘Tropic Trooper’ Reemerges to Target Transportation Outfits

Read more →

This article has been indexed from Threatpost It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Read the original article: ‘PseudoManuscrypt’ Mass Spyware Campaign…

Read more →

This article has been indexed from Threatpost The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access. Read the original article: ‘DarkWatchman’ RAT Shows Evolution…

Read more →

This article has been indexed from Threatpost More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Read the original article: Relentless Log4j Attacks Include State Actors, Possible Worm

Read more →

This article has been indexed from Threatpost “Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Read the original article: Malicious Exchange Server Module Hoovers Up Outlook Credentials

Read more →

This article has been indexed from Threatpost SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. Read the original article: SAP…

Read more →

This article has been indexed from Threatpost Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. Read the original article: Apache’s Fix for Log4Shell…

Read more →

This article has been indexed from Threatpost If 2021 was the Year of Supply Chain Pain, 2022 will be the Year of Supply Chain Chronic Pain (or something worse than pain). This past year, the pain was felt in two…

Read more →

This article has been indexed from Threatpost It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. Read the original article: Apple…

Read more →

This article has been indexed from Threatpost December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Read the original article: Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

Read more →

This article has been indexed from Threatpost The new campaign masqueraded as an Orange Telecom account management app to deliver the latest iteration of Anubis banking malware. Read the original article: 400 Banks’ Customers Targeted with Anubis Trojan

Read more →

This article has been indexed from Threatpost An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. Read the original article: What…

Read more →

This article has been indexed from Threatpost Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Read the original article: How to Buy Precious…

Read more →

This article has been indexed from Threatpost The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Read the original article: ‘Seedworm’ Attackers Target Telcos in Asia, Middle East

Read more →

This article has been indexed from Threatpost Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses ands vacation tracking. Read the original article:…

Read more →

This article has been indexed from Threatpost The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. Read the original article: Malicious PyPI Code Packages Rack Up Thousands of Downloads

Read more →

This article has been indexed from Threatpost Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Read the original article: Where the Latest Log4Shell Attacks Are Coming From

Read more →

This article has been indexed from Threatpost The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. Read the original article: Log4Shell Is…

Read more →

This article has been indexed from Threatpost Malicious email attachments with macros are one of the most common ways hackers get in through the door. Huntress security researcher John Hammond discusses how threat hunters can fight back. Read the original…

Read more →

This article has been indexed from Threatpost Scammers are using fake job listings to empty the wallets of young, hopeful victims looking to break into the gaming industry. Read the original article: ‘Appalling’ Riot Games Job Fraud Takes Aim at…

Read more →

This article has been indexed from Threatpost The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” Read the original article: Zero Day in Ubiquitous Apache Log4j Tool…

Read more →

This article has been indexed from Threatpost Cyberattackers are targeting security vulnerabilities in four plugins plus Epsilon themes, to assign themselves administrative accounts. Read the original article: Sprawling Active Attack Aims to Take Over 1.6M WordPress Sites

Read more →

This article has been indexed from Threatpost The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. Read the original article: ‘Karakurt’ Extortion Threat Emerges, But Says…

Read more →

This article has been indexed from Threatpost U.S. and Canada charge Ottawa man for ransomware attacks, signaling that North America is no cybercriminal haven. Read the original article: Canadian Ransomware Arrest Is a Meaningful Flex, Experts Say

Read more →

This article has been indexed from Threatpost E-commerce’s proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale. Read the original article: Fueled by Pandemic Realities,…

Read more →

This article has been indexed from Threatpost The powerful devices leveraged by the Meris botnet have weaknesses that make them easy to exploit, yet complex for organizations to track and secure, researchers said. Read the original article: How MikroTik Routers…

Read more →

This article has been indexed from Threatpost The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. Read the original article: Malicious npm Code Packages Built for Hijacking Discord Servers

Read more →

This article has been indexed from Threatpost Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned. Read the original article: Moobot Botnet Chews Up Hikvision Surveillance Systems

Read more →

This article has been indexed from Threatpost Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. Read the original article: Critical SonicWall VPN Bugs Allow Complete Appliance Takeover

Read more →

This article has been indexed from Threatpost DoH! Nate Warfield, CTO of Prevailion, discusses new stealth tactics threat actors are using for C2, including Malleable C2 from Cobalt Strike’s arsenal. Read the original article: Not with a Bang but a…

Read more →

This article has been indexed from Threatpost Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a dozen cloud services…

Read more →

This article has been indexed from Threatpost The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets. Read the original article: Emotet’s Behavior…

Read more →

This article has been indexed from Threatpost There’s an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. Read the original article: Windows 10 Drive-By RCE Triggered by Default URI…

Read more →

This article has been indexed from Threatpost Underground arbitration system settles disputes between cybercriminals. Read the original article: When Scammers Get Scammed, They Take It to Cybercrime Court

Read more →

This article has been indexed from Threatpost The malware’s unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely. Read the original article: Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators

Read more →

This article has been indexed from Threatpost One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. Read the original article: SolarWinds Attackers…

Read more →

This article has been indexed from Threatpost BitMart confirmed it had been drained of ~$150 million in cryptocurrency assets, but a blockchain security firm said it’s closer to $200 million. Read the original article: Crypto-Exchange BitMart to Pay Users for…

Read more →

This article has been indexed from Threatpost Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears. Read the original article: Are You Guilty of These 8 Network-Security Bad Practices?

Read more →

This article has been indexed from Threatpost U.S. military acknowledges targeting cybercriminals who launch attacks on U.S. companies. Read the original article: Cyber Command Publicly Joins Fight Against Ransomware Groups

Read more →

This article has been indexed from Threatpost The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. Read the original article: Cuba Ransomware Gang Hauls in $44M in…

Read more →

This article has been indexed from Threatpost The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform. Read the original article: Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies

Read more →

This article has been indexed from Threatpost It’s unknown who’s behind the cyberattacks against at least nine employees’ iPhones, who are all involved in Ugandan diplomacy. Read the original article: Pegasus Spyware Infects U.S. State Department iPhones

Read more →

This article has been indexed from Threatpost Jason Kent, hacker-in-residence at Cequence, found a way to exploit a Toyota API to get around the hassle of car shopping in the age of supply-chain woes. Read the original article: Pandemic-Influenced Car…

Read more →

This article has been indexed from Threatpost Omicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data. Read the original article: Omicron Phishing Scam Already Spotted in UK

Read more →

This article has been indexed from Threatpost We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll! Read the original article: What Are…

Read more →

This article has been indexed from Threatpost Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio. Read the original article: Threat Group Takes Aim Again at Cloud Platform Provider Zoho

Read more →

This article has been indexed from Threatpost Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found. Read the original article: ‘Double-Extortion’ Ransomware Damage Skyrockets 935%

Read more →