TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands
The resurgent trojan has targeted 60 top companies to harvest credentials for a wide range of applications, with an eye to virulent follow-on attacks. [...]
Showing only posts in Threatpost. Show all posts.
Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry
The phishing attacks are spoofing LinkedIn to target ‘Great Resignation’ job hunters, who are also being preyed on by huge data-scraping bot attacks. [...]
High-Severity RCE Bug Found in Popular Apache Cassandra Database
On the plus side, only instances with non-standard not recommended configurations are vulnerable. On the downside, those configurations aren't easy to track down, and it's easy as pie to exploit. [...]
Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers
A group of five security vulnerabilities could lead to a range of bad outcomes for virtual-machine enthusiasts, including command execution and DoS. [...]
Emotet Now Spreading Through Malicious Excel Files
An ongoing malicious email campaign that includes macro-laden files and multiple layers of obfuscation has been active since late December. [...]
SquirrelWaffle Adds a Twist of Fraud to Exchange Server Malspamming
Researchers have never before seen SquirrelWaffle attackers use typosquatting to keep sending spam once a targeted Exchange server has been patched for ProxyLogon/ProxyShell. [...]
Chrome Zero-Day Under Active Attack: Patch ASAP
The year's 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems. [...]
TA2541: APT Has Been Shooting RATs at Aviation for Years
Since 2017, the attacker has flung simple off-the-shelf malware in malicious email campaigns aimed at aviation, aerospace, transportation and defense. [...]
BlackByte Tackles the SF 49ers & US Critical Infrastructure
Hours before the Superbowl and two days after the FBI warned about the ransomware gang, BlackByte leaked what are purportedly the NFL team's files. [...]
‘Cities: Skylines’ Gaming Modder Banned Over Hidden Malware
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees. [...]
Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack
The vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems. [...]
Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa
A collection of five security vulnerabilities with a collective CVSS score of 10 out of 10 threaten critical infrastructure environments that use Moxa MXview. [...]
Cybercrooks Frame Targets by Planting Fabricated Digital Evidence
The ‘ModifiedElephant’ threat actors are technically unimpressive, but they’ve evaded detection for a decade, hacking human rights advocates' systems with dusty old keyloggers and off-the-shelf RATs. [...]
Apple Patches Actively Exploited WebKit Zero Day
A memory issue affects myriad iPhone, iPad and MacOS devices and allows attackers to execute arbitrary code after processing malicious web content. [...]
Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares
The Maze gang are purportedly never going back to ransomware and have destroyed all of their ransomware source code, said somebody claiming to be the developer. [...]
Sharp SIM-Swapping Spike Causes $68M in Losses
The attacks, which lead to 2FA defeat and account takeover, have accelerated by several hundred percent in one year, leading to thousands of drained bank accounts. [...]
SAP Patches Severe ‘ICMAD’ Bugs
SAP’s Patch Tuesday brought fixes for a trio of flaws in the ubiquitous ICM component in internet-exposed apps. One of them, with a risk score of 10, could allow attackers to hijack identities, steal data and more. [...]
PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE
The plug-in’s default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said. [...]
Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware
The living-off-the-land binary (LOLBin) is anchoring a rash of cyberattacks bent on evading security detection to drop Qbot and Lokibot. [...]
3 Tips for Facing the Harsh Truths of Cybersecurity in 2022, Part I
Sonya Duffin, ransomware and data-protection expert at Veritas Technologies, shares three steps organizations can take today to reduce cyberattack fallout. [...]
MoleRats APT Flaunts New Trojan in Latest Cyberespionage Campaign
Researchers from Proofpoint have spotted a new Middle East-targeted phishing campaign that delivers a novel malware dubbed NimbleMamba. [...]
Ex-Gumshoe Nabs Cybercrooks with FBI Tactics
Crane Hassold, former FBI analyst turned director of threat intel at Abnormal Security, shares stories from his covert work with cyberattackers. [...]
No Critical Bugs for Microsoft February 2022 Patch Tuesday, 1 Zero-Day
This batch had zero critical CVEs, which is unheard of. Most (50) of the patches are labeled Important, so don't delay to apply the patches, security experts said. [...]
China Suspected of News Corp Cyberespionage Attack
Attackers infiltrated the media giant’s network using BEC, while Microsoft moved to stop such attacks by blocking VBA macros in 5 Windows apps. Included: more ways to help stop BEC. [...]
CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug
Feb. 18 is the deadline to patch a bug that affects all unpatched versions of Windows 10 and requires zero user interaction to exploit. [...]
« newer articles | page 12 | older articles »