Data Breaches of the Week: Tales of PoS Malware, Latrine Status
U.S. and subcontinent consumers were the most affected by this week’s exposure revelations.
Featured news
Phishing Scam Cloaks Malware With Fake Google reCAPTCHA
Phishing emails target a bank’s users with malware – and make their landing page look more legitimate with fake Google reCAPTCHAs.
Threatpost News Wrap Podcast For Feb. 22
From password manager vulnerabilities to 19-year-old flaws, the Threatpost team broke down this week’s biggest news stories.
Reddit Gold: Alice and Bob, Caught in a Web of Lies
There was a shocking turn of events in crypto-world.
Latest news
Threatpost talks to HackerOne CEO Marten Mickos on the EU’s funding of open source bug bounty programs, how a company can start a program, and the next generation of bounty hunters.
Weigh in on password managers with our Threatpost poll.
Premium-access credentials to porn sites are hot in the cyber-underground, as credential-harvesting malware proliferates.
Adobe has issued yet another patch for a critical vulnerability in its Acrobat Reader – a week after the original fix.
Admins should update immediately to fix a remote code-execution vulnerability.
Most popular
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
PodcastsView all
Threatpost News Wrap Podcast For Feb. 22
From password manager vulnerabilities to 19-year-old flaws, the Threatpost team broke down this week’s biggest news stories.
Threatpost News Wrap Podcast For Feb. 1
From Facebook’s research app being pulled from iOS devices to a new-found dump of compromised credentials, here are the top news of the week.
Threatpost News Wrap Podcast For Jan. 25
From a massive GDPR fine on a big tech company, to an emergency government security alert, here are the top security stories of the week.
Threatpost News Wrap Podcast For Jan. 18
Threatpost editors break down the top headlines from the week ended Jan. 18.
Podcast: Emotet Grows With Fast-Evolving Tactics
Threatpost discusses the future of the Emotet banking trojan with Cylance.
Snowden’s Attorney Urges Canada to Take in Whistleblower Helpers (Part Two)
Robert Tibbo discusses being pushed to leave Hong Kong under pressure and efforts made to the Canadian government to grant refugee status to the “Snowden refugees.”
Podcast: Beware These Top Security Threats in 2019
In this week’s podcast, we weigh in on the top threats to watch out for in 2019 – from fraud to IoT.
Snowden’s Attorney Talks Govt Harrassment of Whistleblower Helpers (Part One)
Robert Tibbo discusses the challenges he and his clients face in Hong Kong as the government there targets both in a harassment campaign for aiding Edward Snowden.
Podcast: Breaking Down the Magecart Threat (Part Two)
In part two of our podcast series on Magecart, we talk to expert Yonathan Klijnsma, who has been tracking the threat for years.
VideosView all
Video: HackerOne CEO on the Evolving Bug Bounty Landscape
Threatpost talks to HackerOne CEO Marten Mickos on the EU’s funding of open source bug bounty programs, how a company can start a program, and the next generation of bounty hunters.
Video: Bishop Fox on Device Threats and Layered Security
Bishop Fox’s Christie Terrill talks to us about IoT security and other trends at Black Hat 2018 this month.
Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises
Armis’ CTO discusses the top IoT security issues in the marketplace today – and whether device manufacturers will start to prioritize security.
Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks
Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats
Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.
HackerOne CEO Talks Bug Bounty Programs at RSA Conference
Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?
A Closer Look at APT Group Sofacy’s Latest Targets
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.
Programs Controlling ICS Robotics Are ‘Wide Open’ to Vulnerabilities
Dewan Chowdhury, founder of MalCrawler, talks at SAS about the risks that companies face when securing their industrial control systems and robotics.
The ‘Perfect Storm’ of Disinformation and Hacking
Matt Tait gives a list of examples throughout history where politically motivated groups have used disinformation and hacking as part of a campaign to shape public opinion.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.