Just-Released Checkra1n iPhone Jailbreak Stirs Security Concerns
Now that the checkm8 BootROM vulnerability has a working exploit, security pros are warning of potential attacks.
Featured news
Lizard Squad Threatens UK’s Labour Leader with Cyberattacks Against His Family
The threats follow a DDos attack bent on taking out the Labour Party’s online presence.
Stealthy Malware Flies Under AV Radar with Advanced Obfuscation
A threat campaign active since January customizes long-used droppers to infect victim machines and lift credentials and other data from browsers, according to Cisco Talos.
Double Vision: Stealthy Malware Dropper Delivers Dual RATs
A lengthy, multi-stage infection process leads to a duo of payloads, bent on stealing data.
Editor's Picks
Latest news
The copycat sites are using valid certificates to be more convincing.
Former national intelligence director James Clapper discusses lessons learned from the 2013 Snowden leak as well as the top cyberthreats that the U.S. is currently facing.
What are the best practices when evaluating security vendors in a crowded landscape? Arctic Wolf discusses.
In this video, a security expert discusses the California Consumer Privacy Act (CCPA), and its potential impact on privacy regulation across the U.S.
Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites.
Most popular
-
Double Vision: Stealthy Malware Dropper Delivers Dual RATs
-
Federal Court: Suspicionless Search of Traveler Devices by Border Agents Is Unconstitutional
-
ThreatList: Data Breaches Batter Stock Prices at Public Companies, For Months
-
DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure
-
Google’s Plan to Crunch Health Data on Millions of Patients Draws Fire
Newsmaker Interviews
-
No ‘Silver Bullet’ Fix for Alexa, Google Smart Speaker Hacks
-
Marc Rogers: Success of Anonymous Bug Submission Program ‘Takes A Village’
-
Thousands of IoT Devices Bricked By Silex Malware
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
Most Recent ThreatLists
-
ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical
-
ThreatList: Sharp Increase in Fake Mobile Apps Impersonating Legit Ones
-
ThreatList: Google’s Advertising Network Dominates Global Data Collection
-
ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users
-
ThreatList: Police Use of Facial Recognition is Just Fine, Say Most Americans
PodcastsView all
Podcast: Managing an Out-Of-Control Security Tech Stack
What are the best practices when evaluating security vendors in a crowded landscape? Arctic Wolf discusses.
ENFUSE 2019: Security Regulations, Insider Threats, and IoT Privacy Risks
Threatpost sits down with incident response expert Kevin Golas to discuss the top takeaways of ENFUSE 2019 this week.
News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails
From voice assistant hacks to insider threats, Threatpost editors break down this week’s biggest news.
Emotet Resurgence Continues With New Tactics, Techniques and Procedures
Since Emotet came out of hibernation last month, researchers are seeing the banking trojan’s authors take on a consistent trend of new evasion tactics and social engineering techniques.
News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach
Threatpost editors discuss this week’s biggest news – from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity.
WhatsApp Spyware Attack: Uncovering NSO Group Activity
John Scott-Railton with Citizen Lab, who helped WhatsApp investigate the NSO Group over the alleged WhatsApp hack, said the subsequent lawsuit is a “certified big deal.”
News Wrap: Hotel Robot Hacks, FTC Stalkerware Crackdown
From hacking hotel room robots to crackdowns on stalkerware apps, Threatpost editors break down this week’s top news stories.
No ‘Silver Bullet’ Fix for Alexa, Google Smart Speaker Hacks
Karsten Nohl, who was behind this week’s research that outlined new eavesdropping hacks for Alexa and Google Home, says that privacy for smart home assistants still has a ways to go.
Podcast: Insider Attacks May Soon Cost Less Than Malware-based Equivalent
At what point will infiltrating companies via the “insider threat model” become less costly and difficult than using malware? Threatpost discusses with a SolarWinds expert.
VideosView all
California’s Domino Effect on U.S. Privacy Regulation
In this video, a security expert discusses the California Consumer Privacy Act (CCPA), and its potential impact on privacy regulation across the U.S.
Post-GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware
A detailed look at underground forums shows that cybercriminals aren’t sure where to look on the heels of the GandCrab ransomware group shutting its doors – and low-level actors are taking advantage of that by developing their own strains.
Election Security Threats: From Misinformation to Voting Machine Flaws
From insecure voting machines to social media misinformation, governments have alot to think about when it comes to securing elections.
Security Vulnerabilities Are Increasingly Putting Kids at Risk
A kid’s tablet with security vulnerabilities is only the latest privacy faux pas in a children’s connected device.
Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.
Hackers Take Over IoT Devices to ‘Click’ on Ads
A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab.
Lax Telco Security Allows Mobile Phone Hijacking and Redirects
A Q&A with Kaspersky Lab researcher David Jacoby examines a gaping hole in the telco customer-service process that allows adversaries to commandeer phone calls.
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Insider Threats Get Mean, Nasty and Very Personal
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.