Threat Post

Ransomware: A Persistent Scourge Requiring Corporate Action Now

Threat Post - Fri, 06/14/2019 - 4:09pm
ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk.
Categories: Threat Post

ThreatList: Ransomware Trojans Picking Up Steam in 2019

Threat Post - Fri, 06/14/2019 - 2:52pm
Attackers continue to push the boundaries with modular trojans and ransomware attacks, a new report found.
Categories: Threat Post

News Wrap: Amazon Privacy and Telegram DDoS Attack

Threat Post - Fri, 06/14/2019 - 1:57pm
Threatpost editors Tara Seals and Lindsey O'Donnell discuss a recent lawsuit against Amazon for its privacy policies, a Telegram DDoS attack and more.
Categories: Threat Post

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

Threat Post - Fri, 06/14/2019 - 1:30pm
XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas.
Categories: Threat Post

Amazon Alexa Secretly Records Children, Lawsuits Allege

Threat Post - Fri, 06/14/2019 - 10:55am
Two lawsuits are seeking class-action status, alleging that Amazon records children and stores their voiceprints indefinitely.
Categories: Threat Post

Millions of Linux Servers Under Worm Attack Via Exim Flaw

Threat Post - Fri, 06/14/2019 - 10:04am
Attackers are exploiting a Linux Exim critical flaw to execute remote commands, download crypto miners and sniff out other vulnerable servers.
Categories: Threat Post

Hackers Favor Weekdays for Attacks, Share Resources Often

Threat Post - Fri, 06/14/2019 - 8:02am
Traffic analysis sheds light on weekday habits of attackers such as the most likely day for attacks and how malicious infrastructure is shared.
Categories: Threat Post

Evernote Critical Flaw Opened Personal Data of Millions to Attack

Threat Post - Thu, 06/13/2019 - 3:33pm
Evernote's web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users.
Categories: Threat Post

Max-Severity Bug in Infusion Pump Gateway Puts Lives at Risk

Threat Post - Thu, 06/13/2019 - 2:41pm
The critical bug in a connected medical device can allow an attacker to remotely manipulate hospital pumps, either to withhold meds or dispense too much.
Categories: Threat Post

Telegram CEO Fingers China State Actors for DDoS Attack

Threat Post - Thu, 06/13/2019 - 11:04am
Durov took to Twitter to hint that Beijing tried to take Telegram offline to disrupt the Hong Kong protests.
Categories: Threat Post

High-Severity Cisco Flaw in IOS XE Enables Device Takeover

Threat Post - Thu, 06/13/2019 - 9:57am
A high-severity flaw could give attackers full control of Cisco routers or switches.
Categories: Threat Post

Fishwrap Campaign Sways Social Media Users with Old News

Threat Post - Wed, 06/12/2019 - 6:52pm
215 accounts use the same family of special URL shorteners to track the effectiveness of the operation.
Categories: Threat Post

Data Breach Disclosed by Online Invitation Firm Evite

Threat Post - Wed, 06/12/2019 - 3:51pm
Evite's data breach, stemming from an “inactive data storage file," is only one of many breaches to be disclosed this week.
Categories: Threat Post

RAMBleed Side-Channel Attack Exposes Privileged Memory

Threat Post - Wed, 06/12/2019 - 11:51am
An attacker can use Rowhammer attack to induce bit flips, thereby leaking the victim's secret data.
Categories: Threat Post

Intel NUC Firmware Open to Privilege Escalation, DoS and Information Disclosure

Threat Post - Wed, 06/12/2019 - 9:25am
Intel has patched seven high-severity vulnerabilities in its mini PC NUC kit firmware.
Categories: Threat Post

New FormBook Dropper Harbors Obfuscation, Persistence

Threat Post - Wed, 06/12/2019 - 9:00am
Never-before-seen dropper found in FormBook samples that has increased persistence and obfuscation capabilities.
Categories: Threat Post

Full Insight into the Internal Environment with Cynet Free Visibility

Threat Post - Wed, 06/12/2019 - 8:00am
The Cynet 360 platform Free Visibility Offering is focused on IT and security professionals who know a lack of visibility is a main challenge in their daily responsibilities as end-users and service providers. 
Categories: Threat Post

Microsoft Patches Four Publicly-Known Vulnerabilities

Threat Post - Tue, 06/11/2019 - 4:29pm
In total, 88 unique vulnerabilities were patched as part of Microsoft’s June Patch Tuesday security bulletin.
Categories: Threat Post

Google Calendar Attacks Target Unwitting Mobile Users

Threat Post - Tue, 06/11/2019 - 2:17pm
Automatic invite notifications are spreading malicious links.
Categories: Threat Post

Near-Ubiquitous Critical Microsoft RCE Bugs Affect All Versions of Windows

Threat Post - Tue, 06/11/2019 - 12:00pm
The two CVEs allow bypasses to get around NTLM relay attack mitigations.
Categories: Threat Post