Threat Post

Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers

Threat Post - Thu, 03/04/2021 - 5:19pm
Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack.
Categories: Threat Post

Cyberattackers Target Top Russian Cybercrime Forums

Threat Post - Thu, 03/04/2021 - 4:42pm
Elite Russian forums for cybercriminals have been hacked in a string of breaches, leaving hackers edgy and worried about law enforcement.  
Categories: Threat Post

National Surveillance Camera Rollout Roils Privacy Activists

Threat Post - Thu, 03/04/2021 - 12:21pm
TALON, a network of smart, connected security cameras developed by the Atlanta-based startup and installed by law enforcement around the country, raises surveillance-related privacy concerns.
Categories: Threat Post

CISA Orders Federal Agencies to Patch Exchange Servers

Threat Post - Thu, 03/04/2021 - 12:08pm
Espionage attacks exploiting the just-patched remote code-execution security bugs in Microsoft Exchange servers are quickly spreading.
Categories: Threat Post

COVID-19 Vaccine Spear-Phishing Attacks Jump 26 Percent

Threat Post - Thu, 03/04/2021 - 11:01am
Cybercriminals are using the COVID-19 vaccine to steal Microsoft credentials, infect systems with malware and bilk victims out of hundreds of dollars.
Categories: Threat Post

Unpatched Bug in WiFi Mouse App Opens PCs to Attack

Threat Post - Wed, 03/03/2021 - 4:49pm
Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.
Categories: Threat Post

Google Patches Actively-Exploited Flaw in Chrome Browser

Threat Post - Wed, 03/03/2021 - 4:17pm
A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.
Categories: Threat Post

Malaysia Air Downplays Frequent-Flyer Program Data Breach

Threat Post - Wed, 03/03/2021 - 4:15pm
A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals. 
Categories: Threat Post

Home-Office Photos: A Ripe Cyberattack Vector

Threat Post - Wed, 03/03/2021 - 2:29pm
Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk.
Categories: Threat Post

RTM Cybergang Adds New Quoter Ransomware to Crime Spree

Threat Post - Wed, 03/03/2021 - 2:18pm
The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics.
Categories: Threat Post

Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

Threat Post - Wed, 03/03/2021 - 2:12pm
Attackers have weaponized code dependency confusion to target internal apps at tech giants.
Categories: Threat Post

Microsoft Exchange Zero-Day Attackers Spy on U.S. Targets

Threat Post - Wed, 03/03/2021 - 10:30am
Full dumps of email boxes, lateral movement and backdoors characterize sophisticated attacks on civil-society targets by a Chinese APT.
Categories: Threat Post

Post-Cyberattack, Universal Health Services Faces $67M in Losses

Threat Post - Tue, 03/02/2021 - 4:27pm
The Fortune-500 hospital network owner is facing steep costs in damages after a cyberattack impacted patient care and billing in September and October.
Categories: Threat Post

Jailbreak Tool Works on iPhones Up to iOS 14.3

Threat Post - Tue, 03/02/2021 - 12:54pm
The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices.
Categories: Threat Post

Compromised Website Images Camouflage ObliqueRAT Malware

Threat Post - Tue, 03/02/2021 - 12:06pm
Emails spreading the ObliqueRAT malware now make use of steganography, disguising their payloads on compromised websites.
Categories: Threat Post

Ryuk Ransomware: Now with Worming Self-Propagation

Threat Post - Tue, 03/02/2021 - 11:54am
The Ryuk scourge has a new trick in its arsenal: Self-replication via SMB shares and port scanning.
Categories: Threat Post

Mobile Adware Booms, Online Banks Become Prime Target for Attacks

Threat Post - Mon, 03/01/2021 - 5:54pm
A snapshot of the 2020 mobile threat landscape reveals major shifts toward adware and threats to online banks.
Categories: Threat Post

Malware Loader Abuses Google SEO to Expand Payload Delivery

Threat Post - Mon, 03/01/2021 - 4:23pm
Gootloader has expanded its payloads beyond the Gootkit malware family, using Google SEO poisoning to gain traction.
Categories: Threat Post

Passwords, Private Posts Exposed in Hack of Gab Social Network

Threat Post - Mon, 03/01/2021 - 3:41pm
The Distributed Denial of Secrets group claim they have received more than 70 gigabytes of data exfiltrated from social media platform Gab.
Categories: Threat Post

Firewall Vendor Patches Critical Auth Bypass Flaw

Threat Post - Mon, 03/01/2021 - 10:59am
Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.
Categories: Threat Post