Threat Post

GitLab Doles Out Half a Million Bucks to White Hats

Threat Post - Fri, 12/13/2019 - 4:45pm
The DevOps lifecycle management said that response to its year-old bug-bounty program has been robust.
Categories: Threat Post

Pairing Privacy and Security with Digital Identities in Retail

Threat Post - Fri, 12/13/2019 - 3:31pm
Omnichannel views of customers are a competitive edge -- but they have to be appropriately implemented.
Categories: Threat Post

Elegant sLoad Carries Out Spying, Payload Delivery in BITS

Threat Post - Fri, 12/13/2019 - 2:07pm
The BITS file-transfer component of Windows as a key piece of sLoad's attack methodology.
Categories: Threat Post

Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers

Threat Post - Fri, 12/13/2019 - 1:33pm
One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited.
Categories: Threat Post

FIN8 Targets Card Data at Fuel Pumps

Threat Post - Fri, 12/13/2019 - 9:51am
Paying at the pump has landed in the sights of the notorious PoS-skimming group.
Categories: Threat Post

Critical Remote Code-Execution Bugs Threaten Global Power Plants

Threat Post - Thu, 12/12/2019 - 4:55pm
Seventeen bugs could be exploited to stop electrical generation and cause malfunctions at power plants.
Categories: Threat Post

All in the (Ransomware) Family: 10 Ways to Take Action

Threat Post - Thu, 12/12/2019 - 1:33pm
Check out our list of top 10 things to do to protect your organization from the deepening scourge of ransomware.
Categories: Threat Post

Maze Ransomware Behind Pensacola Attack, Data Breach Looms

Threat Post - Thu, 12/12/2019 - 11:45am
Maze exfiltrates data as well as locks down systems. Officials said they don't know yet whether any residents' personal information has been breached. 
Categories: Threat Post

Your Smart Christmas Lights Are Safer Than They Were Last Year

Threat Post - Thu, 12/12/2019 - 9:20am
Manufacturers of the Twinkly IoT-connected lights slightly boosted security by switching out the Wi-Fi module, according to Pen Test Partners.
Categories: Threat Post

Retail Cyberattacks Set to Soar 20% in 2019 Holiday Season

Threat Post - Thu, 12/12/2019 - 6:00am
A couple of factors this year are making the 2019 holiday shopping season a circus for cybercriminals when it comes to cyberattacks against retail orgs.
Categories: Threat Post

Smart Krampus-3PC Malware Targets iPhone Users

Threat Post - Wed, 12/11/2019 - 4:16pm
The malware affected 100 different online publishers.
Categories: Threat Post

Serious Security Flaws Found in Children’s Connected Toys

Threat Post - Wed, 12/11/2019 - 3:38pm
Several toys that were tested have been found lacking authentication measures, opening them up to an array of insidious attacks.
Categories: Threat Post

Apple Fixes ‘AirDoS’ Bug That Cripples Nearby iPhones, iPads

Threat Post - Wed, 12/11/2019 - 2:49pm
Apple fixes bug that allows nearby hackers to render iPads and iPhones unusable.
Categories: Threat Post

Signal Tests Upgraded Cryptography for Groups Function

Threat Post - Wed, 12/11/2019 - 1:52pm
The secure messaging service is looking to address usability issues.
Categories: Threat Post

Modern Intel CPUs Plagued By Plundervolt Attack

Threat Post - Wed, 12/11/2019 - 11:01am
The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs.
Categories: Threat Post

Lazarus APT Collaborates with Trickbot’s Anchor Project

Threat Post - Wed, 12/11/2019 - 8:00am
An unprecedented connection between the North Korean APT and the crimeware giant spells trouble for global banks and other cybercrime targets.
Categories: Threat Post

Microsoft Zaps Actively Exploited Zero-Day Bug

Threat Post - Tue, 12/10/2019 - 4:21pm
December 2019's relatively light Patch Tuesday update also fixes seven critical flaws.
Categories: Threat Post

Cyberattack Downs Pensacola’s City Systems

Threat Post - Tue, 12/10/2019 - 2:35pm
The cyberattack comes days after a shooting at U.S. military base Naval Air Station Pensacola rocked the city.
Categories: Threat Post

Snatch Team Steals Data and Hammers Orgs with Ransomware

Threat Post - Tue, 12/10/2019 - 11:44am
Snatch has burst on the scene, featuring an array of executables and tools for carrying out carefully orchestrated attacks.
Categories: Threat Post

Adobe Fixes 17 Critical Acrobat, Photoshop and Brackets Flaws

Threat Post - Tue, 12/10/2019 - 11:37am
The patches are part of Adobe's regularly-scheduled fixes.
Categories: Threat Post