Threat Post

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

Threat Post - Thu, 01/23/2020 - 3:02pm
The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.
Categories: Threat Post

U.S. Gov Agency Targeted With Malware-Laced Emails

Threat Post - Thu, 01/23/2020 - 2:08pm
The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.
Categories: Threat Post

Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia

Threat Post - Thu, 01/23/2020 - 2:00pm
The malware uses thousands of partner websites to spread malvertising code.
Categories: Threat Post

Cisco Warns of Critical Network Security Tool Flaw

Threat Post - Thu, 01/23/2020 - 10:56am
The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.
Categories: Threat Post

Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking

Threat Post - Thu, 01/23/2020 - 6:54am
New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.
Categories: Threat Post

Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment

Threat Post - Wed, 01/22/2020 - 6:50pm
The competition targets the systems that run critical infrastructure and more.
Categories: Threat Post

Vivin Nets Thousands of Dollars Using Cryptomining Malware

Threat Post - Wed, 01/22/2020 - 5:19pm
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn't going away anytime soon.
Categories: Threat Post

sLoad Malware Revamped as Powerful ‘StarsLord’ Loader

Threat Post - Wed, 01/22/2020 - 10:47am
The newest version of the sLoad malware dropper comes equipped with infection tracking capabilities and an anti-analysis trick.
Categories: Threat Post

Microsoft Leaves 250M Customer Service Records Open to the Web

Threat Post - Wed, 01/22/2020 - 10:01am
The trove of information is potentially a scammer's bonanza.
Categories: Threat Post

New Muhstik Botnet Attacks Target Tomato Routers

Threat Post - Wed, 01/22/2020 - 8:01am
Palo Alto Networks’ Unit 42 researchers observed a variant of the wormlike botnet that adds scanner technology to brute-force Web authentication.
Categories: Threat Post

PoC Exploits Do More Good Than Harm: Threatpost Poll

Threat Post - Wed, 01/22/2020 - 6:01am
More than half of security experts think that the good outweighs the bad when it comes to proof-of-concept exploits, according to a recent Threatpost poll.
Categories: Threat Post

16Shop Phishing Gang Goes After PayPal Users

Threat Post - Tue, 01/21/2020 - 5:07pm
A sophisticated malware-as-a-service phishing kit includes full customer service and anti-detection technologies.
Categories: Threat Post

Citrix Accelerates Patch Rollout For Critical RCE Flaw

Threat Post - Tue, 01/21/2020 - 12:19pm
Citrix has issued the first of several updates fixing a critical vulnerability in various versions of its Citrix Application Delivery Controller (ADC) and Citrix Gateway products.
Categories: Threat Post

FTCODE Ransomware Now Steals Chrome, Firefox Credentials

Threat Post - Tue, 01/21/2020 - 10:02am
New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook.
Categories: Threat Post

Microsoft Zero-Day Actively Exploited, Patch Forthcoming

Threat Post - Tue, 01/21/2020 - 9:58am
CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote code execution and complete takeover.
Categories: Threat Post

Hacker Leaks More Than 500K Telnet Credentials for IoT Devices

Threat Post - Tue, 01/21/2020 - 6:57am
Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.
Categories: Threat Post

New JhoneRAT Malware Targets Middle East

Threat Post - Fri, 01/17/2020 - 5:01pm
Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
Categories: Threat Post

Feds Cut Off Access to Billions of Breached Records with Site Takedown

Threat Post - Fri, 01/17/2020 - 4:46pm
The WeLeakInfo "data breach notification" domain is no more.
Categories: Threat Post

Mobile Carrier Customer Service Ushers in SIM-Swap Fraud

Threat Post - Fri, 01/17/2020 - 4:03pm
Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
Categories: Threat Post

Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?

Threat Post - Fri, 01/17/2020 - 1:39pm
Are publicly released proof-of-concept exploits more helpful for system defenders -- or bad actors?
Categories: Threat Post