Security Threat Advisory

Security Topics

Cloud Security
Critical Infrastructure
Cryptography
Government
Hacks
IoT
Malware
Mobile Security
Privacy
Vulnerabilities
Web Security

Feed has no items.

University of Utah Pays $457K After Ransomware Attack

by Lindsey O'Donnell on August 21, 2020 at 4:02 pm

The university said that it paid $457,000 to retrieve a decryption key after a ransomware attack encrypted student and faculty data on its servers.
Researchers Sound Alarm Over Malicious AWS Community AMIs

by Tom Spring on August 21, 2020 at 2:11 pm

Malicious Community Amazon Machine Images are a ripe target for hackers, say researchers.
News Wrap: AWS Cryptojacking Worm, IBM Privacy Lawsuit and More

by Lindsey O'Donnell on August 21, 2020 at 2:04 pm

Threatpost editors discuss a cryptomining malware targeting AWS systems, a recent development in a lawsuit against the IBM-owned Weather Channel app, and more.
Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up

by Elizabeth Montalbano on August 21, 2020 at 12:43 pm

Joseph Sullivan allegedly paid off $100K to the hackers responsible for a 2016 data breach, which exposed PII of 57 million passengers and drivers.
IBM Settles Lawsuit Over Weather Channel App Data Privacy

by Lindsey O'Donnell on August 20, 2020 at 7:41 pm

The lawsuit alleged that the IBM-owned Weather Channel mobile app did not let users know it was selling their geolocation data.
Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government

by Tara Seals on August 20, 2020 at 3:42 pm

The group has added a management console and a USB worming function to its main malware, Crimson RAT.
Senate Bill Would Expand Facial-Recognition Restrictions Nationwide

by Elizabeth Montalbano on August 20, 2020 at 2:03 pm

The proposed law comes as police departments around the country for their use of facial recognition to identify allegedly violent Black Lives Matter protesters.
Cisco Critical Flaw Patched in WAN Software Solution

by Lindsey O'Donnell on August 20, 2020 at 12:43 pm

Cisco has issued a fix for a critical flaw in its Virtual Wide Area Application Services (vWAAS), software for optimizing WAN on virtual private cloud infrastructure.
IBM AI-Powered Data Management Software Subject to Simple Exploit

by Tara Seals on August 20, 2020 at 12:00 pm

A low-privileged process on a vulnerable machine could allow data harvesting and DoS.
Researchers Warn of Flaw Affecting Millions of IoT Devices

by Lindsey O'Donnell on August 19, 2020 at 8:58 pm

A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.
FritzFrog Botnet Attacks Millions of SSH Servers

by Tara Seals on August 19, 2020 at 8:46 pm

The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally.
Five Essentials for Running a Successful Bug Bounty Program

by Tom Spring on August 19, 2020 at 7:14 pm

Join Threatpost on Sept. 16 at 2pm ET when we bring together leading voices in the Bug Bounty community for a LIVE webinar on the Five Essentials for Running a Successful Bug Bounty Program.
Airline DMARC Policies Lag, Opening Flyers to Email Fraud

by Lindsey O'Donnell on August 19, 2020 at 1:04 pm

Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record.
The Sounds a Key Make Can Produce 3D-Printed Replica

by Elizabeth Montalbano on August 19, 2020 at 12:58 pm

Researchers reveal technology called SpiKey that can ‘listen’ to the clicks a key makes in a lock and create a duplicate from the sounds.
Researchers Warn of Active Malware Campaign Using HTML Smuggling

by Lindsey O'Donnell on August 18, 2020 at 7:16 pm

A recently uncovered, active campaign called "Duri" makes use of HTML smuggling to deliver malware.
Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

by Tara Seals on August 18, 2020 at 5:27 pm

Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.
AWS Cryptojacking Worm Spreads Through the Cloud

by Tara Seals on August 18, 2020 at 2:14 pm

The malware harvests AWS credentials and installs Monero cryptominers.
IcedID Trojan Rebooted with New Evasive Tactics

by Tara Seals on August 18, 2020 at 12:56 pm

Juniper identifies phishing campaign targeting business customers with malware using password protection, among other techniques, to avoid detection.
‘EmoCrash’ Exploit Stoppered Emotet For 6 Months

by Lindsey O'Donnell on August 17, 2020 at 8:55 pm

A researcher developed a killswitch exploiting a buffer overflow in Emotet - preventing the malware from infecting systems for six months.
Jack Daniels, Ritz London Face Cyberattacks

