Threatpost

Syndikovat obsah
The First Stop For Security News
Aktualizace: 1 týden 6 dnů zpět

‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers

3 Září, 2019 - 12:00
Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker 'omnipotent' control over a server and its contents.
Kategorie: Hacking & Security

Gamification Can Transform Company Cybersecurity Culture

2 Září, 2019 - 14:00
Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.
Kategorie: Hacking & Security

iPhone Zero-Days Anchored Watering-Hole Attacks

30 Srpen, 2019 - 17:48
A new, highly capable spyware payload can monitor everything in a person's digital life.
Kategorie: Hacking & Security

Six Hackers Have Now Pocketed $1M From Bug Bounty Programs

30 Srpen, 2019 - 17:47
Up to 25 percent of valid vulnerabilities found in bug bounty programs are classified as being of high or critical severity.
Kategorie: Hacking & Security

News Wrap: Dentist Offices Hit By Ransomware, Venmo Faces Privacy Firestorm

30 Srpen, 2019 - 16:07
From new ransomware attacks to privacy issues around Venmo and Ring, Threatpost editors break down the top news of this week.
Kategorie: Hacking & Security

TGI Fridays Delivers Customer Indigestion Over Data Exposure

29 Srpen, 2019 - 23:16
TGI Fridays Australia restaurant chain warns loyalty reward program member of exposed data incident.
Kategorie: Hacking & Security

FIN6 Switches Up PoS Tactics to Target E-Commerce

29 Srpen, 2019 - 22:51
The group is using the More_eggs JScript backdoor to anchor its attack.
Kategorie: Hacking & Security

Google Targets Data-Abusing Apps with Bug Bounty Launch

29 Srpen, 2019 - 18:30
Google is looking to battle the malicious apps - and apps abusing user data - on Google Play by improving its bug-bounty program arsenal.
Kategorie: Hacking & Security

Venmo’s Public Transactions Policy Stirs Privacy Concerns

29 Srpen, 2019 - 17:36
In an open letter, the Mozilla Foundation and EFF scolded Venmo for its data privacy policies, which they say could open the door to stalking and spear-phishing.
Kategorie: Hacking & Security

Critical Cisco VM Bug Allows Remote Takeover of Routers

29 Srpen, 2019 - 16:06
CVE-2019-12643 has been given the highest possible severity rating.
Kategorie: Hacking & Security

Innovation on the Dark Web: How Bad Actors Are Keeping Pace

29 Srpen, 2019 - 15:00
How criminals have adapted to develop the next generation of dark markets and operations.
Kategorie: Hacking & Security

Elderly China Chopper Tool Still Going Strong in Multiple Campaigns

28 Srpen, 2019 - 23:57
Multiple actors in multiple campaigns are using the web shell for remote access, even though it's almost a decade old and hasn't been updated.
Kategorie: Hacking & Security

TrickBot Targets Verizon, T-Mobile, Sprint Users to Siphon PINs

28 Srpen, 2019 - 22:35
TrickBot malware targets users of U.S. mobile carriers Verizon, T-Mobile and Sprint via web injects to steal their PIN codes; enabling SIM swapping attacks.
Kategorie: Hacking & Security

Apple Updates Privacy Policies After Siri Audio Recording Backlash

28 Srpen, 2019 - 18:49
Apple's "grading" process, which listens to Siri voice recordings, will now be in-house and has an option for users to opt out.
Kategorie: Hacking & Security

Google Squashes High-Severity Blink Browser Engine Flaw

28 Srpen, 2019 - 17:05
The bug could enable remote code-execution, information-siphoning or denial-of-service attacks.
Kategorie: Hacking & Security

Defense Takeaways from Three Adversary Playbooks

28 Srpen, 2019 - 16:47
An analysis of threat techniques used by Silence Group, Goblin Panda and Zegost, which can help construct effective defenses.
Kategorie: Hacking & Security

Dangerous Cryptomining Worm Racks Up 850K Infections, Self-Destructs

28 Srpen, 2019 - 16:12
Law enforcement takedown causes Retadup malware to eat itself.
Kategorie: Hacking & Security

Magecart Hits 80 Major eCommerce Sites in Card-Skimming Bonanza

28 Srpen, 2019 - 15:07
Mainly motorsports and luxury apparel sites, all of them were running outdated versions of the Magento eCommerce platform.
Kategorie: Hacking & Security

Employers Beware: Microsoft Word ‘Resume’ Phish Delivers Quasar RAT

27 Srpen, 2019 - 20:20
A round of phishing emails purports to be from job seekers - but actually uses a slew of detection evasion tactics to download malware on victim systems.
Kategorie: Hacking & Security

Malicious App on Google Play Tallies 100 Million Downloads

27 Srpen, 2019 - 19:43
Seemingly handy PDF and OCR app turns out to be a privacy horror show.
Kategorie: Hacking & Security