Robuta

https://threatpost.com/google-to-deprecate-sslv3-rc4-in-gmail-imappop-clients/118533/ Google To Deprecate SSLv3, RC4 in Gmail IMAP/POP Clients | Threatpost Jun 13, 2016 - Google will next week begin a gradual deprecation of unsafe crypto protocol SSLv3 and cipher RC4 in Gmail IMAP/POP clients. https://threatpost.com/healthcare-maui-ransomware/180154/ U.S. Healthcare Orgs Targeted with Maui Ransomware | Threatpost Jul 8, 2022 - State-sponsored actors are deploying the unique malware–which targets specific files and leaves no ransomware note–in ongoing attacks. u shealthcareorgstargetedmaui https://threatpost.com/attacks-inboxes-gift-card/169187/ Brute-Force Attacks Target Inboxes for Gift Card Data | Threatpost Sep 3, 2021 - Cybercriminal enterprise is mass testing millions of usernames and passwords per day in a hunt for loyalty card data. brute force attacksgift card https://threatpost.com/ransomware-attacks-are-on-the-rise/180481/ Ransomware Attacks are on the Rise | Threatpost Aug 26, 2022 - Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. are on the riseransomware attacksthreatpost https://threatpost.com/cybersecurity-pitfalls-fixes-smbs/165225/ 15 Cybersecurity Pitfalls and Fixes for SMBs | Threatpost Apr 5, 2021 - In this roundtable, security experts focus on smaller businesses offer real-world advice for actionable ways to shore up defenses using fewer resources. for smbscybersecuritypitfallsfixesthreatpost https://threatpost.com/magecart-campaign-10k-online-shoppers/159216/ Magecart Attack Impacts More Than 10K Online Shoppers | Threatpost Sep 14, 2020 - Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit. more thanonline shoppersattackimpacts10k https://threatpost.com/meet-the-18-year-old-who-hacked-the-pentagon/118802/ Meet the 18-Year-Old Who Hacked the Pentagon | Threatpost Jun 22, 2016 - The Department of Defense last week released the results of the first Hack the Pentagon bounty program and 18-year-old David Dworken particpated. meet theyear oldhackedpentagonthreatpost https://threatpost.com/category/cryptography/ Category: Cryptography | Threatpost categorycryptographythreatpost https://threatpost.com/inside-hackers-toolkit/180360/ Podcast: Inside the Hackers’ Toolkit | Threatpost Sep 20, 2022 - This edition of the Threatpost podcast is sponsored by Egress. inside thepodcasttoolkitthreatpost https://threatpost.com/rsa-2021-embraces-resilience/166233/ What a Year It’s Been: RSA 2021 Embraces ‘Resilience’ | Threatpost May 17, 2021 - Keynoters from Cisco, Netflix and RSA highlighted lessons from the last year, and cybersecurity’s new mandate in the post-pandemic world: Bounce back stronger. what a yearrsaembracesthreatpost https://threatpost.com/ransomware-2020-extortion/162319/ Ransomware in 2020: A Banner Year for Extortion | Threatpost Dec 24, 2020 - From attacks on the UVM Health Network that delayed chemotherapy appointments, to ones on public schools that delayed students going back to the classroom,... banner yearransomwareextortionthreatpost https://threatpost.com/facebook-disrupts-spy-uyghurs/165032/ Facebook Disrupts Spy Effort Aimed at Uyghurs | Threatpost Mar 25, 2021 - The social-media giant took down legions of fake profiles aimed at spreading mobile espionage malware. facebookspyeffortaimeduyghurs https://threatpost.com/black-hat-and-def-con-roundup/180409/ Black Hat and DEF CON Roundup | Threatpost Aug 15, 2022 - ‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings. black hatdef conroundupthreatpost https://threatpost.com/microsoft-workaround-0day-attack/179776/ Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack | Threatpost Jun 1, 2022 - Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet,... microsoftreleasesworkaround0dayactive https://threatpost.com/telegram-triangulation-users-locations/162762/ Telegram Triangulation Pinpoints Users’ Exact Locations | Threatpost Jan 5, 2021 - The “People Nearby” feature in the secure messaging app can be abused to unmask a user’s precise location, a researcher said. telegramtriangulationexactlocationsthreatpost https://threatpost.com/a-deepfake-deep-dive-into-the-murky-world-of-digital-imitation/149131/ A Deepfake Deep Dive into the Murky World of Digital Imitation | Threatpost Jan 11, 2021 - Deepfake technology is becoming easier to create – and that’s opening the door for a new wave