Threat Post

Misconfigured Docker Servers Under Attack by Xanthe Malware

Threat Post - 4 hours 46 min ago
The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs.
Categories: Threat Post

Android Messenger App Still Leaking Photos, Videos

Threat Post - 5 hours 8 min ago
The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers.
Categories: Threat Post

Cayman Islands Bank Records Exposed in Open Azure Blob

Threat Post - 7 hours 1 min ago
An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.
Categories: Threat Post

Zoom Impersonation Attacks Aim to Steal Credentials

Threat Post - 9 hours 31 min ago
The Better Business Bureau warns of phishing messages with the Zoom logo that tell recipients they have a missed meeting or suspended account.
Categories: Threat Post

Electronic Medical Records Cracked Open by OpenClinic Bugs

Threat Post - 9 hours 40 min ago
Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more.
Categories: Threat Post

Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout

Threat Post - 13 hours 18 min ago
New credit-card skimmer uses postMessage to make malicious process look authentic to victims to steal payment data.
Categories: Threat Post

Post-Cyberattack, UVM Health Network Still Picking Up Pieces

Threat Post - Mon, 11/30/2020 - 4:25pm
More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues.
Categories: Threat Post

Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand

Threat Post - Mon, 11/30/2020 - 4:19pm
The ransomware group has leaked stolen data to add pressure on the company to pay up.
Categories: Threat Post

Digitally Signed Bandook Trojan Reemerges in Global Spy Campaign

Threat Post - Mon, 11/30/2020 - 2:39pm
A strain of the 13-year old backdoor Bandook trojan has been spotted in an espionage campaign.
Categories: Threat Post

MacOS Users Targeted By OceanLotus Backdoor

Threat Post - Mon, 11/30/2020 - 12:52pm
The new backdoor comes with multiple payloads and new detection evasion tactics.
Categories: Threat Post

Pandemic, A Driving Force in 2021 Financial Crime

Threat Post - Mon, 11/30/2020 - 12:46pm
Ransomware gangs with zero-days and more players overall will characterize financially motivated cyberattacks next year.
Categories: Threat Post

2021 Healthcare Cybersecurity Priorities: Experts Weigh In

Threat Post - Sat, 11/28/2020 - 10:00am
Hackers are putting a bullseye on healthcare. Experts explore why hospitals are being singled out and what any company can do to better protect themselves.
Categories: Threat Post

TurkeyBombing Puts New Twist on Zoom Abuse

Threat Post - Fri, 11/27/2020 - 12:33pm
Threat actors already stole nearly 4,000 credentials before the holiday was even over, according to report.
Categories: Threat Post

Cybersecurity Predictions for 2021: Robot Overlords No, Connected Car Hacks Yes

Threat Post - Fri, 11/27/2020 - 9:00am
While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense.
Categories: Threat Post

ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats

Threat Post - Fri, 11/27/2020 - 9:00am
Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year's Black Friday and Cyber Monday holiday shopping events.
Categories: Threat Post

Federated Learning: A Therapeutic for what Ails Digital Health

Threat Post - Thu, 11/26/2020 - 9:00am
Researchers show the promise of Federated Learning to protect patient privacy and improve healthcare outcomes across the world.
Categories: Threat Post

Changing Employee Security Behavior Takes More Than Simple Awareness

Threat Post - Thu, 11/26/2020 - 9:00am
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.
Categories: Threat Post

Major BEC Phishing Ring Cracked Open with 3 Arrests

Threat Post - Wed, 11/25/2020 - 12:05pm
Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares.
Categories: Threat Post

Critical MobileIron RCE Flaw Under Active Attack

Threat Post - Wed, 11/25/2020 - 11:55am
Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.
Categories: Threat Post

How to Update Your Remote Access Policy – And Why You Should Now

Threat Post - Wed, 11/25/2020 - 10:25am
Reducing the risks of remote work starts with updating the access policies of yesterday.
Categories: Threat Post