Threatpost

Syndikovat obsah
The First Stop For Security News
Aktualizace: 2 roky 50 týdnů zpět

New York AG Warns 17 Firms of Credential Attacks

12 Leden, 2022 - 19:11
Sponsored: Password security is highlighted in attorney general warning to New York state businesses.
Kategorie: Hacking & Security

FIFA Ultimate Team Account Takeovers Plague EA Gamers

12 Leden, 2022 - 14:21
Electronic Arts blamed “human error” after attackers compromised customer support and took over and drained some of the top FIFA Ultimate Team player accounts.
Kategorie: Hacking & Security

Here’s REALLY How to Do Zero-Trust Security

11 Leden, 2022 - 23:13
It's not about buying security products! Joseph Carson, chief security scientist from ThycoticCentrify, offers practical steps to start the zero-trust journey.
Kategorie: Hacking & Security

Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days

11 Leden, 2022 - 22:54
The large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score.
Kategorie: Hacking & Security

MacOS Bug Could Let Creeps Snoop On You

11 Leden, 2022 - 21:35
The flaw could allow attackers to bypass Privacy preferences, giving apps with no right to access files, microphones or cameras the ability to record you or grab screenshots.
Kategorie: Hacking & Security

WordPress Bugs Exploded in 2021, Most Exploitable

11 Leden, 2022 - 20:49
Record-number WordPress plugin vulnerabilities are wicked exploitable even with low CVSS scores, leaving security teams blind to their risk.
Kategorie: Hacking & Security

FIN7 Mails Malicious USB Sticks to Drop Ransomware

11 Leden, 2022 - 18:06
The FBI warned that attackers are impersonating Health & Human Services and/or Amazon to mail BadUSB-poisoned USB devices to targets in transportation, insurance & defense.
Kategorie: Hacking & Security

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS

11 Leden, 2022 - 16:00
The malware establishes initial access on targeted machines, then waits for additional code to execute.
Kategorie: Hacking & Security

Critical SonicWall NAC Vulnerability Stems from Apache Mods

11 Leden, 2022 - 15:09
Researchers offer more detail on the bug, which can allow attackers to completely take over targets.
Kategorie: Hacking & Security

Millions of Routers Exposed to RCE by USB Kernel Bug

11 Leden, 2022 - 13:00
The high-severity RCE flaw is in the KCodes NetUSB kernel module, used by popular routers from Netgear, TP-Link, DLink, Western Digital, et al.
Kategorie: Hacking & Security

URL Parsing Bugs Allow DoS, RCE, Spoofing & More

10 Leden, 2022 - 18:55
Dangerous security bugs stemming from widespread inconsistencies among 16 popular third-party URL-parsing libraries could affect a wide swath of web applications.
Kategorie: Hacking & Security

Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High

10 Leden, 2022 - 17:29
Cyberattacks increased 50 percent YoY in 2021 and peaked in December due to a frenzy of Log4j exploits, researchers found.
Kategorie: Hacking & Security

EoL Systems Stonewalling Log4j Fixes for Fed Agencies

7 Leden, 2022 - 23:16
End of life, end of support, pandemic-induced shipping delays and remote work, scanning failures: It’s a recipe for a patching nightmare, federal cybersecurity CTO Matt Keller says.
Kategorie: Hacking & Security

Cyberattackers Hit Data of 80K Fertility Patients

7 Leden, 2022 - 22:14
Fertility Centers of Illinois' security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files.
Kategorie: Hacking & Security

3.7M FlexBooker Records Dumped on Hacker Forum

7 Leden, 2022 - 20:12
Attackers are trading millions of records from a trio of pre-holiday breaches on an online forum.
Kategorie: Hacking & Security

QNAP: Get NAS Devices Off the Internet Now

7 Leden, 2022 - 17:14
There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned.
Kategorie: Hacking & Security

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating

7 Leden, 2022 - 16:12
Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.
Kategorie: Hacking & Security

Activision Files Unusual Lawsuit over Call of Duty Cheat Codes

6 Leden, 2022 - 20:48
Activision is suing to shut down the EngineOwning cheat-code site and hold individual developers and coders liable for damages.
Kategorie: Hacking & Security

Google Voice Authentication Scam Leaves Victims on the Hook

6 Leden, 2022 - 18:28
The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week.
Kategorie: Hacking & Security

Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover

6 Leden, 2022 - 17:47
ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch.
Kategorie: Hacking & Security