Password Manager Firms Blast Back at ‘Leaky Password’ Revelations
1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory.
Featured news
Researcher: Not Hard for a Hacker to Capsize a Ship at Sea
Capsizing a ship with a cyberattack is a relatively low-skill enterprise, according to an analysis from Pen Test Partners.
Apple’s Shazam App Boots Facebook Ads and Other Third-Party SDKs
The music-recognition app that Apple bought for $400 million is removing Facebook Ads, DoubleClick, Facebook Analytics and more.
Separ Malware Plucks Hundreds of Companies’ Credentials in Ongoing Phish
An ongoing phishing campaign is targeting hundreds of businesses to steal their email and browser credentials using a simply – but effective – malware.
Latest news
GitHub is offering unlimited rewards for critical vulnerabilities – and has added “safe harbor” terms to its bug bounty program.
As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts.
Windows 7 and Windows Server 2008 users are being asked to upgrade their encryption support.
Russia-linked actors need just 18 minutes to go from compromise to lateral movement.
This is the third update to the prolific GandCrab malware within the past year.
Most popular
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
PodcastsView all
Threatpost News Wrap Podcast For Feb. 1
From Facebook’s research app being pulled from iOS devices to a new-found dump of compromised credentials, here are the top news of the week.
Threatpost News Wrap Podcast For Jan. 25
From a massive GDPR fine on a big tech company, to an emergency government security alert, here are the top security stories of the week.
Threatpost News Wrap Podcast For Jan. 18
Threatpost editors break down the top headlines from the week ended Jan. 18.
Podcast: Emotet Grows With Fast-Evolving Tactics
Threatpost discusses the future of the Emotet banking trojan with Cylance.
Snowden’s Attorney Urges Canada to Take in Whistleblower Helpers (Part Two)
Robert Tibbo discusses being pushed to leave Hong Kong under pressure and efforts made to the Canadian government to grant refugee status to the “Snowden refugees.”
Podcast: Beware These Top Security Threats in 2019
In this week’s podcast, we weigh in on the top threats to watch out for in 2019 – from fraud to IoT.
Snowden’s Attorney Talks Govt Harrassment of Whistleblower Helpers (Part One)
Robert Tibbo discusses the challenges he and his clients face in Hong Kong as the government there targets both in a harassment campaign for aiding Edward Snowden.
Podcast: Breaking Down the Magecart Threat (Part Two)
In part two of our podcast series on Magecart, we talk to expert Yonathan Klijnsma, who has been tracking the threat for years.
Threatpost News Wrap Podcast for Nov. 23
From Ford data security speculation to the VisionDirect data breach, the Threatpost editors talk about this week’s biggest stories.
VideosView all
Video: Bishop Fox on Device Threats and Layered Security
Bishop Fox’s Christie Terrill talks to us about IoT security and other trends at Black Hat 2018 this month.
Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises
Armis’ CTO discusses the top IoT security issues in the marketplace today – and whether device manufacturers will start to prioritize security.
Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks
Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats
Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.
HackerOne CEO Talks Bug Bounty Programs at RSA Conference
Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?
A Closer Look at APT Group Sofacy’s Latest Targets
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.
Programs Controlling ICS Robotics Are ‘Wide Open’ to Vulnerabilities
Dewan Chowdhury, founder of MalCrawler, talks at SAS about the risks that companies face when securing their industrial control systems and robotics.
The ‘Perfect Storm’ of Disinformation and Hacking
Matt Tait gives a list of examples throughout history where politically motivated groups have used disinformation and hacking as part of a campaign to shape public opinion.
Cisco Warns of Critical Flaw in Voice OS-based Products
Cisco Systems issued patch that fixes a critical vulnerability impacting 12 products running the Cisco Voice Operating System software.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.