Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open
A default configuration allows full admin access to unauthenticated attackers.
Featured news
Fallout EK Retools for a Fresh New 2019 Look
The Fallout EK has added the latest Flash vulnerability to its bad of tricks, among other tune-ups.
Twitter Android Glitch Exposed Private Tweets for Years
Twitter has fixed the issue, which has been ongoing since 2014.
Google Play Removes Malicious Malware-Ridden Apps
Two apps on Google Play were infecting devices with the Anubis mobile banking trojan.
Editor's Picks
Latest news
Threatpost editors break down the top headlines from the week ended Jan. 18.
Microsoft is offering rewards of up to $20,000 for flaws in its Azure DevOps online services and the latest release of the Azure DevOps server.
Apple CEO Tim Cook has called on the government to double down on data privacy regulation in 2019.
Thousands of individual breaches make up the database, one of the largest troves of stolen credentials ever seen.
New samples of cryptomining malware performs a never-before-seen function: uninstalling cloud security products.
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
PodcastsView all
Threatpost News Wrap Podcast For Jan. 18
Threatpost editors break down the top headlines from the week ended Jan. 18.
Podcast: Emotet Grows With Fast-Evolving Tactics
Threatpost discusses the future of the Emotet banking trojan with Cylance.
Snowden’s Attorney Urges Canada to Take in Whistleblower Helpers (Part Two)
Robert Tibbo discusses being pushed to leave Hong Kong under pressure and efforts made to the Canadian government to grant refugee status to the “Snowden refugees.”
Podcast: Beware These Top Security Threats in 2019
In this week’s podcast, we weigh in on the top threats to watch out for in 2019 – from fraud to IoT.
Snowden’s Attorney Talks Govt Harrassment of Whistleblower Helpers (Part One)
Robert Tibbo discusses the challenges he and his clients face in Hong Kong as the government there targets both in a harassment campaign for aiding Edward Snowden.
Podcast: Breaking Down the Magecart Threat (Part Two)
In part two of our podcast series on Magecart, we talk to expert Yonathan Klijnsma, who has been tracking the threat for years.
Threatpost News Wrap Podcast for Nov. 23
From Ford data security speculation to the VisionDirect data breach, the Threatpost editors talk about this week’s biggest stories.
Podcast: Breaking Down the Magecart Threat (Part One)
In the first part of our podcast series, we talked to Rapid7’s chief data scientist about how Magecart has changed.
Podcast: Why ‘Throwing Money’ at Threats Won’t Work
How can businesses create an effective cyber defense strategy? It starts with defining success, an expert tells us.
VideosView all
Video: Bishop Fox on Device Threats and Layered Security
Bishop Fox’s Christie Terrill talks to us about IoT security and other trends at Black Hat 2018 this month.
Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises
Armis’ CTO discusses the top IoT security issues in the marketplace today – and whether device manufacturers will start to prioritize security.
Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks
Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats
Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.
HackerOne CEO Talks Bug Bounty Programs at RSA Conference
Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?
A Closer Look at APT Group Sofacy’s Latest Targets
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.
Programs Controlling ICS Robotics Are ‘Wide Open’ to Vulnerabilities
Dewan Chowdhury, founder of MalCrawler, talks at SAS about the risks that companies face when securing their industrial control systems and robotics.
The ‘Perfect Storm’ of Disinformation and Hacking
Matt Tait gives a list of examples throughout history where politically motivated groups have used disinformation and hacking as part of a campaign to shape public opinion.
Cisco Warns of Critical Flaw in Voice OS-based Products
Cisco Systems issued patch that fixes a critical vulnerability impacting 12 products running the Cisco Voice Operating System software.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.