The U.S. Department of Justice indicts middle-aged doctor, accusing him of being a malware mastermind.
Threatpost
@threatpost
Threatpost is the first stop for fast-breaking security news, conversations and analysis from around the world.
Threatpost’s Tweets
More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access.
14
12
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.
9
4
Tony Lauro, director of security technology and strategy at , discusses reducing your company’s attack surface and the “blast radius” of a potential attack.
5
11
An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers so far.
8
8
Oops - Microsoft’s May Patch Tuesday update is triggering authentication errors.
1
13
24
Topics to follow
Sign up to get Tweets about the Topics you follow in your Home timeline.
Carousel
Dell and HP are among the first to release patches and fixes for the bug, which affects the Intel Optane SSD and Intel Optane Data Center (DC) products.
12
10
Connections show #cybercriminal teams from Conti & Diavol working together, signaling shifts in their respective tactics: bit.ly/3jLqAfH #ransomware
15
8
Feds warn: Power plants and other critical infrastructure at risk from state-sponsored #cyberattackers exploiting CVE-2020-15368 in #ICS devices #APT
24
16
1
28
19
8
9
Bank account compromise alert: SSRF Security Flaw in Fintech Platform
21
12
Notorious Hydra darknet market for drugs & data was decommissioned this week, after raking in $5B in profits
14
12
Automakers aren't doing that great of a job at cybersecurity, even as cars get more connected. And that worries #infosecurity experts:
28
18
"Not verrrry nice:" No-Joke Borat RAT Propagates Ransomware, DDoS
8
3
Lapsus$ said its back from a week-long “vacation," posting ~70GB worth of data purportedly stolen from software development giant Globant, reports. #cybersecurity #infosec
14
12
A critical vuln has bloomed in the Spring Cloud Function, which could lead to #RCE and the compromise of an entire internet-connected host, reports #cybersecurity #infosec
18
16
Scammers are using fake job listings to empty the wallets of young, hopeful victims looking to break into the gaming industry. �?Appalling’ Riot Games Job Fraud Takes Aim at Wallets... via #infosec #cybersecurity #itsecurity #MondayMotivation
11
5
Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
via
#Proficio #ThreatNews #Cybersecurity #MSSP #MDR
6
7
More Than Half Of #IoT Devices Vulnerable To Severe Attacks
by
Go to: buff.ly/2wLeNbW
#AI #BigData #ArtificialIntelligence #InternetofThings #Digital
Cc:
1
16
10
Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Where the Latest Log4Shell Attacks Are Coming From... via #infosec #cybersecurity #itsecurity #TuesdayTravel
1
11
17
Researchers lack confidence in organizations' defenses against looming Russian #cyberattacks, reports.
1
21
13
#Microsoft confirms #Lapsus$ breached one of its employee’s accounts to get “limited access” to project source code repositories, reports.
18
14
DeadBolt #ransomware has resurfaced in a new wave of attacks on QNAP that begin in mid-March #cybersecurity #infosec
14
6
A popular app in the Google Play store is actually spyware capable of stealing info from social media accounts (via ).
1
6
12
A team from reported a new threat that uses email-based lures and malicious files to deliver its payload to targets in the French construction, real-estate and government industries. #cybersecurity #infosec
7
4
The novel #phishing technique, described last week by a penetration tester and security researcher who goes by the handle mr.d0x, is called a browser-in-the-browser (BitB) attack reports. #cybersecurity #infosec
1
46
53
The Russian government is exploring “options for potential cyberattacks” on critical infrastructure in the U.S., the White House warned on Monday, in retaliation for sanctions and other punishments as the war in Ukraine grinds on. #cybersecurity #infosec
1
13
3
The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets.
Emotet’s Beha... via #infosec #cybersecurity #itsecurity #TuesdayTravel
1
8
7
6
7
Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that... via #infosec #cybersecurity #itsecurity #TuesdayTravel
6
3
8
7
Manufacturers already hampered by supply chain shortages are attractive targets for #ransomware groups. Bridgestone Corp., a major tires supplier to Toyota, is the latest victim. Denso — another Toyota supplier — was hit 11 days after them. bit.ly/3wuZFwl HT
4
5