Mobile Risks Boom in a Post-Perimeter World
The bloom is on mobile, whether it be the enterprise, employees or the cybercriminals plotting new ways to slip past a corporate defenses in a post-parameter world.
Featured news
Ransomware ‘Remediation’ Firm Exposed: Researchers Weigh in on Paying
1
The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses.
ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed
Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
Slack Bug Allows Remote File Hijacking, Malware Injection
An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel.
Editor's Picks
Latest news
An accidental permissions snafu caused a massive outage for all Salesforce customers that continues to affect some businesses.
A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown.
A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites.
The importance of reading the network tealeaves of a company’s network traffic to head off an attack.
From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.
Most popular
-
Forbes Becomes Latest Victim of Magecart Payment Card Skimmer
-
Twitter Leaks Apple iOS Users’ Location Data to Ad Partner
-
Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More
-
Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices
-
Intel CPUs Impacted By New Class of Spectre-Like Attacks
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
-
ThreatList: Top 5 Most Dangerous Attachment Types
-
ThreatList: Bad Bots Account for a Fifth of All Web Traffic, FinServ Hit the Worst
-
ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps
-
ThreatList: Half of All Attacks Aim at Supply Chain
-
ThreatList: Game of Thrones, a Top Malware Conduit for Cybercriminals
PodcastsView all
ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed
Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws
From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.
News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras
From a creepy Airbnb incident to Verizon’s Data Breach Investigations Report, Threatpost editors break down the top privacy and security stories for the week ended May 10.
Extinguishing the IoT Insecurity Dumpster Fire
Will connected devices be insecure forever? Or will legislation – such as the recent UK mandate announced this week – help boost IoT security?
News Wrap: Cartoon Network Hack, the Catholic Church and Jason Statham Scams
The Threatpost team breaks down the strangest security stories this week – from Cartoon Network hacked to show stripper videos, to a church being scammed out of $1.75 million.
News Wrap: Amazon Echo Privacy, Facebook FTC Fines and Biometrics Regulation
On this week’s Threatpost news wrap, the team discusses Facebook’s FTC fine for its data security practices, a report that Amazon is collecting Echo users’ geolocation data, and more.
SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter
At SAS 2019, Recorded Future CTO discusses a new kind of high-profile influence campaign spotted using a new technique: Old news.
SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’
At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain threats.
Podcast: Chris Vickery on UpGuard’s Discovery of Millions of Facebook Records
Chris Vickery with UpGuard, who discovered two datasets exposing millions of Facebook records, discusses his findings and the implications of data collection with Threatpost.
VideosView all
Hackers Take Over IoT Devices to ‘Click’ on Ads
A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab.
Lax Telco Security Allows Mobile Phone Hijacking and Redirects
A Q&A with Kaspersky Lab researcher David Jacoby examines a gaping hole in the telco customer-service process that allows adversaries to commandeer phone calls.
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Insider Threats Get Mean, Nasty and Very Personal
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
RSA Conference 2019: The Expanding Automation Platform Attack Surface
Hacking into smart homes is becoming increasingly easy and a great way to steal victims’ personal information, Trend Micro said at RSA 2019.
RSA Conference 2019: Emotet Takes Aim at Latin America
RAT activity in Latin America and Asia ramped up at the end of 2018, indicating widespread coordinated targeting by threat actors.
RSA Conference 2019: Firms Continue to Fail at IoT Security
IoT is growing more popular in the home – and so too are the attacks that target these devices featuring valuable data, researchers said at RSA 2019.
RSA Conference 2019: BleedingBit Flaws Continue to Plague Firms
BleedingBit’s impact continues to spread across various devices, researchers at RSA Conference 2019 said.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.