Featured news
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
Linux Devices Under Attack by New FreakOut Malware
1
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.
Medical Device Security: Diagnosis Critical
Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced.
SolarWinds Malware Arsenal Widens with Raindrop
The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks.
Related Content
Latest news
Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.
Users of the Linux-based open-source firmware—which include developers from commercial router companies–may be targeted by phishing campaigns, administrators warn.
Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.
Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.
Security researchers lambasted the controversial macOS Big Sur feature for exposing users’ sensitive data.
Most popular
-
Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes
-
CISOs Prep For COVID-19 Exposure Notification in the Workplace
-
CES 2021 Gadgets: Worst in Privacy and Security Awards
-
Ethical Hackers Breach U.N., Access 100,000 Private Records
-
Telegram Bots at Heart of Classiscam Scam-as-a-Service
Newsmaker Interviews
Most Recent ThreatLists
-
The 5 Most-Wanted Threatpost Stories of 2020
-
Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data
-
Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020
-
Pandemic, A Driving Force in 2021 Financial Crime
-
ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats
PodcastsView all
CISOs Prep For COVID-19 Exposure Notification in the Workplace
Security teams are preparing for the inevitable return to the workplace – and the privacy implications of exposure notification apps that companies may need to adopt.
A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets
Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021.
Simplifying Proactive Defense With Threat Playbooks
FortiGuard Labs’ Derek Manky talks about how threat playbooks can equip defense teams with the tools they need to fight back against evolving attacker TTPs.
Cyber Monday is Every Monday: Securing the ‘New Normal’
From eCommerce threats, to attacks at the smart edge, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year.
‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices
A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns.
DNS Filtering: A Top Battle Front Against Malware and Phishing
Peter Lowe with DNSFilter discusses the science behind domain name system (DNS) filtering and how this method is effective in blocking out phishing and malware.
Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues
Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay.
Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattacks
While the industry focus is on vehicle hacking, when it comes to the automotive industry cybercriminals are opting for less complex and sophisticated attacks – from phishing to ransomware.
Botnet Attackers Turn to Vulnerable IoT Devices
Cybercriminals are leveraging the multitudes of vulnerable connected devices with botnets that launch dangerous distributed denial-of-service (DDoS) attacks.
VideosView all
Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks
Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks.
Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares
From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks.
How the Pandemic is Reshaping the Bug-Bounty Landscape
Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.
Experts Weigh in on E-Commerce Security Amid Snowballing Threats
How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike.
Cybercriminals Step Up Their Game Ahead of U.S. Elections
Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared.
A Cyber ‘Vigilante’ is Sabotaging Emotet’s Return
During Black Hat USA 2020, Threatpost talks to Sherrod DeGrippo, with Proofpoint, about Emotet’s recent return -and how a cyber vigilante is attempting to thwart the malware’s comeback.
Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes
With Black Hat USA 2020 kicking off this week, Erez Yalon with Checkmarx talks about newly disclosed, critical vulnerabilities in Meetup.com – and why they are the “holy grail” for attackers.
Encryption Under ‘Full-Frontal Nuclear Assault’ By U.S. Bills
The U.S. government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement.
Chris Vickery: AI Will Drive Tomorrow’s Data Breaches
Chris Vickery talks about his craziest data breach discoveries and why “vishing” is the next top threat no one’s ready for.
SlideshowView all
2020 Cybersecurity Trends to Watch
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.
Top Mobile Security Stories of 2019
Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.
Facebook Security Debacles: 2019 Year in Review
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.
Biggest Malware Threats of 2019
2019 was another banner year for bots, trojans, RATS and ransomware. Let’s take a look back.
Top 10 IoT Disasters of 2019
From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children’s connected toys, here are the top IoT disasters in 2019.
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.