of malicious threats, from revenge porn to social media... deep dive https://threatpost.com/privacy-policy/ Data Privacy Statement Threatpost Inc. | Threatpost data privacy statementthreatpostinc https://threatpost.com/double-extortion-ransomware-data-leaks/176723/ ‘Double-Extortion’ Ransomware Damage Skyrockets 935% | Threatpost Dec 2, 2021 - Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found. ransomwaredamagethreatpost https://threatpost.com/qnap-customers-adrift-fix-openssl-bug/179197/ QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug | Threatpost Mar 31, 2022 - QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch. qnapcustomersadrift https://threatpost.com/microsoft-rampant-log4j-exploits-testing/177358/ Microsoft Sees Rampant Log4j Exploit Attempts, Testing | Threatpost Jan 5, 2022 - Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of... microsoftseesrampantlog4jexploit https://threatpost.com/virtual-currency-platform-tornado-cash-accused-of-aiding-apts/180367/ Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs | Threatpost Aug 9, 2022 - U.S. Treasury blocked the business of the virtual currency mixer for laundering more than $7 billion for hackers, including $455 million to help fund North... virtual currencyplatformaccusedaidingapts https://threatpost.com/category/vulnerabilities/ Category: Vulnerabilities | Threatpost categoryvulnerabilitiesthreatpost https://threatpost.com/intel-side-channel-attack-data/164582/ Newest Intel Side-Channel Attack Sniffs Out Sensitive Data | Threatpost Mar 8, 2021 - A new side-channel attack takes aim at Intel’s CPU ring interconnect in order to glean sensitive data. side channelsensitive datanewestintelattack https://threatpost.com/security-turbulence-in-the-cloud-survey-says/179437/ Security Turbulence in the Cloud: Survey Says… | Threatpost Apr 29, 2022 - Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps. in the cloudsecurityturbulencesurveythreatpost https://threatpost.com/microsoft-365-bec-innovation/163508/ Microsoft 365 Becomes Haven for BEC Innovation | Threatpost Feb 1, 2021 - Two new phishing tactics use the platform’s automated responses to evade email filters. microsoftbecomesinnovationthreatpost https://threatpost.com/microsoft-zero-days-wormable-bugs/179273/ Microsoft Zero-Days, Wormable Bugs Spark Concern | Threatpost Apr 12, 2022 - For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow... zero daysmicrosoftbugssparkconcern https://threatpost.com/montysthree-apt-industrial-targets/159957/ MontysThree APT Takes Unusual Aim at Industrial Targets | Threatpost Oct 7, 2020 - The newly discovered APT specializes in espionage campaigns against industrial holdings — a rare target for spyware. aim atapttakesunusualindustrial https://threatpost.com/iphones-attack-turned-off/179641/ iPhones Vulnerable to Attack Even When Turned Off | Threatpost May 17, 2022 - Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware. even whenturned offiphonesvulnerableattack https://threatpost.com/top-threatpost-stories-2020/162501/ Most-Wanted Threatpost Stories of 2020 | Threatpost Jan 5, 2021 - A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers... most wantedthreatpoststories https://threatpost.com/new-dridex-variant-slips-by-anti-virus-detection/146134/ New Dridex Variant Slips By Anti-Virus Detection | Threatpost Jun 28, 2019 - A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics. anti virusnewdridexvariantslips https://threatpost.com/sas-2019-joe-fitzpatrick-warns-of-the-5-supply-chain-attack/143684/ SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’ | Threatpost Sep 16, 2021 - At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain... joe fitzpatrickof thesupply chainsaswarns https://threatpost.com/lockbit-ransomware-proliferates-globally/168746/ LockBit 2.0 Ransomware Proliferates Globally | Threatpost Aug 17, 2021 - Fresh attacks target companies’ employees, promising millions of dollars in exchange for valid account credentials for initial access. lockbitransomwaregloballythreatpost https://threatpost.com/google-patches-zero-day-browser/160393/ Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser | Threatpost Oct 21, 2020 - The memory-corruption vulnerability exists in the browser’s FreeType font rendering library. zero dayin chromegooglepatches https://threatpost.com/rsa-ransomware-payments-josh-zelonis/142645/ Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks | Threatpost Mar 11, 2019 - In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises. set to https://threatpost.com/octopus-scanner-tentacles-github-repositories/156204/ Octopus Scanner Sinks Tentacles into GitHub Repositories | Threatpost Jun 2, 2020 - At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain. github repositoriesoctopusscannersinkstentacles https://threatpost.com/rainbowmix-apps-google-play-ad-fraud/159982/ RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims | Threatpost Oct 8, 2020 - Collectively, 240 fraudulent Android apps — masquerading as retro game emulators — account for 14 million installs. https://threatpost.com/a-guide-to-surviving-a-ransomware-attack/180110/ A Guide to Surviving a Ransomware Attack | Threatpost Jun 30, 2022 - Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our... a guide toransomware attacksurvivingthreatpost https://threatpost.com/author/thomas/ Author: Tom Spring | Threatpost Tom Spring is Editor-in-Chief of Threatpost. For the past two decades he has worked at a number of national publications in the roles of executive editor… tom springauthorthreatpost https://threatpost.com/ransomware-ip-theft-top-covid-19-healthcare-security-scares/162247/ Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares | Threatpost Dec 15, 2020 - From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security... healthcare securityransomwareipthefttop https://threatpost.com/top-2018-security-and-privacy-stories/140312/ Top 2018 Security and Privacy Stories | Threatpost Dec 17, 2019 - The top cybersecurity and privacy trends that biggest impact in 2018. security and privacytopstoriesthreatpost https://threatpost.com/unpatched-windows-zero-day-privileged-file-access/176609/ Unpatched Windows 10 Zero-Day Allows Privileged File Access | Threatpost Nov 29, 2021 - A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug. zero dayfile accesswindowsallowsprivileged https://threatpost.com/rob-joyce-nsa-cybersecurity-director/163160/ Rob Joyce to Take Over as NSA Cybersecurity Director | Threatpost Jan 19, 2021 - Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration. rob joycetake overnsacybersecurity https://threatpost.com/kaiser-permanente-breach/179949/ Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach | Threatpost Jun 14, 2022 - Attackers gained access to private account details through an email compromise incident that occurred in April. kaiser permanentemedical recordsin data https://threatpost.com/nsa-warns-public-networks-are-hacker-hotbeds/168268/ NSA Warns Public Networks are Hacker Hotbeds | Threatpost Jul 30, 2021 - Agency warns attackers targeting teleworkers to steal corporate data. public networksnsawarnshackerhotbeds https://threatpost.com/author/infosec_contributor/ Author: Infosec Contributor | Threatpost authorinfoseccontributorthreatpost https://threatpost.com/pandemic-reshaping-bug-bounty-landscape/160644/ How the Pandemic is Reshaping the Bug Bounty Landscape | Threatpost Oct 28, 2020 - Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more. the pandemicbug bountyreshapinglandscapethreatpost https://threatpost.com/ebooks/cloud-security-the-forecast-for-2022/ Cloud Security: The Forecast for 2022 | Threatpost Sep 1, 2022 - Stay ahead of learning what the emerging cloud trends are for defenders and attackers. Get the whole story and download this FREE eBook today! cloud securitythe forecastthreatpost https://threatpost.com/cybercriminals-are-selling-access-to-chinese-surveillance-cameras/180478/ Cybercriminals Are Selling Access to Chinese Surveillance Cameras | Threatpost Aug 25, 2022 - Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. access tosurveillance camerascybercriminalssellingchinese https://threatpost.com/2021-solarwinds-fallout-shifting-ciso-budgets/162897/ A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets | Threatpost Sep 16, 2021 - Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021. look aheadsolarwindsfalloutshiftingciso https://threatpost.com/top-mobile-security-stories-2019/151420/ Top Mobile Security Stories of 2019 | Threatpost Jan 3, 2020 - Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the... top mobilesecurity storiesthreatpost https://threatpost.com/twitter-5000-accounts-disinformation-campaigns/145764/ 