Goodbye Passwords: Hello Identity Management
As passwords are increasingly viewed as security liabilities, Identity Management solutions are picking up the slack.
Featured news
Soaring Cryptocurrency Prices Draw Malicious New Onslaught of Apps, Malware
2
As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.
SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day
As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.
Calibration Attack Drills Down on iPhone, Pixel Users
A new way of tracking mobile users creates a globally unique device fingerprint that browsers and other protections can’t stop.
Editor's Picks
Latest news
Coming to America: The Shade ransomware, which has historically targeted Russian victims, was recently spotted expanding its sights.
The “bestiary” houses six historical threats that combined resulted in at least $95B in damages worldwide.
The two critical cross-site request forgery flaws in the online learning non-profit Khan Academy have been resolved.
SandboxEscaper has released her latest local privilege-escalation exploit for Windows.
Google said it had stored G Suite enterprise users’ passwords in plain text since 2005 marking a giant security faux pas.
Most popular
-
Mozilla Tackles Two Critical Flaws with Firefox 67 Release
-
Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
-
WordPress WP Live Chat Support Plugin Fixes XSS Flaw
-
Critical Flaws in Khan Academy Opened Door to Account Takeovers
-
Slack Bug Allows Remote File Hijacking, Malware Injection
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
-
ThreatList: Top 5 Most Dangerous Attachment Types
-
ThreatList: Bad Bots Account for a Fifth of All Web Traffic, FinServ Hit the Worst
-
ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps
-
ThreatList: Half of All Attacks Aim at Supply Chain
-
ThreatList: Game of Thrones, a Top Malware Conduit for Cybercriminals
PodcastsView all
ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed
Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws
From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.
News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras
From a creepy Airbnb incident to Verizon’s Data Breach Investigations Report, Threatpost editors break down the top privacy and security stories for the week ended May 10.
Extinguishing the IoT Insecurity Dumpster Fire
Will connected devices be insecure forever? Or will legislation – such as the recent UK mandate announced this week – help boost IoT security?
News Wrap: Cartoon Network Hack, the Catholic Church and Jason Statham Scams
The Threatpost team breaks down the strangest security stories this week – from Cartoon Network hacked to show stripper videos, to a church being scammed out of $1.75 million.
News Wrap: Amazon Echo Privacy, