Threatpost

Syndikovat obsah
The First Stop For Security News
Aktualizace: 2 roky 50 týdnů zpět

Will 2022 Be the Year of the Software Bill of Materials?

18 Leden, 2022 - 23:33
Praise be & pass the recipe for the software soup: There's too much scrambling to untangle vulnerabilities and dependencies, say a security experts roundtable.
Kategorie: Hacking & Security

The Log4j Vulnerability Puts Pressure on the Security World

18 Leden, 2022 - 21:21
It's time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking.
Kategorie: Hacking & Security

Cybercriminals Actively Target VMware vSphere with Cryptominers

18 Leden, 2022 - 20:33
VMware's container-based application development environment has become attractive to cyberattackers.
Kategorie: Hacking & Security

‘White Rabbit’ Ransomware May Be FIN8’s Latest Tool

18 Leden, 2022 - 18:23
It's a double-extortion play that uses the command-line password ‘KissMe’ to hide its nasty acts and adorns its ransom note with cutesy ASCII bunny art.
Kategorie: Hacking & Security

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware

18 Leden, 2022 - 16:44
Zoho's comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution.
Kategorie: Hacking & Security

Organizations Face a ‘Losing Battle’ Against Vulnerabilities

18 Leden, 2022 - 15:03
Companies must take more ‘innovative and proactive’ approaches to security in 2022 to combat threats that emerged last year, researchers said.
Kategorie: Hacking & Security

Top Illicit Carding Marketplace UniCC Abruptly Shuts Down  

14 Leden, 2022 - 18:31
UniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing what’s next.
Kategorie: Hacking & Security

Real Big Phish: Mobile Phishing & Managing User Fallibility

14 Leden, 2022 - 17:43
Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike.
Kategorie: Hacking & Security

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

14 Leden, 2022 - 17:37
Attackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers.
Kategorie: Hacking & Security

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites

14 Leden, 2022 - 17:06
As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. “Be afraid” was scrawled on the Foreign Ministry site.
Kategorie: Hacking & Security

Russian Security Takes Down REvil Ransomware Gang

14 Leden, 2022 - 15:45
The country's FSB said that it raided gang hideouts; seized currency, cars and personnel; and neutralized REvil's infrastructure.
Kategorie: Hacking & Security

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

14 Leden, 2022 - 15:07
Researchers discovered vulnerabilities that can allow for full site takeover in login and e-commerce add-ons for the popular website-building platform.
Kategorie: Hacking & Security

Microsoft Yanks Buggy Windows Server Updates

14 Leden, 2022 - 00:08
Since their release on Patch Tuesday, the updates have been breaking Windows, causing spontaneous boot loops on Windows domain controller servers, breaking Hyper-V and making ReFS volume systems unavailable.
Kategorie: Hacking & Security

North Korean APTs Stole ~$400M in Crypto in 2021

13 Leden, 2022 - 22:03
Meanwhile, EtherumMax got sued over an alleged pump-and-dump scam after using celebs like Floyd Mayweather Jr. & Kim Kardashian to promote EMAX Tokens.
Kategorie: Hacking & Security

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

13 Leden, 2022 - 18:35
US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.
Kategorie: Hacking & Security

New GootLoader Campaign Targets Accounting, Law Firms

13 Leden, 2022 - 16:04
GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates.
Kategorie: Hacking & Security

Adobe Cloud Abused to Steal Office 365, Gmail Credentials

13 Leden, 2022 - 15:00
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.
Kategorie: Hacking & Security

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

12 Leden, 2022 - 22:05
Most Windows versions are at risk of remote, unprivileged attackers abusing RDP from the inside to hijack smart cards and get unauthorized file system access.
Kategorie: Hacking & Security

Amazon, Azure Clouds Host RAT-ty Trio in Infostealing Campaign

12 Leden, 2022 - 22:04
A cloudy campaign delivers commodity remote-access trojans to steal information and execute code.
Kategorie: Hacking & Security

Stolen TikTok Videos, Bent on Fraud, Invade YouTube Shorts

12 Leden, 2022 - 20:49
Scammers easily game YouTube Shorts with viral TikTok content, bilking both creators and users.
Kategorie: Hacking & Security