Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks
The China-linked threat group has returned in 2018 using updated RATs to launch its attacks, including ZxShell, Gh0st RAT, and SysUpdate malware. Go to Source
‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud
A known vulnerability combined with a weakness in bare-metal server reclamation opens the door to powerful, high-impact attacks. Go to Source
High-Severity SHAREit App Flaws Open Files for the Taking
SHAREit has fixed two flaws in its app that allow bad actors to authenticate their devices and steal files from a victim’s device. Go to Source
Critical WinRAR Flaw Found Actively Being Exploited
The spam campaign is being used to spread a malicious .exe file, taking advantage of a vulnerability in WinRAR which was patched in January. Go to Source
The Dark Sides of Modern Cars: Hacking and Data Collection
How features such as infotainment and driver-assist can give others a leg up on car owners. Go to Source
Threatpost Data: Password Managers Are Worth the Risk, Readers Say
A Threatpost reader poll examined risk, vulnerabilities, 2FA, the human element, attitudes on spreadsheets and more when it comes to password managers. Go to Source
ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers
The attack threatens users with location-tracking, DoS, fake notifications and more. Go to Source
Google Ditches Passwords in Latest Android Devices
Google has announced FIDO2 certification for devices running on Android 7 and above – meaning that users can use biometrics, fingerprint login or PINs instead of passwords. Go to Source
Threatpost Poll: Are Password Managers Too Risky?
Weigh in on password managers with our Threatpost poll. Go to Source
Phishing Scam Cloaks Malware With Fake Google reCAPTCHA
Phishing emails target a bank’s users with malware – and make their landing page look more legitimate with fake Google reCAPTCHAs. Go to Source