Threat Post

Biden Races to Shore Up Power Grid Against Hacks

Threat Post - Thu, 04/15/2021 - 4:09pm
A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said.
Categories: Threat Post

Gafgyt Botnet Lifts DDoS Tricks from Mirai

Threat Post - Thu, 04/15/2021 - 12:35pm
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices.
Categories: Threat Post

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Threat Post - Thu, 04/15/2021 - 8:19am
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.
Categories: Threat Post

Security Bug Allows Attackers to Brick Kubernetes Clusters

Threat Post - Wed, 04/14/2021 - 4:56pm
The vulnerability is triggered when a cloud container pulls a malicious image from a registry.
Categories: Threat Post

Ransomware Attack Creates Cheese Shortages in Netherlands

Threat Post - Wed, 04/14/2021 - 3:55pm
Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw.
Categories: Threat Post

FBI Clears ProxyLogon Web Shells from Hundreds of Orgs

Threat Post - Wed, 04/14/2021 - 1:31pm
In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand.
Categories: Threat Post

A Post-Data Privacy World and Data-Rights Management

Threat Post - Wed, 04/14/2021 - 1:21pm
Joseph Carson, chief security scientist at Thycotic, discusses the death of data privacy and what comes next.
Categories: Threat Post

100,000 Google Sites Used to Install SolarMarket RAT

Threat Post - Wed, 04/14/2021 - 10:48am
Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains.
Categories: Threat Post

Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes

Threat Post - Wed, 04/14/2021 - 8:46am
Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack.
Categories: Threat Post

How the NAME:WRECK Bugs Impact Consumers, Businesses

Threat Post - Tue, 04/13/2021 - 5:03pm
How this class of vulnerabilities will impact millions connected devices and potentially wreck the day of IT security professionals.
Categories: Threat Post

COVID-Related Threats, PowerShell Attacks Lead Malware Surge

Threat Post - Tue, 04/13/2021 - 4:24pm
Researchers measured 648 new malware threats every minute during Q4 2020.  
Categories: Threat Post

Tax Phish Swims Past Google Workspace Email Security

Threat Post - Tue, 04/13/2021 - 2:29pm
Crooks are looking to harvest email credentials with a savvy campaign that uses the Typeform service to host the phishing page.
Categories: Threat Post

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

Threat Post - Tue, 04/13/2021 - 12:40pm
The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.
Categories: Threat Post

Chrome Zero-Day Exploit Posted on Twitter

Threat Post - Tue, 04/13/2021 - 9:40am
An update to Google’s browser that fixes the flaw is expected to be released on Tuesday.
Categories: Threat Post

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

Threat Post - Mon, 04/12/2021 - 4:18pm
Clubhouse denies it was ‘breached’ and says the data is out there for anyone to grab.
Categories: Threat Post

Man Arrested for AWS Bomb Plot

Threat Post - Mon, 04/12/2021 - 4:01pm
A man caught in an FBI sting allegedly said he wanted to destroy "70 percent of the internet" by going after the tech giant's data centers.
Categories: Threat Post

Zero Trust: The Mobile Dimension

Threat Post - Mon, 04/12/2021 - 2:14pm
Hank Schless, senior security solutions manager at Lookout, discusses how to secure remote working via mobile devices.
Categories: Threat Post

IcedID Circulates Via Web Forms, Google URLs

Threat Post - Mon, 04/12/2021 - 2:12pm
Attackers are filling out and submitting web-based "contact us" forms, thus evading email spam filters.
Categories: Threat Post

DOJ: Creep Coach Finagles Nude Athlete Photos

Threat Post - Fri, 04/09/2021 - 4:54pm
Allegedly perv college coach charged with cyberstalking and extorting nudes from his female athletes.
Categories: Threat Post

623M Payment Cards Stolen from Cybercrime Forum

Threat Post - Fri, 04/09/2021 - 2:40pm
The database was subsequently leaked elsewhere, imperiling consumers from the U.S. and around the world.
Categories: Threat Post