Pandemic-Bored Attackers Pummeled Gaming Industry
Akamai's 2020 gaming report shows that cyberattacks on the video game industry skyrocketed, shooting up 340 percent in 2020. [...]
Showing only posts in Threatpost. Show all posts.
Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access
Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses. [...]
REvil Ransomware Code Ripped Off by Rivals
The LV ransomware operators likely used a hex editor to repurpose a REvil binary almost wholesale, for their own nefarious purposes. [...]
Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE
A pair of zero-days affecting Pling-based marketplaces could allow for some ugly attacks on unsuspecting Linux enthusiasts -- with no patches in sight. [...]
SonicWall ‘Botches’ October Patch for Critical VPN Bug
Company finally rolls out the complete fix this week for an RCE flaw affecting some 800,000 devices that could result in crashes or prevent users from connecting to corporate resources. [...]
SonicWall ‘Botches’ October Patch for VPN Bug
Company finally rolls out the complete fix this week for a flaw affecting some 800,000 devices that could result in crashes or prevent users from connecting to corporate resources. [...]
BEC Losses Top $1.8B as Tactics Evolve
BEC attacks getting are more dangerous, and smart users are the ones who can stop it. [...]
Cryptominers Slither into Python Projects in Supply-Chain Campaign
These code bombs lurk in the PyPI package repository, waiting to be inadvertently baked into software developers' applications. [...]
Email Bug Allows Message Snooping, Credential Theft
A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched. [...]
Kids’ Apps on Google Play Rife with Privacy Violations
One in five of the most-popular apps for kids under 13 on Google Play don't comply with COPPA regulations on how children's information is collected and used. [...]
Lexmark Printers Open to Arbitrary Code-Execution Zero-Day
“No remedy available as of June 21, 2021," according to the researcher who discovered the easy-to-exploit, no-user-action-required bug. [...]
Six Flags to Pay $36M Over Collection of Fingerprints
Illinois Supreme Court rules in favor of class action against company’s practice of scanning people’s fingers when they enter amusement parks. [...]
Wegmans Exposes Customer Data in Misconfigured Databases
Cleanup in aisle "Oops": The supermarket chain said that it misconfigured two cloud databases, exposing customer data to public scrutiny. [...]
Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft
Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms. [...]
Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft
Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms. [...]
Embryology Data Breach Follows Fertility Clinic Ransomware Hit
Approximately 38,000 of RBA's customers had their embryology data stolen by a ransomware gang. [...]
Agent Tesla RAT Returns in COVID-19 Vax Phish
An unsophisticated campaign shows that the pandemic still has long legs when it comes to being social-engineering bait. [...]
iPhone Wi-Fi Crushed by Weird Network
... until you reset network settings and stop connecting to a weirdly named network, that is. FUD is spreading. iOS Wi-Fi demolition is not. [...]
What’s Making Your Company a Ransomware Sitting Duck
What's the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and what’s stopping organizations from implementing those steps? [...]
Carnival Cruise Cyber-Torpedoed by Cyberattack
This is the fourth time in a bit over a year that Carnival’s admitted to breaches, with two of them being ransomware attacks. [...]
Insider Versus Outsider: Navigating Top Data Loss Threats
Troy Gill, manager of security research at Zix, discusses the most common ways sensitive data is scooped up by nefarious sorts. [...]
‘Oddball’ Malware Blocks Access to Pirated Software
Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads. [...]
Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors
A DarkSide doppelganger mounts a fraud campaign aimed at extorting nearly $4 million from each target. [...]
Clop Raid: A Big Win in the War on Ransomware?
Cops arrest six, seize cars and cash in splashy raid, and experts are applauding. [...]
Cisco Smart Switches Riddled with Severe Security Holes
The intro-level networking gear for SMBs could allow remote attacks designed to steal information, drop malware and disrupt operations. [...]
« newer articles | page 43 | older articles »