@jeremy
active 2 months, 3 weeks ago-
Jeremy McClure wrote a new post, High-Severity RCE Bug Found in Popular Apache Cassandra Database 3 months ago
On the plus side, only instances with non-standard not recommended configurations are vulnerable. On the downside, those configurations aren’t easy to track down, and it’s easy as pie to exploit.
High-Severity […]
-
Jeremy McClure wrote a new post, Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers 3 months ago
A group of five security vulnerabilities could lead to a range of bad outcomes for virtual-machine enthusiasts, including command execution and DoS.
Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers
-
Jeremy McClure wrote a new post, Emotet Now Spreading Through Malicious Excel Files 3 months ago
An ongoing malicious email campaign that includes macro-laden files and multiple layers of obfuscation has been active since late December.
Emotet Now Spreading Through Malicious Excel Files
-
Jeremy McClure wrote a new post, SquirrelWaffle Adds a Twist of Fraud to Exchange Server Malspamming 3 months ago
SquirrelWaffle attackers now use typosquatting to keep sending spam, even after Exchange servers are patched for ProxyLogon/ProxyShell.
SquirrelWaffle Adds a Twist of Fraud to Exchange Server Malspamming
-
Jeremy McClure wrote a new post, Chrome Zero-Day Under Active Attack: Patch ASAP 3 months ago
The year’s 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.
Chrome Zero-Day Under Active Attack: Patch ASAP
-
Jeremy McClure wrote a new post, TA2541: APT Has Been Shooting RATs at Aviation for Years 3 months ago
Since 2017, the attacker has flung simple off-the-shelf malware in malicious email campaigns aimed at aviation, aerospace, transportation and defense.
TA2541: APT Has Been Shooting RATs at Aviation for Years
-
Jeremy McClure wrote a new post, BlackByte Tackles the SF 49ers & US Critical Infrastructure 3 months ago
Hours before the Superbowl and two days after the FBI warned about the ransomware gang, BlackByte leaked what are purportedly the NFL team’s files.
BlackByte Tackles the SF 49ers & US Critical Infrastructure
-
Jeremy McClure wrote a new post, ‘Cities: Skylines’ Gaming Modder Banned Over Hidden Malware 3 months ago
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.
‘Cities: Skylines’ Gaming Modder Banned Over Hidden Malware
-
Jeremy McClure wrote a new post, Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack 3 months ago
The vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems.
Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack
-
Jeremy McClure wrote a new post, Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa 3 months ago
A collection of five security vulnerabilities with a collective CVSS score of 10 out of 10 threaten critical infrastructure environments that use Moxa MXview.
Critical MQTT-Related Bugs Open Industrial Networks […]
-
Jeremy McClure wrote a new post, Windows Container Malware Targets Kubernetes Clusters 11 months, 2 weeks ago
“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials.
Windows Container Malware Targets Kubernetes Clusters
-
Jeremy McClure wrote a new post, Cyberattack Suspected in Cox TV and Radio Outages 11 months, 2 weeks ago
Cox Media Group tv, radio station streams affected by a reported ransomware attack.
Cyberattack Suspected in Cox TV and Radio Outages
-
Jeremy McClure wrote a new post, Supreme Court Limits Scope of Controversial Hacking Law 11 months, 2 weeks ago
Judges rule that Georgia police officer did not violate CFAA when he accessed law-enforcement data in exchange for bribe money, a ruling that takes heat off ethical hackers.
Supreme Court Limits Scope of […]
-
Jeremy McClure wrote a new post, REvil Ransomware Gang Spill Details on US Attacks 11 months, 2 weeks ago
The REvil ransomware gang is interviewed on the Telegram channel called Russian OSINT.
REvil Ransomware Gang Spill Details on US Attacks
-
Jeremy McClure wrote a new post, ‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles 11 months, 2 weeks ago
Unprotected server exposes AMT Games user data containing user emails and purchase information.
‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles
-
Jeremy McClure wrote a new post, Google PPC Ads Used to Deliver Infostealers 11 months, 2 weeks ago
The crooks pay top dollar for Google search results for the popular AnyDesk, Dropbox & Telegram apps that lead to a malicious, infostealer-packed website.
Google PPC Ads Used to Deliver Infostealers
-
Jeremy McClure wrote a new post, Exchange Servers Targeted by ‘Epsilon Red’ Malware 11 months, 2 weeks ago
REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.
Exchange Servers Targeted by […]
-
Jeremy McClure wrote a new post, Then and Now: Securing Privileged Access Within Healthcare Orgs 11 months, 2 weeks ago
Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, discusses best practices for securing healthcare data against the modern threat landscape.
Then and Now: Securing Privileged Access […]
-
Jeremy McClure wrote a new post, Podcast: The State of Ransomware 11 months, 2 weeks ago
In this Threatpost podcast, Fortinet’s top researcher sketches out the ransom landscape, with takeaways from the DarkSide attack on Colonial Pipeline.
Podcast: The State of Ransomware
-
Jeremy McClure wrote a new post, Effective Adoption of SASE in 2021 11 months, 2 weeks ago
In this Threatpost podcast, Forcepoint’s SASE and Zero Trust director describes how the pandemic jump-started SASE adoption.
Effective Adoption of SASE in 2021
- Load More