by Tara Seals on August 17, 2020 at 5:43 pm

The REvil ransomware and savvy phone scammers have exposed sensitive information.
Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts

by Lindsey O'Donnell on August 17, 2020 at 4:07 pm

The Canada Revenue Agency (CRA) suspended online services after accounts were hit in a third wave of credential stuffing attacks this weekend - giving bad actors access to various government services.
PoC Exploit Targeting Apache Struts Surfaces on GitHub

by Tom Spring on August 14, 2020 at 9:20 pm

Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2.
UPDATE: Canon Ransomware Attack Results in Leaked Data, Report

by Tara Seals on August 14, 2020 at 4:00 pm

The consumer-electronics giant had suffered partial outages across its U.S. website and internal systems reportedly, thanks to the Maze gang.
Instagram Retained Deleted User Data Despite GDPR Rules

by Elizabeth Montalbano on August 14, 2020 at 1:25 pm

The photo-sharing app retained people’s photos and private direct messages on its servers even after users removed them.
NSA, FBI Warn of Linux Malware Used in Espionage Attacks

by Lindsey O'Donnell on August 13, 2020 at 10:03 pm

A never before seen malware has been used for espionage purposes via Linux systems, warn the NSA and FBI in a joint advisory.
Zoom Faces More Legal Challenges Over End-to-End Encryption

by Tara Seals on August 13, 2020 at 4:30 pm

The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it.
ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls

by Elizabeth Montalbano on August 13, 2020 at 1:06 pm

Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

by Lindsey O'Donnell on August 13, 2020 at 12:34 pm

The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data

by Lindsey O'Donnell on August 13, 2020 at 10:00 am

Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

by Elizabeth Montalbano on August 12, 2020 at 12:16 pm

App concealed the practice of gathering device unique identifiers using an added layer of encryption.
Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping

by Lindsey O'Donnell on August 11, 2020 at 2:48 pm

Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users.
Google Fixes Mysterious Audio Recording Blip in Smart Speakers

by Lindsey O'Donnell on August 10, 2020 at 9:31 pm

Google Home devices reportedly recorded noises even without the "Hey Google" prompt due to the inadvertent rollout of a home security system feature.
Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

by Tom Spring on August 7, 2020 at 10:11 pm

Researchers identified serious flaws in Qualcomm’s Snapdragon SoC and the Hexagon architecture that impacts nearly half of Android handsets.
Attackers Horn in on MFA Bypass Options for Account Takeovers

by Tara Seals on August 7, 2020 at 8:24 pm

Legacy applications don't support modern authentication -- and cybercriminals know this.
Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem

by Tom Spring on August 7, 2020 at 12:48 am

An inside look at how nation-states use social media to influence, confuse and divide -- and why cybersecurity researchers should be involved.
Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

by Tara Seals on August 6, 2020 at 7:49 pm

Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear.
Black Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros

by Lindsey O'Donnell on August 6, 2020 at 1:02 pm

At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft's malicious macros protections to infect MacOS users.
Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

by Tom Spring on August 6, 2020 at 12:37 pm

Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.
U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

by Elizabeth Montalbano on August 6, 2020 at 11:18 am

Government hopes to avoid interference in the upcoming November presidential vote with a hefty reward.
Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers

by Lindsey O'Donnell on August 5, 2020 at 10:27 pm

Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020.
Black Hat 2020: Scaling Mail-In Voting Spawns Broad Challenges

by Tara Seals on August 5, 2020 at 9:00 pm

Voting Village security celeb Matt Blaze delves into the logistics of scaling up mail-in voting ahead of November's election.
Microsoft Teams Patch Bypass Allows RCE

by Tara Seals on August 5, 2020 at 3:47 pm

An attacker can hide amidst legitimate traffic in the application's update function.
NSA Warns Smartphones Leak Location Data

by Elizabeth Montalbano on August 5, 2020 at 3:43 pm

The agency known for its own questionable surveillance activity advised how mobile users can limit others’ ability to track where they are.
Apple Knocked Off Perch as Most Imitated Brand for Phishing Attacks

by Elizabeth Montalbano on August 4, 2020 at 12:20 pm

COVID-19 pandemic spurs spoofing preference changes, plus a surge in email-based attacks.
Podcast: Learning to ‘Speak the Language’ of OT Security Teams