5,000 Twitter Accounts Linked to Disinformation Campaigns | Threatpost Jun 17, 2019 - The social platform has suspended six sets of accounts across four jurisdictions for running alleged influence campaigns, including Iran. twitter accountslinked todisinformationcampaignsthreatpost https://threatpost.com/ransomware-demands-spike-payments-rise/163744/ Ransomware Demands Spike 320%, Payments Rise | Threatpost Feb 11, 2021 - Remote work continues to fueling a spike in phishing and cyberattacks, particularly in the U.S. ransomwaredemandsspikepaymentsrise https://threatpost.com/google-chrome-affected-by-magellan-2-0-flaws/151446/ Google Chrome Affected By Magellan 2.0 Flaws | Threatpost Dec 27, 2019 - Researchers warn that five vulnerabilities that stem from SQLite could enable remote code execution. google chromeaffectedmagellanflawsthreatpost https://threatpost.com/facebook-security-debacles-2019-year-in-review/151306/ Facebook Security Debacles: 2019 Year in Review | Threatpost Jan 3, 2020 - 2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security... year in reviewfacebooksecuritythreatpost https://threatpost.com/2021-cybersecurity-trends/162629/ 2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud | Threatpost Dec 31, 2020 - Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of... cybersecurity trendsbiggerbudgetsendpointemphasis https://threatpost.com/contis-costa-rica/180258/ Conti’s Reign of Chaos: Costa Rica in the Crosshairs | Threatpost Jul 21, 2022 - Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica? costa ricain thereignchaoscrosshairs https://threatpost.com/your-java-date-022309/72384/ Is your Java up to date? | Threatpost up to datejavathreatpost https://threatpost.com/cyber-defense-public-cloud/179342/ Rethinking Cyber-Defense Strategies in the Public-Cloud Age | Threatpost Apr 21, 2022 - Exploring what’s next for public-cloud security, including top risks and how to implement better risk management. in the publiccyber defenserethinkingstrategiescloud https://threatpost.com/author/natenelson/ Author: Nate Nelson | Threatpost nate nelsonauthorthreatpost https://threatpost.com/microsoft-patches-dogwalk-zero-day-and-17-critical-flaws/180378/ Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws | Threatpost Aug 10, 2022 - August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. zero daymicrosoftpatchescriticalflaws https://threatpost.com/jokers-stash-carding-site-taken-down/162548/ Joker’s Stash Carding Site Taken Down | Threatpost Dec 22, 2020 - The underground payment-card data broker saw its blockchain DNS sites taken offline after an apparent law-enforcement effort - and now Tor sites are down. carding sitetaken downstashthreatpost https://threatpost.com/irs-impersonation-attacks-malware-nationwide/147701/ IRS Impersonation Attacks Spread Malware Nationwide | Threatpost Aug 28, 2019 - The emails are well-crafted and extremely convincing. impersonation attacksirsspreadmalwarenationwide https://threatpost.com/notpetya-linked-to-industroyer-attack-on-ukraine-energy-grid/138287/ NotPetya Linked to Industroyer Attack on Ukraine Energy Grid | Threatpost Sep 30, 2021 - Evidence shows that three of the most destructive incidents seen in modern cyber-history are the work of one APT. linked toenergy gridnotpetyaindustroyerattack https://threatpost.com/category/breach/ Category: Breach | Threatpost categorybreachthreatpost https://threatpost.com/lazarus-group-advanced-malware-framework/157636/ Lazarus Group Surfaces with Advanced Malware Framework | Threatpost Jul 22, 2020 - The North Korean APT has been using the multiplatform framework, called MATA, for a number of purposes, from spying to financial gain. lazarus groupadvanced malwaresurfacesframeworkthreatpost https://threatpost.com/windows-zero-days-israeli-spyware-dissidents/167865/ Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware | Threatpost Jul 16, 2021 - Candiru, aka Sourgum, allegedly sells the DevilsTongue surveillance malware to governments around the world. windowsdaysuseddissidentsisraeli https://threatpost.com/women-minorities-hacked/175038/ Women, Minorities Are Hacked More Than Others | Threatpost Sep 27, 2021 - Income level, education and being part of a disadvantaged population all contribute to cybercrime outcomes, a survey suggests. more thanwomenminoritieshackedothers