Threatpost

Syndikovat obsah
The First Stop For Security News
Aktualizace: 2 roky 42 týdny zpět

New Twists on Gift-Card Scams Flourish on Black Friday

25 Listopad, 2021 - 17:02
Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.
Kategorie: Hacking & Security

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery

24 Listopad, 2021 - 18:28
A new trojan called Android.Cynos.7.origin, designed to collect Android users’ device data and phone numbers, was found in 190 games installed on over 9M Android devices.
Kategorie: Hacking & Security

GoDaddy Breach Widens to Include Reseller Subsidiaries

24 Listopad, 2021 - 17:16
Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.
Kategorie: Hacking & Security

Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

24 Listopad, 2021 - 16:55
Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes.
Kategorie: Hacking & Security

Attackers Actively Target Windows Installer Zero-Day

24 Listopad, 2021 - 15:09
Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month.
Kategorie: Hacking & Security

Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast

23 Listopad, 2021 - 22:09
That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky.
Kategorie: Hacking & Security

How to Defend Against Mobile App Impersonation

23 Listopad, 2021 - 15:00
Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to defense against this.
Kategorie: Hacking & Security

Common Cloud Misconfigurations Exploited in Minutes, Report

23 Listopad, 2021 - 13:59
Opportunistic attackers instantly exploited insecurely exposed services deployed in honeypots by Unit 42 researchers, demonstrating the immediate danger of these typical mistakes.
Kategorie: Hacking & Security

GoDaddy’s Latest Breach Affects 1.2M Customers

22 Listopad, 2021 - 23:03
The kingpin domain registrar has logged its fifth cyber-incident since 2018, after an attacker with a compromised password stole email addresses, SSH keys and database logins.
Kategorie: Hacking & Security

Online Merchants: Prevent Fraudsters from Becoming Holiday Grinches

22 Listopad, 2021 - 21:13
Black Friday and Cyber Monday approach! Saryu Nayyar, CEO at Gurucul, discusses concerning statistics about skyrocketing online fraud during the festive season.
Kategorie: Hacking & Security

Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws

22 Listopad, 2021 - 20:26
Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters.
Kategorie: Hacking & Security

Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover

22 Listopad, 2021 - 20:14
CloudLinux's security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug.
Kategorie: Hacking & Security

Iranians Charged in Cyberattacks Against U.S. 2020 Election

19 Listopad, 2021 - 20:49
The State Department has offered a $10M reward for tips on the two Iran-based threat actors accused of voter intimidation and disinformation.
Kategorie: Hacking & Security

6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years

19 Listopad, 2021 - 18:39
Pen Test Partners didn't disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm.
Kategorie: Hacking & Security

California Pizza Kitchen Serves Up Employee SSNs in Data Breach

19 Listopad, 2021 - 14:31
A hefty slice of data – that of 100K+ current and former employees – was spilled in an “external system breach,” the pizza chain said. 
Kategorie: Hacking & Security

Ransomware Phishing Emails Sneak Through SEGs

18 Listopad, 2021 - 22:45
The MICROP ransomware spreads via Google Drive and locally stored passwords.
Kategorie: Hacking & Security

3 Top Tools for Defending Against Phishing Attacks

18 Listopad, 2021 - 19:49
Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.
Kategorie: Hacking & Security

FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

18 Listopad, 2021 - 17:27
The bureau's flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets' networks.
Kategorie: Hacking & Security

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

18 Listopad, 2021 - 15:00
Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific ‘ephemeral’ aspect of the project-management tool to link to SharePoint phishing pages.
Kategorie: Hacking & Security

How to Choose the Right DDoS Protection Solution

18 Listopad, 2021 - 14:59
Pankaj Gupta, Senior Director at Citrix, outlines how distributed denial of service attacks have become increasingly sophisticated, bigger and economically motivated.
Kategorie: Hacking & Security