Threatpost | The first stop for security news

‘Killnet’ Adversary Pummels Lithuania with DDoS Attacks Over Blockade

By Elizabeth Montalbano — June 28^th 2022 at 12:17

Cyber collective Killnet claims it won’t let up until the Baltic country opens trade routes to and from the Russian exclave of Kaliningrad.

Threatpost | The first stop for security news

Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data

By Sagar Tiwari — June 28^th 2022 at 11:57

CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers.

Threatpost | The first stop for security news

Google Warns Spyware Being Deployed Against Android, iOS Users

By Elizabeth Montalbano — June 24^th 2022 at 11:02

The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.

Threatpost | The first stop for security news

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

By Elizabeth Montalbano — June 23^rd 2022 at 12:21

The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.

Threatpost | The first stop for security news

Gamification of Ethical Hacking and Hacking Esports

By Joseph Carson — June 22^nd 2022 at 12:49

Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, explores why gamified platforms and hacking esports are the future.

Threatpost | The first stop for security news

Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture

By Elizabeth Montalbano — June 22^nd 2022 at 12:34

Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices.

Threatpost | The first stop for security news

Elusive ToddyCat APT Targets Microsoft Exchange Servers

By Sagar Tiwari — June 22^nd 2022 at 12:18

The threat actor targets institutions and companies in Europe and Asia.

Threatpost | The first stop for security news

Modern IT Security Teams’ Inevitable Need for Advanced Vulnerability Management

By Mandy Davenport — June 21^st 2022 at 15:19

Traditional vulnerability management programs are outdated, with little to no innovation in the last two decades. Today's dynamic IT environment demands an advanced vulnerability management program to deal with the complex attack surface and curb security risks.

Threatpost | The first stop for security news

Kazakh Govt. Used Spyware Against Protesters

By Nate Nelson — June 21^st 2022 at 12:48

Researchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders.

Threatpost | The first stop for security news

Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack

By Sagar Tiwari — June 21^st 2022 at 12:34

A reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.

Threatpost | The first stop for security news

Voicemail Scam Steals Microsoft Credentials

By Elizabeth Montalbano — June 21^st 2022 at 11:20

Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details.

Threatpost | The first stop for security news

China-linked APT Flew Under Radar for Decade

By Nate Nelson — June 17^th 2022 at 13:34

Evidence suggests that a just-discovered APT has been active since 2013.

Threatpost | The first stop for security news

State-Sponsored Phishing Attack Targeted Israeli Military Officials

By Nate Nelson — June 16^th 2022 at 11:59

Analysts have uncovered an Iran-linked APT sending malicious emails to top Israeli government officials.

Threatpost | The first stop for security news

Ransomware Risk in Healthcare Endangers Patients

By Ryan Witt — June 16^th 2022 at 11:24

Ryan Witt, Proofpoint's Healthcare Cybersecurity Leader, examines the impact of ransomware on patient care.

Threatpost | The first stop for security news

Facebook Messenger Scam Duped Millions

By Nate Nelson — June 16^th 2022 at 10:59

One well crafted phishing message sent via Facebook Messenger ensnared 10 million Facebook users and counting.

Threatpost | The first stop for security news

DragonForce Gang Unleash Hacks Against Govt. of India

By Nate Nelson — June 15^th 2022 at 13:59

In response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India.

Threatpost | The first stop for security news

Travel-related Cybercrime Takes Off as Industry Rebounds

By Sagar Tiwari — June 15^th 2022 at 13:37

Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists.

Threatpost | The first stop for security news

In Cybersecurity, What You Can’t See Can Hurt You

By Sponsored Content — June 15^th 2022 at 13:00

The dangers to SMBs and businesses of all sizes from cyberattacks are well known. But what’s driving these attacks, and what do cybersecurity stakeholders need to do that they’re not already doing?

Threatpost | The first stop for security news

Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach

By Elizabeth Montalbano — June 14^th 2022 at 11:08

Attackers gained access to private account details through an email compromise incident that occurred in April.

Threatpost | The first stop for security news

Linux Malware Deemed ‘Nearly Impossible’ to Detect

By Elizabeth Montalbano — June 14^th 2022 at 10:55

Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.