ADT Tech Hacks Home-Security Cameras to Spy on Women
A former ADT employee pleads guilty of accessing customers’ cameras so he could spy on them. [...]
Showing only posts in Threatpost. Show all posts.
Discord-Stealing Malware Invades npm Packages
The CursedGrabber malware has infiltrated the open-source software code repository. [...]
Ransomware Attackers Publish 4K Private Scottish Gov Agency Files
Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve. [...]
Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks
Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic. [...]
Einstein Healthcare Network Announces August Breach
Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty. [...]
SQL Server Malware Tied to Iranian Software Firm, Researchers Allege
Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm. [...]
Google Forms Set Baseline For Widespread BEC Attacks
Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms. [...]
Google Searches Expose Stolen Corporate Credentials
A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments. [...]
Critical Cisco SD-WAN Bugs Allow RCE Attacks
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite. [...]
NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs
The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory. [...]
Malwarebytes Hit by SolarWinds Attackers
The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365. [...]
Investment Scammers Prey on Dating App Users, Interpol Warns
Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers. [...]
Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
Mystery of spying using popular chat apps uncovered by Google Project Zero researcher. [...]
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution. [...]
Rob Joyce to Take Over as NSA Cybersecurity Director
Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration. [...]
SolarWinds Malware Arsenal Widens with Raindrop
The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks. [...]
Linux Devices Under Attack by New FreakOut Malware
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks. [...]
Attackers Steal E-Mails, Info from OpenWrt Forum
Users of the Linux-based open-source firmware—which include developers from commercial router companies--may be targeted by phishing campaigns, administrators warn. [...]
Medical Device Security: Diagnosis Critical
Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced. [...]
CES 2021 Gadgets: Worst in Privacy and Security Awards
Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures. [...]
Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show
Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures. [...]
Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’
Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472. [...]
Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls
Security researchers lambasted the controversial macOS Big Sur feature for exposing users' sensitive data. [...]
Google Boots 164 Apps from Play Marketplace for Shady Ad Practices
The tech giant removes 164 more offending Android apps after banning software showing this type of behavior from the store last year. [...]
Facebook: Malicious Chrome Extension Developers Scraped Profile Data
Facebook has sued two Chrome devs for scraping user profile data - including names, user IDs and more. [...]
« newer articles | page 64 | older articles »