Threat Post

Microsoft Edge, Google Chrome Roll Out Password Protection Tools

Threat Post - Fri, 01/22/2021 - 4:57pm
The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords.
Categories: Threat Post

Amazon Kindle RCE Attack Starts with an Email

Threat Post - Fri, 01/22/2021 - 4:55pm
The "KindleDrip" attack would have allowed attackers to siphon money from unsuspecting victims.
Categories: Threat Post

ADT Tech Hacks Home-Security Cameras to Spy on Women

Threat Post - Fri, 01/22/2021 - 2:08pm
A former ADT employee pleads guilty of accessing customers’ cameras so he could spy on them.
Categories: Threat Post

Discord-Stealing Malware Invades npm Packages

Threat Post - Fri, 01/22/2021 - 1:35pm
The CursedGrabber malware has infiltrated the open-source software code repository.
Categories: Threat Post

Ransomware Attackers Publish 4K Private Scottish Gov Agency Files

Threat Post - Fri, 01/22/2021 - 12:30pm
Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve.
Categories: Threat Post

Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks

Threat Post - Fri, 01/22/2021 - 7:45am
Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic.
Categories: Threat Post

Einstein Healthcare Network Announces August Breach

Threat Post - Thu, 01/21/2021 - 3:00pm
Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty.
Categories: Threat Post

SQL Server Malware Tied to Iranian Software Firm, Researchers Allege

Threat Post - Thu, 01/21/2021 - 2:42pm
Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm.
Categories: Threat Post

Google Forms Set Baseline For Widespread BEC Attacks

Threat Post - Thu, 01/21/2021 - 10:02am
Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms.
Categories: Threat Post

Google Searches Expose Stolen Corporate Credentials

Threat Post - Thu, 01/21/2021 - 9:00am
A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments.
Categories: Threat Post

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Threat Post - Wed, 01/20/2021 - 4:47pm
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
Categories: Threat Post

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

Threat Post - Wed, 01/20/2021 - 3:45pm
The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory.
Categories: Threat Post

Malwarebytes Hit by SolarWinds Attackers

Threat Post - Wed, 01/20/2021 - 12:36pm
The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
Categories: Threat Post

Investment Scammers Prey on Dating App Users, Interpol Warns

Threat Post - Wed, 01/20/2021 - 11:42am
Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers.
Categories: Threat Post

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms

Threat Post - Wed, 01/20/2021 - 10:21am
Mystery of spying using popular chat apps uncovered by Google Project Zero researcher.
Categories: Threat Post

DNSpooq Flaws Allow DNS Hijacking of Millions of Devices

Threat Post - Tue, 01/19/2021 - 4:25pm
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
Categories: Threat Post

Rob Joyce to Take Over as NSA Cybersecurity Director

Threat Post - Tue, 01/19/2021 - 3:20pm
Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.
Categories: Threat Post

SolarWinds Malware Arsenal Widens with Raindrop

Threat Post - Tue, 01/19/2021 - 11:40am
The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks.
Categories: Threat Post

Linux Devices Under Attack by New FreakOut Malware

Threat Post - Tue, 01/19/2021 - 10:51am
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.
Categories: Threat Post

Attackers Steal E-Mails, Info from OpenWrt Forum

Threat Post - Tue, 01/19/2021 - 9:45am
Users of the Linux-based open-source firmware—which include developers from commercial router companies--may be targeted by phishing campaigns, administrators warn.
Categories: Threat Post