Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock
The Mozilla Foundation releases Firefox 88, fixing 13 bugs ranging from high to low severity. [...]
Showing only posts in Threatpost. Show all posts.
GEICO Alerts Customers Hackers Stole Driver License Data for Two Months
The second-largest auto insurance provider in the U.S. has since fixed the vulnerability that exposed information from its website. [...]
NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks. [...]
Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks
Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next. [...]
What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis
Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic. [...]
BazarLoader Malware Abuses Slack, BaseCamp Clouds
Two cyberattack campaigns are making the rounds using unique social-engineering techniques. [...]
iOS Kids Game Morphs into Underground Crypto Casino
A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality. [...]
NSA: 5 Security Bugs Under Active Nation-State Cyberattack
Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. [...]
Mandiant Front Lines: How to Tackle Exchange Exploits
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections. [...]
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes. [...]
Biden Races to Shore Up Power Grid Against Hacks
A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. [...]
Gafgyt Botnet Lifts DDoS Tricks from Mirai
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. [...]
Attackers Target ProxyLogon Exploit to Install Cryptojacker
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. [...]
Security Bug Allows Attackers to Brick Kubernetes Clusters
The vulnerability is triggered when a cloud container pulls a malicious image from a registry. [...]
Ransomware Attack Creates Cheese Shortages in Netherlands
Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. [...]
FBI Clears ProxyLogon Web Shells from Hundreds of Orgs
In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. [...]
A Post-Data Privacy World and Data-Rights Management
Joseph Carson, chief security scientist at Thycotic, discusses the death of data privacy and what comes next. [...]
100,000 Google Sites Used to Install SolarMarker RAT
Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains. [...]
100,000 Google Sites Used to Install SolarMarket RAT
Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains. [...]
Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes
Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack. [...]
How the NAME:WRECK Bugs Impact Consumers, Businesses
How this class of vulnerabilities will impact millions connected devices and potentially wreck the day of IT security professionals. [...]
COVID-Related Threats, PowerShell Attacks Lead Malware Surge
Researchers measured 648 new malware threats every minute during Q4 2020. [...]
Tax Phish Swims Past Google Workspace Email Security
Crooks are looking to harvest email credentials with a savvy campaign that uses the Typeform service to host the phishing page. [...]
Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop
The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines. [...]
Chrome Zero-Day Exploit Posted on Twitter
An update to Google’s browser that fixes the flaw is expected to be released on Tuesday. [...]
« newer articles | page 52 | older articles »