Threat Post
Researcher: Not Hard for a Hacker to Capsize a Ship at Sea
Capsizing a ship with a cyberattack is a relatively low-skill enterprise, according to an analysis from Pen Test Partners.
Categories: Threat Post
Separ Malware Plucks Hundreds of Companies’ Credentials in Ongoing Phish
An ongoing phishing campaign is targeting hundreds of businesses to steal their email and browser credentials using a simply - but effective - malware.
Categories: Threat Post
Apple’s Shazam App Boots Facebook Ads and Other Third-Party SDKs
The music-recognition app that Apple bought for $400 million is removing Facebook Ads, DoubleClick, Facebook Analytics and more.
Categories: Threat Post
Password Manager Firms Blast Back at ‘Leaky Password’ Revelations
1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory.
Categories: Threat Post
GitHub Increases Rewards, Scope For Bug-Bounty Program
GitHub is offering unlimited rewards for critical vulnerabilities - and has added "safe harbor" terms to its bug bounty program.
Categories: Threat Post
Microsoft: Russia’s Fancy Bear Working to Influence EU Elections
As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts.
Categories: Threat Post
Microsoft to Kill Updates for Legacy OS Using SHA-1
Windows 7 and Windows Server 2008 users are being asked to upgrade their encryption support.
Categories: Threat Post
ThreatList: APT Adversaries Up the Ante on Speed, Target Telecom
Russia-linked actors need just 18 minutes to go from compromise to lateral movement.
Categories: Threat Post
New GandCrab Decryptor Unlocks Files of Updated Ransomware
This is the third update to the prolific GandCrab malware within the past year.
Categories: Threat Post
ATM Jackpotting Malware Hones Its Heist Tools
The WinPot malware takes its cues from slot machines.
Categories: Threat Post
When Cyberattacks Pack a Physical Punch
Physical security goes hand in hand with cyberdefense. What happens when – as we see all too often – the physical side is overlooked?
Categories: Threat Post
Where’s the Equifax Data? Does It Matter?
Threat-hunters say the breached data from the massive Equifax incident is nowhere to be found, indicating a spy job.
Categories: Threat Post
Data Breach Bonanza: Dating Apps, Equifax, Mass Credential Dumps
Data-exposure "lowlights" for the week ending Feb. 15, 2019.
Categories: Threat Post
Eight Cryptojacking Apps Booted From Microsoft Store
The eight apps were secretly stealing victims' CPU power to mine for Monero.
Categories: Threat Post
Tips on How to Fight Back Against DNS Spoofing Attacks
Despite a welcome and needed DNS revamp, preventable abuse continues.
Categories: Threat Post
Trickbot Malware Goes After Remote Desktop Credentials
The banking trojan is consistently evolving in hopes of boosting its efficacy.
Categories: Threat Post
Ultra-Sneaky Phishing Scam Swipes Facebook Credentials
Researchers warn that the phishing campaign looks "deceptively realistic."
Categories: Threat Post
Ever-Changing Emotet Evolves Again with Fresh Evasion Tactic
It has added the technique of using malicious XML files as its delivery method.
Categories: Threat Post
Threatpost Poll: Over Half of Firms Asked Struggle with Mobile Security
A Threatpost poll found that 52 percent don't feel prepared to prevent a mobile security incident from happening. The results reflect a challenging mobile security landscape.
Categories: Threat Post
Coffee Meets Bagel Dating App Warns Users of Breach
The dating site said users' names and email addresses that were added to the system prior to May 2018 may be impacted.
Categories: Threat Post