Zoom Fixes Flaw Opening Meetings to Hackers
Zoom has patched a flaw that could have allowed attackers to guess a meeting ID and enter a meeting.
Author Archives: Lindsey O'Donnell
Mandatory IoT Security in the Offing with U.K. Proposal
The new U.K. law mandates that manufacturers apply several security controls to their connected devices.
ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates
Ransomware actors are turning their sights on larger enterprises, making both average cost and downtime inflicted from attacks skyrocket.
Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings
The flaw could allow a remote, unauthenticated attacker to enter a password-protected video conference meeting.
New Bill Proposes NSA Surveillance Reforms
The newly-introduced bill targets the Patriot Act's Section 215, previously used by the U.S. government to collect telephone data from millions of Americans.
U.S. Gov Agency Targeted With Malware-Laced Emails
The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.
Cisco Warns of Critical Network Security Tool Flaw
The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.
Vivin Nets Thousands of Dollars Using Cryptomining Malware
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn't going away anytime soon.
sLoad Malware Revamped as Powerful ‘StarsLord’ Loader
The newest version of the sLoad malware dropper comes equipped with infection tracking capabilities and an anti-analysis trick.
PoC Exploits Do More Good Than Harm: Threatpost Poll
More than half of security experts think that the good outweighs the bad when it comes to proof-of-concept exploits, according to a recent Threatpost poll.
Citrix Accelerates Patch Rollout For Critical RCE Flaw
Citrix has issued the first of several updates fixing a critical vulnerability in various versions of its Citrix Application Delivery Controller (ADC) and Citrix Gateway products.
FTCODE Ransomware Now Steals Chrome, Firefox Credentials
New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook.
New JhoneRAT Malware Targets Middle East
Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?
Are publicly released proof-of-concept exploits more helpful for system defenders -- or bad actors?
News Wrap: PoC Exploits, Cable Haunt and Joker Malware
Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week's news wrap.
Critical Cisco Flaws Now Have PoC Exploit
The flaws affect a key tool for managing its network platform and switches.
PoC Exploits Published For Microsoft Crypto Bug
Two proof-of-concept exploits were publicly released for the major Microsoft crypto-spoofing vulnerability.
Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft
Threatpost talks to Venafi about the recently-disclosed Microsoft vulnerability and whether the hype around the flaw was warranted.
Equifax Settles Class-Action Breach Lawsuit for $380.5M
Class members have until Jan. 22, next week, to claim benefits.
Intel Fixes High-Severity Flaw in Performance Analysis Tool
The flaw, in Intel VTune Profiler, could enable privilege escalation.
Adobe Patches Five Critical Illustrator CC Flaws
Overall Adobe patched nine flaws in Illustrator CC and Experience Manager.