Threat Post

FIN7 Backdoor Masquerades as Ethical Hacking Tool

Threat Post - Fri, 05/14/2021 - 1:36pm
The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines.
Categories: Threat Post

DarkSide Ransomware Suffers ‘Oh, Crap!’ Server Shutdowns

Threat Post - Fri, 05/14/2021 - 12:05pm
The RaaS that crippled Colonial Pipeline lost the servers it uses to pull off ransomware attacks, while REvil’s gonads shrank in response.
Categories: Threat Post

‘Scheme Flooding’ Allows Websites to Track Users Across Browsers

Threat Post - Fri, 05/14/2021 - 10:03am
A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor.
Categories: Threat Post

Verizon: Pandemic Ushers in ⅓ More Cyber-Misery

Threat Post - Fri, 05/14/2021 - 9:26am
The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers.
Categories: Threat Post

Ransomware’s New Swindle: Triple Extortion

Threat Post - Fri, 05/14/2021 - 8:30am
Ransomware attackers are now demanding cash from the customers of victims too.  
Categories: Threat Post

How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

Threat Post - Fri, 05/14/2021 - 8:00am
Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting.
Categories: Threat Post

Colonial Pipeline Shells Out $5M in Extortion Payout, Report

Threat Post - Thu, 05/13/2021 - 4:22pm
According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key.
Categories: Threat Post

Ransomware Going for $4K on the Cyber-Underground

Threat Post - Thu, 05/13/2021 - 3:52pm
An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships.
Categories: Threat Post

Beyond MFA: Rethinking the Authentication Key

Threat Post - Thu, 05/13/2021 - 11:39am
Tony Lauro, director of security technology and strategy at Akamai, discusses hardware security dongles and using phones to act as surrogates for them.
Categories: Threat Post

Fresh Loader Targets Aviation Victims with Spy RATs

Threat Post - Thu, 05/13/2021 - 10:55am
The campaign is harvesting screenshots, keystrokes, credentials, webcam feeds, browser and clipboard data and more, with RevengeRAT or AsyncRAT payloads.
Categories: Threat Post

Apple’s ‘Find My’ Network Exploited via Bluetooth

Threat Post - Thu, 05/13/2021 - 9:39am
The ‘Send My’ exploit can use Apple's locator service to collect and send information from nearby devices for later upload to iCloud servers.
Categories: Threat Post

Five Critical Password Security Rules Your Employees Are Ignoring

Threat Post - Thu, 05/13/2021 - 9:00am
According to Keeper Security’s Workplace Password Malpractice Report, many remote workers aren’t following best practices for password security.
Categories: Threat Post

Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags

Threat Post - Thu, 05/13/2021 - 7:39am
FBI/CISA warn about the RaaS network behind the Colonial hack, Colonial restarts operations, and researchers details groups that rent the ransomware.
Categories: Threat Post

Researchers Flag e-Voting Security Flaws

Threat Post - Wed, 05/12/2021 - 4:43pm
Paper ballots and source-code transparency are recommended to improve election security.
Categories: Threat Post

Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales

Threat Post - Wed, 05/12/2021 - 3:51pm
A new type of fraud is spiking across the platform: Selling fake vax records to people who want to lie their way into places where proof of vaccine is required.
Categories: Threat Post

Gig Workers Paid $500 for Payroll Passwords

Threat Post - Wed, 05/12/2021 - 12:50pm
Argyle is paying workers to help hack payroll providers, researchers suspect.
Categories: Threat Post

‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices

Threat Post - Wed, 05/12/2021 - 11:48am
Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they're in range.
Categories: Threat Post

TeaBot Trojan Targets Banks via Hijacked Android Handsets

Threat Post - Wed, 05/12/2021 - 8:41am
Malware first observed in Italy can steal victims’ credentials and SMS messages as well as livestream device screens on demand.
Categories: Threat Post

Wormable Windows Bug Opens Door to DoS, RCE

Threat Post - Tue, 05/11/2021 - 4:05pm
Microsoft's May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities.
Categories: Threat Post

GitHub Prepares to Move Beyond Passwords

Threat Post - Tue, 05/11/2021 - 3:46pm
GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords.
Categories: Threat Post