https://threatpost.com/category/hacks/ Category: Hacks | Threatpost categoryhacksthreatpost https://threatpost.com/cloud-ransomware-convergence/177112/ Convergence Ahoy: Get Ready for Cloud-Based Ransomware | Threatpost Dec 17, 2021 - Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments. get readyfor cloudconvergenceahoybased https://threatpost.com/webinars/lessons-learned-from-log4j-exploit/ Lessons Learned from the Log4j Exploit | Threatpost Sep 1, 2022 - On-demand Event: Watch NOW to learn why the Log4j vulnerability is so severe and easy steps you can take to mitigate your risk. lessons learnedfrom thelog4jexploitthreatpost https://threatpost.com/pwn2own-2009-browsers-and-smart-phones-are-targets-022509/72380/ Pwn2Own 2009: Browsers and smart phones are targets | Threatpost smart phonespwn2ownbrowserstargetsthreatpost https://threatpost.com/cyberattackers-ups-backup-power-critical-environments/179169/ Cyberattackers Target UPS Back-Up Power Devices in Mission-Critical Environments | Threatpost Mar 30, 2022 - The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more. back up powermission critical https://threatpost.com/spotlight-on-the-cybercriminal-supply-chains/165552/ Spotlight on Cybercriminal Supply Chains | Threatpost Sep 16, 2021 - In this Threatpost podcast Fortinet’s top researcher outlines what a cybercriminal supply chain is and how much the illicit market is worth. spotlight onsupply chainsthreatpost https://threatpost.com/executive-protection-digital-security/179803/ The Challenge Digital Executive Protection Poses to Enterprise Security Teams | Threatpost Jun 2, 2022 - CISOs protect executives within the organization. Risks originate in personal digital lives that challenge enterprise security teams and cannot be solved. digital executive protectionthe challengeenterprise securityposesteams https://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/ Watering Hole Attacks Push ScanBox Keylogger | Threatpost Aug 30, 2022 - Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. watering holeattackspushscanboxkeylogger https://threatpost.com/2019-the-year-ahead-in-cybersecurity/140272/ 2019: The Year Ahead in Cybersecurity | Threatpost Apr 19, 2019 - What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing. the year aheadcybersecuritythreatpost https://threatpost.com/bug-bounty-fall-flat/166568/ Where Bug Bounty Programs Fall Flat | Threatpost Sep 16, 2021 - Some criminals package exploits into bundles to sell on cybercriminal forums years after they were zero days, while others say bounties aren’t enough . bug bounty programsfallflatthreatpost https://threatpost.com/mitel-voip-bug-exploited/180079/ Mitel VoIP Bug Exploited in Ransomware Attacks | Threatpost Jun 28, 2022 - Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim’s environments. ransomware attacksmitelvoipbugexploited https://threatpost.com/google-ads-cryptowallets-scammers/176047/ Google Ads for Faux Cryptowallets Net Scammers At Least $500K | Threatpost Nov 5, 2021 - Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds. google adsat leastfaux https://threatpost.com/380k-kubernetes-api-servers-exposed-to-public-internet/179679/ 380K Kubernetes API Servers Exposed to Public Internet | Threatpost May 20, 2022 - More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. kubernetes apipublic internetserversexposedthreatpost https://threatpost.com/fido-knife-murder-passwords/179031/ FIDO: Here’s Another Knife to Help Murder Passwords | Threatpost Mar 22, 2022 - After years of promising a passwordless future – really, any day now! – FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts... to helpfidoanotherknifemurder https://threatpost.com/spider-man-no-way-home-download-installs-cryptominer/177254/ ‘Spider-Man: No Way Home’ Download Installs Cryptominer | Threatpost Dec 23, 2021 - The origin of the Monero cryptominer file has been traced to a Russian torrent website, researchers report. no waymandownloadinstallscryptominer https://threatpost.com/covid-19-clinical-trials-ransomware/159877/ COVID-19 Clinical Trials Slowed After Ransomware Attack | Threatpost Oct 7, 2020 - The attack on eResearchTechnology potentially slowed down coronavirus research worldwide, and researchers suggest a nation-state actor could be behind the... clinical trialsransomware attackcovidslowedthreatpost