Threat Post

Auditors: Feds’ Cybersecurity Gets the Dunce Cap

Threat Post - 58 min 29 sec ago
Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-. 
Categories: Threat Post

MacOS Flaw in Telegram Retrieves Deleted Messages

Threat Post - 7 hours 26 min ago
Telegram declined to fix a scenario in which the flaw can be exploited, spurring a Trustwave researcher to decline a bug bounty and to disclose his findings instead.
Categories: Threat Post

Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say

Threat Post - 8 hours 16 min ago
Researchers show how to circumvent Microsoft’s Windows Hello biometric authentication using a spoofed USB camera.
Categories: Threat Post

Black Hat: Charming Kitten Leaves More Paw Prints

Threat Post - 8 hours 36 min ago
IBM X-Force detailed the custom-made "LittleLooter" data stealer and 4+ hours of ITG18 operator training videos revealed by an opsec goof.
Categories: Threat Post

‘I’m Calling About Your Car Warranty’, aka PII Hijinx

Threat Post - Wed, 08/04/2021 - 5:34pm
Black Hat: Researchers created 300 fake identities, signed them up on 185 legit sites, then tracked how much the sites used signup PII to pester the accounts.
Categories: Threat Post

Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms

Threat Post - Wed, 08/04/2021 - 5:14pm
A researcher was able to remotely control the lights, bed and ventilation in "smart" hotel rooms via Nasnos vulnerabilities.
Categories: Threat Post

Black Hat: Let’s All Help Cyber-Immunize Each Other

Threat Post - Wed, 08/04/2021 - 3:57pm
We're selfish if we're only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let's be like doctors battling COVID and work for herd immunity.
Categories: Threat Post

Phishing Campaign Dangles SharePoint File-Shares

Threat Post - Wed, 08/04/2021 - 10:44am
Attackers spoof sender addresses to appear legitimate in a crafty campaign that can slip past numerous detections, Microsoft researchers have discovered.
Categories: Threat Post

We COVID-Clicked on Garbage, Report Finds: Podcast

Threat Post - Wed, 08/04/2021 - 12:00am
Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020.
Categories: Threat Post

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

Threat Post - Tue, 08/03/2021 - 4:16pm
Fake aerobics-instructor profile delivers malware in a supply-chain attack attempt from TA456.
Categories: Threat Post

Ransomware Volumes Hit Record Highs as 2021 Wears On

Threat Post - Tue, 08/03/2021 - 4:00pm
The second quarter of the year saw the highest volumes of ransomware attacks ever, with Ryuk leading the way.
Categories: Threat Post

Raccoon Stealer Bundles Malware, Propagates Via Google SEO

Threat Post - Tue, 08/03/2021 - 11:28am
An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
Categories: Threat Post

‘DeadRinger’ Targeted Exchange Servers Long Before Discovery

Threat Post - Tue, 08/03/2021 - 10:55am
Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017.
Categories: Threat Post

‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics

Threat Post - Mon, 08/02/2021 - 4:58pm
Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware.
Categories: Threat Post

Vulnerability Name Affected Component

Threat Post - Mon, 08/02/2021 - 3:34pm
Vulnerability Name Affected Component CVE# Date Underflow in udpRXThread HMI3 Control Panel in: Nexus Panel CVE-2021-37161 02/08/2021 Overflow in sccProcessMsg HMI3 Control Panel in: Nexus Panel CVE-2021-37162 02/08/2021 Overflow in hmiProcessMsg HMI3 Control Panel in: Nexus Panel CVE-2021-37165 02/08/2021 Off-by-three stack overflow in tcpTxThread HMI3 Control Panel in: Nexus Panel CVE-2021-37164 02/08/2021 GUI socket Denial […]
Categories: Threat Post

Chipotle Emails Serve Up Phishing Lures

Threat Post - Mon, 08/02/2021 - 3:15pm
Mass email distribution service compromise mirrors earlier Nobelium attacks.
Categories: Threat Post

NSA Warns Public Networks are Hacker Hotbeds

Threat Post - Fri, 07/30/2021 - 5:06pm
Agency warns attackers targeting teleworkers to steal corporate data.
Categories: Threat Post

Novel Meteor Wiper Used in Attack that Crippled Iranian Train System

Threat Post - Fri, 07/30/2021 - 11:21am
A July 9th attack disrupted service and taunted Iran’s leadership with hacked screens directing customers to call the phone of Iranian Supreme Leader Khamenei with complaints.
Categories: Threat Post

UC San Diego Health Breach Tied to Phishing Attack

Threat Post - Thu, 07/29/2021 - 3:16pm
Employee email takeover exposed personal, medical data of students, employees and patients.
Categories: Threat Post

CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer

Threat Post - Thu, 07/29/2021 - 2:39pm
There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?
Categories: Threat Post