Threat Post

Wiper Malware Called “Coronavirus” Spreads Among Windows Victims

Threat Post - Wed, 04/01/2020 - 5:07pm
Like NotPetya, it overwrites the master boot record to render computers "trashed."
Categories: Threat Post

Coronavirus ‘Financial Relief’ Phishing Attacks Spike

Threat Post - Wed, 04/01/2020 - 3:48pm
A spate of phishing attacks have promised financial relief due to the coronavirus pandemic - but in reality swiped victims' credentials, payment card data and more.
Categories: Threat Post

Critical WordPress Plugin Bug Can Lock Admins Out of Websites

Threat Post - Wed, 04/01/2020 - 2:03pm
A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors.
Categories: Threat Post

Two Zoom Zero-Day Flaws Uncovered

Threat Post - Wed, 04/01/2020 - 12:00pm
The zero-day Zoom flaws could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera.
Categories: Threat Post

Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Threat Post - Wed, 04/01/2020 - 9:27am
An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.
Categories: Threat Post

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

Threat Post - Tue, 03/31/2020 - 5:16pm
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
Categories: Threat Post

Zoom Scrutinized As Security Woes Mount

Threat Post - Tue, 03/31/2020 - 1:35pm
The New York Attorney General has inquired about Zoom's data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies.
Categories: Threat Post

8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign

Threat Post - Tue, 03/31/2020 - 1:14pm
An old RAT learns an old trick.
Categories: Threat Post

Millions of Guests Impacted in Marriott Data Breach, Again

Threat Post - Tue, 03/31/2020 - 11:14am
The second breach in less than 24 months stemmed from employee account compromises.
Categories: Threat Post

Covid-19 Poll Results: One in Four Prioritize Health Over Privacy

Threat Post - Tue, 03/31/2020 - 6:00am
An informal Threatpost reader poll shows the majority of site visitors are privacy absolutists. But attitudes shift when the trade off is saving lives.
Categories: Threat Post

Nation-State Attacks Drop in Latest Google Analysis

Threat Post - Mon, 03/30/2020 - 4:53pm
Phishing and zero-days continue to be a core part of the APT arsenal.
Categories: Threat Post

Zoom Kills iOS App’s Data-Sharing Facebook Feature

Threat Post - Mon, 03/30/2020 - 3:27pm
Zoom removed its Facebook SDK for iOS feature after a report found the app sending Facebook "unnecessary" user data.
Categories: Threat Post

Zeus Sphinx Banking Trojan Arises Amid COVID-19

Threat Post - Mon, 03/30/2020 - 2:19pm
The malware is back after three years, looking to cash in on interest in government relief efforts around coronavirus.
Categories: Threat Post

Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers

Threat Post - Fri, 03/27/2020 - 10:43am
The vulnerability can be exploited to reveal limited traffic data including a device’s IP address.
Categories: Threat Post

Critical CODESYS Bug Allows Remote Code Execution

Threat Post - Thu, 03/26/2020 - 4:12pm
CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit.
Categories: Threat Post

Tupperware Cyberattack Stores Away Customer Payment Cards

Threat Post - Thu, 03/26/2020 - 2:16pm
The food container company's main website had a card skimmer that scooped up online customers' payment card data.
Categories: Threat Post

Emerging APT Mounts Mass iPhone Surveillance Campaign

Threat Post - Thu, 03/26/2020 - 1:49pm
The malware, the work of a new APT called TwoSail Junk, allows deep surveillance and total control over iOS devices.
Categories: Threat Post

As Zoom Booms Incidents of ‘ZoomBombing’ Become a Growing Nuisance

Threat Post - Thu, 03/26/2020 - 11:51am
Numerous instances of online conferences being disrupted by pornographic images, hate speech or even threats can be mitigated using some platform tools.
Categories: Threat Post

Hackers Hijack Routers to Spread Malware Via Coronavirus Apps

Threat Post - Thu, 03/26/2020 - 10:47am
The router DNS hijacking attacks have targeted more than a thousand victims with the Oski info-stealing malware.
Categories: Threat Post

Responding to the New Normal: How to Prevent Added Risk in Your Business

Threat Post - Thu, 03/26/2020 - 9:00am
With more employees than ever working remotely, there are numerous potential threats that organizations must be aware of.
Categories: Threat Post