by Lindsey O'Donnell on August 4, 2020 at 12:19 pm

Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected.
Google Updates Ad Policies to Counter Influence Campaigns, Extortion

by Tara Seals on August 3, 2020 at 8:01 pm

Starting Sept. 1, Google will crack down on misinformation, a lack of transparency and the ability to amplify or circulate politically influential content.
Garmin Pays Up to Evil Corp After Ransomware Attack — Reports

by Tara Seals on August 3, 2020 at 4:26 pm

The ransom for the decryptor key in the WastedLocker attack could have topped $10 million, sources said.
Authorities Arrest Alleged 17-Year-Old ‘Mastermind’ Behind Twitter Hack

by Lindsey O'Donnell on July 31, 2020 at 8:21 pm

Three have been charged in alleged connection with the recent high-profile Twitter hack - including a 17-year-old teen from Florida who is the reported "mastermind" behind the attack.
Doki Backdoor Infiltrates Docker Servers in the Cloud

by Tara Seals on July 30, 2020 at 5:00 pm

The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet.
Billions of Devices Impacted by Secure Boot Bypass

by Tara Seals on July 29, 2020 at 7:53 pm

The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT, IoT and home networks.
Critical Bugs in Utilities VPNs Could Cause Physical Damage

by Tara Seals on July 29, 2020 at 6:02 pm

Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug

by Tara Seals on July 24, 2020 at 4:32 pm

Power plants, factories, oil and gas refineries and more are all in the sights of foreign adversaries, the U.S. warns.
UPDATED: Garmin Suffers Reported Ransomware Attack

by Tara Seals on July 23, 2020 at 7:43 pm

Garmin's consumer and commercial aviation services, websites and customer service have all been rendered unavailable.
Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers

by Tara Seals on July 23, 2020 at 4:56 pm

COVID-19 has changed the face of cybercrime, as the latest malware statistics show.
ASUS Home Router Bugs Open Consumers to Snooping Attacks

by Tara Seals on July 23, 2020 at 4:04 pm

The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.
CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug

by Elizabeth Montalbano on July 17, 2020 at 3:43 pm

An emergency directive orders some federal agencies to apply Microsoft’s patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET).
Microsoft Tackles 123 Fixes for July Patch Tuesday

by Tom Spring on July 14, 2020 at 9:32 pm

Eighteen critical bugs, impacting Windows Server, Office and Outlook, were fixed as part of the patch roundup.
Smartwatch Hack Could Trick Dementia Patients into Overdosing

by Lindsey O'Donnell on July 10, 2020 at 4:25 pm

Attackers could hack the smartwatch and send dementia patients alerts for taking their medication.
E.U. Authorities Crack Encryption of Massive Criminal and Murder Network

by Elizabeth Montalbano on July 3, 2020 at 3:10 pm

Four-year investigation shuts down EncroChat and busts 746 alleged criminals for planning murders, selling drugs and laundering money.
‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices

by Tara Seals on June 16, 2020 at 4:22 pm

The vulnerabilities affect everything from printers to insulin pumps to ICS gear.
Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

by Tara Seals on June 9, 2020 at 5:09 pm

The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.
Steganography Anchors Pinpoint Attacks on Industrial Targets

by Tara Seals on May 29, 2020 at 7:58 pm

Ongoing spear-phishing attacks aim at stolen Windows credentials for ICS suppliers worldwide.
Quantum Security Goes Live with Samsung Galaxy

by Tara Seals on May 15, 2020 at 3:54 pm

Quantum technology, which has been touted as "unhackable," debuts with Samsung, SK Telecom in a world's first.
Paying Ransomware Crooks Doubles Clean-up Costs, Report

by Elizabeth Montalbano on May 15, 2020 at 1:17 pm

Paying ransom to cybercriminals costs companies hit with ransomware attacks more than recovering data on their own, according to a new research.
Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

by Tara Seals on May 7, 2020 at 9:01 pm

The cybercriminals are using a deserialization vulnerability, CVE-2019-18935, to achieve remote code execution before moving laterally through the enterprise.
Zoom Beefs Up End-to-End Encryption to Thwart ‘Zoombombers’

by Tara Seals on May 7, 2020 at 4:43 pm

As the company continues to battle security woes, it has acquired Keybase to boost security and privacy. A full cryptographic draft architecture will be available on May 22.

Security Topics

Your infrastructure matters. So why trust anyone but the best?