https://threatpost.com/bug-nsa-china-backed-cyberattacks/160421/ Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks | Threatpost Oct 22, 2020 - The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities. bug paradensawarnschina https://threatpost.com/protect-account-takeover-cyberattacks/175090/ How to Prevent Account Takeovers in 2021 | Threatpost Sep 28, 2021 - Dave Stewart, Approov CEO, lays out six best practices for orgs to avoid costly account takeovers. how to preventaccount takeoversthreatpost https://threatpost.com/popular-bait-in-phishing-attacks/180281/ Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands | Threatpost Jul 26, 2022 - Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. phishing attackswith microsoft https://threatpost.com/the-enemy-within-how-insider-threats-are-changing/157302/ The Enemy Within: How Insider Threats Are Changing | Threatpost Jul 14, 2020 - Insider-threat security experts unravel the new normal during this time of remote working, and explain how to protect sensitive data from this escalating risk. the enemy withininsider threatschangingthreatpost https://threatpost.com/fin6-and-trickbot-combine-forces-in-anchor-attacks/154508/ FIN6 and TrickBot Combine Forces in ‘Anchor’ Attacks | Threatpost Apr 7, 2020 - FIN6 fingerprints were spotted in recent cyberattacks that initially infected victims with the TrickBot trojan, and then eventually downloaded the Anchor... combineforcesattacksthreatpost https://threatpost.com/ad-fraud-iot-hack/144552/ Hackers Take Over IoT Devices to ‘Click’ on Ads | Threatpost take overiot deviceshackersadsthreatpost https://threatpost.com/critical-bug-patched-in-schneider-electric-vehicle-charging-station/140370/ Critical Bug Patched in Schneider Electric Vehicle Charging Station | Threatpost Dec 24, 2018 - Vulnerability in electric car charging stations could allow attackers to compromise devices. electric vehicle chargingcriticalbugpatchedschneider https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/ Free HermeticRansom Ransomware Decryptor Released | Threatpost Mar 4, 2022 - Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists. ransomware decryptorfreereleasedthreatpost https://threatpost.com/war-impact-cyber-insurance/180185/ How War Impacts Cyber Insurance | Threatpost Jul 12, 2022 - Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market. cyber insurancewarimpactsthreatpost https://threatpost.com/clubhouse-facebook-data-sale/175023/ 3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale | Threatpost Sep 28, 2021 - Combined cache of data likely to fuel rash of account takeover, smishing attacks, experts warn. up for salefacebook databillioncombinedclubhouse https://threatpost.com/qbot-trojan-us-banking-customers/156624/ Qbot Trojan Reappears to Go After U.S. Banking Customers | Threatpost Jun 19, 2020 - The 12-year-old malware is still dangerous, sporting advanced evasion techniques. to gou s https://threatpost.com/third-party-apis-enumeration-attacks/162589/ Third-Party APIs: How to Prevent Enumeration Attacks | Threatpost Dec 23, 2020 - Jason Kent, hacker-in-residence at Cequence, walks through online-retail card fraud and what to do about it. how to preventthird partyapisenumerationattacks https://threatpost.com/author/lisavaas/ Author: Lisa Vaas | Threatpost authorlisavaasthreatpost https://threatpost.com/solarwinds-hack-linked-turla-apt/162918/ SolarWinds Hack Potentially Linked to Turla APT | Threatpost Jan 11, 2021 - Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. linked tosolarwindshackpotentiallyturla https://threatpost.com/hybrid-work-hardware-based-security/180170/ Hybrid-Work Drives Hardware Security Strategies | Threatpost Jul 14, 2022 - New remote business reality pushes security teams to retool to protect expanding attack surfaces. hybrid workhardware securitydrivesstrategiesthreatpost https://threatpost.com/emotet-returns-100k-mailboxes/162584/ Emotet Returns to Hit 100K Mailboxes Per Day | Threatpost Dec 23, 2020 - Just in time for the Christmas holiday, Emotet is sending the gift of Trickbot. emotetreturnshit100kmailboxes https://threatpost.com/public-exploits-atlassian-confluence-flaw/179887/ Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw | Threatpost Jun 8, 2022 - The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. atlassian confluenceattackersusepublicexploits