Threatpost

Syndikovat obsah
The First Stop For Security News
Aktualizace: 2 roky 19 týdnů zpět

Atlassian Bugs Could Have Led to 1-Click Takeover

1 hodina 23 min zpět
A supply-chain attack could have siphoned sensitive information out of Jira, such as security issues on Atlassian cloud, Bitbucket and on-prem products.
Kategorie: Hacking & Security

30M Dell Devices at Risk for Remote BIOS Attacks, RCE

1 hodina 23 min zpět
Four separate security bugs would give attackers almost complete control and persistence over targeted devices, thanks to a faulty update mechanism.
Kategorie: Hacking & Security

Iran Media Websites Seized by U.S. in Disinformation Campaign

23 Červen, 2021 - 21:23
DoJ uses sanctions laws to shut down an alleged Iranian government malign influence campaign.
Kategorie: Hacking & Security

Pandemic-Bored Attackers Pummeled Gaming Industry

23 Červen, 2021 - 18:53
Akamai's 2020 gaming report shows that cyberattacks on the video game industry skyrocketed, shooting up 340 percent in 2020.
Kategorie: Hacking & Security

Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access

23 Červen, 2021 - 17:39
Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses.
Kategorie: Hacking & Security

REvil Ransomware Code Ripped Off by Rivals

23 Červen, 2021 - 17:11
The LV ransomware operators likely used a hex editor to repurpose a REvil binary almost wholesale, for their own nefarious purposes.
Kategorie: Hacking & Security

Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE

23 Červen, 2021 - 13:58
A pair of zero-days affecting Pling-based marketplaces could allow for some ugly attacks on unsuspecting Linux enthusiasts -- with no patches in sight.
Kategorie: Hacking & Security

SonicWall ‘Botches’ October Patch for VPN Bug

23 Červen, 2021 - 12:44
Company finally rolls out the complete fix this week for a flaw affecting some 800,000 devices that could result in crashes or prevent users from connecting to corporate resources.
Kategorie: Hacking & Security

BEC Losses Top $1.8B as Tactics Evolve

22 Červen, 2021 - 22:41
BEC attacks getting are more dangerous, and smart users are the ones who can stop it.
Kategorie: Hacking & Security

Cryptominers Slither into Python Projects in Supply-Chain Campaign

22 Červen, 2021 - 21:27
These code bombs lurk in the PyPI package repository, waiting to be inadvertently baked into software developers' applications.
Kategorie: Hacking & Security

Email Bug Allows Message Snooping, Credential Theft

22 Červen, 2021 - 20:07
A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched.
Kategorie: Hacking & Security

Kids’ Apps on Google Play Rife with Privacy Violations

22 Červen, 2021 - 18:24
One in five of the most-popular apps for kids under 13 on Google Play don't comply with COPPA regulations on how children's information is collected and used.
Kategorie: Hacking & Security

Lexmark Printers Open to Arbitrary Code-Execution Zero-Day

22 Červen, 2021 - 18:17
“No remedy available as of June 21, 2021," according to the researcher who discovered the easy-to-exploit, no-user-action-required bug.
Kategorie: Hacking & Security

Six Flags to Pay $36M Over Collection of Fingerprints

22 Červen, 2021 - 13:14
Illinois Supreme Court rules in favor of class action against company’s practice of scanning people’s fingers when they enter amusement parks.
Kategorie: Hacking & Security

Wegmans Exposes Customer Data in Misconfigured Databases

21 Červen, 2021 - 23:52
Cleanup in aisle "Oops": The supermarket chain said that it misconfigured two cloud databases, exposing customer data to public scrutiny.
Kategorie: Hacking & Security

Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft

21 Červen, 2021 - 22:21
Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms.
Kategorie: Hacking & Security

Embryology Data Breach Follows Fertility Clinic Ransomware Hit

21 Červen, 2021 - 21:56
Approximately 38,000 of RBA's customers had their embryology data stolen by a ransomware gang.
Kategorie: Hacking & Security

Agent Tesla RAT Returns in COVID-19 Vax Phish

21 Červen, 2021 - 19:20
An unsophisticated campaign shows that the pandemic still has long legs when it comes to being social-engineering bait.
Kategorie: Hacking & Security

iPhone Wi-Fi Crushed by Weird Network

21 Červen, 2021 - 18:58
… until you reset network settings and stop connecting to a weirdly named network, that is. FUD is spreading. iOS Wi-Fi demolition is not.
Kategorie: Hacking & Security

What’s Making Your Company a Ransomware Sitting Duck

18 Červen, 2021 - 17:35
What's the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and what’s stopping organizations from implementing those steps?
Kategorie: Hacking & Security