Threat Post

Trojans, Backdoors and Droppers: The Most-Analyzed Malware

Threat Post - Thu, 07/02/2020 - 1:00pm
Even so, backdoors and droppers are rare in the wild.
Categories: Threat Post

Apache Guacamole Opens Door for Total Control of Remote Footprint

Threat Post - Thu, 07/02/2020 - 12:14pm
Several vulnerabilities can be chained together for a full exploit.
Categories: Threat Post

Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Threat Post - Thu, 07/02/2020 - 12:06pm
Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date.
Categories: Threat Post

FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps

Threat Post - Thu, 07/02/2020 - 9:18am
New ‘smishing’ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer.
Categories: Threat Post

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Threat Post - Wed, 07/01/2020 - 5:02pm
A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches.
Categories: Threat Post

Alina Point-of-Sale Malware Spotted in Ongoing Campaign

Threat Post - Wed, 07/01/2020 - 4:42pm
The malware is using DNS tunneling to exfiltrate payment-card data.
Categories: Threat Post

EvilQuest: Inside A ‘New Class’ of Mac Malware

Threat Post - Wed, 07/01/2020 - 3:23pm
Mac expert Thomas Reed discusses how EvilQuest is ushering in a new class of Mac malware.
Categories: Threat Post

Android Spyware Tools Emerge in Widespread Surveillance Campaign

Threat Post - Wed, 07/01/2020 - 10:55am
Four Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.
Categories: Threat Post

Email Sender Identity is Key to Solving the Phishing Crisis

Threat Post - Wed, 07/01/2020 - 9:00am
Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
Categories: Threat Post

Microsoft Releases Emergency Security Updates for Windows 10, Server

Threat Post - Wed, 07/01/2020 - 8:39am
The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.
Categories: Threat Post

Verizon Media, PayPal, Twitter Top Bug-Bounty Rankings

Threat Post - Tue, 06/30/2020 - 5:27pm
Verizon Media has paid nearly $10 million to ethical hackers via HackerOne's platform.
Categories: Threat Post

EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities

Threat Post - Tue, 06/30/2020 - 5:27pm
A rare, new Mac ransomware has been discovered spreading via pirated software packages.
Categories: Threat Post

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

Threat Post - Tue, 06/30/2020 - 1:45pm
The spy malware is being delivered via a complex infrastructure with multiple layers, in an effort to avoid analysis.
Categories: Threat Post

UCSF Pays $1.14M After NetWalker Ransomware Attack

Threat Post - Tue, 06/30/2020 - 12:12pm
UCSF has paid more than $1 million after a ransomware attack encrypted data related to "important" academic research on several servers.
Categories: Threat Post

CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug

Threat Post - Tue, 06/30/2020 - 9:48am
An authentication-bypass vulnerability allows attackers to access network assets without credentials when SAML is enabled on certain firewalls and enterprise VPNs.
Categories: Threat Post

How to Safeguard Data When the Majority of Your Workforce is Remote

Threat Post - Tue, 06/30/2020 - 9:00am
More employees working remotely most likely means an increased reliance on cloud services and applications.
Categories: Threat Post

REvil Ransomware Gang Adds Auction Feature for Stolen Data

Threat Post - Mon, 06/29/2020 - 5:03pm
An anonymous bidding mechanism enhances the REvil group's double-extortion game.
Categories: Threat Post

Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores

Threat Post - Mon, 06/29/2020 - 2:56pm
Adobe and payment-card companies are making last-minute pleas for e-commerce sites to update to Magento 2, to avoid Magecart attacks and more.
Categories: Threat Post

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Threat Post - Mon, 06/29/2020 - 1:15pm
Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.
Categories: Threat Post

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

Threat Post - Mon, 06/29/2020 - 12:48pm
The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw.
Categories: Threat Post