Threat Post

‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics

Threat Post - 1 hour 8 min ago
Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware.
Categories: Threat Post

Vulnerability Name Affected Component

Threat Post - 2 hours 33 min ago
Vulnerability Name Affected Component CVE# Date Underflow in udpRXThread HMI3 Control Panel in: Nexus Panel CVE-2021-37161 02/08/2021 Overflow in sccProcessMsg HMI3 Control Panel in: Nexus Panel CVE-2021-37162 02/08/2021 Overflow in hmiProcessMsg HMI3 Control Panel in: Nexus Panel CVE-2021-37165 02/08/2021 Off-by-three stack overflow in tcpTxThread HMI3 Control Panel in: Nexus Panel CVE-2021-37164 02/08/2021 GUI socket Denial […]
Categories: Threat Post

Chipotle Emails Serve Up Phishing Lures

Threat Post - 2 hours 51 min ago
Mass email distribution service compromise mirrors earlier Nobelium attacks.
Categories: Threat Post

NSA Warns Public Networks are Hacker Hotbeds

Threat Post - Fri, 07/30/2021 - 5:06pm
Agency warns attackers targeting teleworkers to steal corporate data.
Categories: Threat Post

Novel Meteor Wiper Used in Attack that Crippled Iranian Train System

Threat Post - Fri, 07/30/2021 - 11:21am
A July 9th attack disrupted service and taunted Iran’s leadership with hacked screens directing customers to call the phone of Iranian Supreme Leader Khamenei with complaints.
Categories: Threat Post

UC San Diego Health Breach Tied to Phishing Attack

Threat Post - Thu, 07/29/2021 - 3:16pm
Employee email takeover exposed personal, medical data of students, employees and patients.
Categories: Threat Post

CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer

Threat Post - Thu, 07/29/2021 - 2:39pm
There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?
Categories: Threat Post

Israeli Government Agencies Visit NSO Group Offices

Threat Post - Thu, 07/29/2021 - 12:25pm
Authorities opened an investigation into the secretive Israeli security firm.
Categories: Threat Post

Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them

Threat Post - Thu, 07/29/2021 - 9:00am
Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them.
Categories: Threat Post

BlackMatter & Haron: Evil Ransomware Newborns or Rebirths

Threat Post - Wed, 07/28/2021 - 2:33pm
They’re either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling.
Categories: Threat Post

Reboot of PunkSpider Tool at DEF CON Stirs Debate

Threat Post - Wed, 07/28/2021 - 1:44pm
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.
Categories: Threat Post

Podcast: Why Securing Active Directory Is a Nightmare

Threat Post - Wed, 07/28/2021 - 7:01am
Researchers preview work to be presented at Black Hat on how AD “misconfiguration debt” lays out a dizzying array of attack paths, such as in PetitPotam.
Categories: Threat Post

No More Ransom Saves Victims Nearly €1 Over 5 Years

Threat Post - Tue, 07/27/2021 - 5:10pm
No More Ransom is collecting decryptors so ransomware victims don’t have to pay to get their data back and attackers don’t get rich.
Categories: Threat Post

Zimbra Server Bugs Could Lead to Email Plundering

Threat Post - Tue, 07/27/2021 - 1:30pm
Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email.
Categories: Threat Post

Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers

Threat Post - Tue, 07/27/2021 - 11:43am
The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP.
Categories: Threat Post

Apple Patches Actively Exploited Zero-Day in iOS, MacOS

Threat Post - Tue, 07/27/2021 - 9:36am
Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system.
Categories: Threat Post

Podcast: IoT Piranhas Are Swarming Industrial Controls

Threat Post - Mon, 07/26/2021 - 6:09pm
Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure.
Categories: Threat Post

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn

Threat Post - Mon, 07/26/2021 - 5:08pm
A comment spammer flooded Babuk’s new ransomware forum with gay orgy porn GIFs and demanded $5K in bitcoin.
Categories: Threat Post

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Threat Post - Mon, 07/26/2021 - 3:33pm
Microsoft releases mitigations for a Windows NT LAN Manager exploit that forces remote Windows systems to reveal password hashes that can be easily cracked.
Categories: Threat Post

Malware Makers Using ‘Exotic’ Programming Languages

Threat Post - Mon, 07/26/2021 - 11:00am
Sprechen Sie Rust? Polyglot malware authors are increasingly using obscure programming languages to evade detection.
Categories: Threat Post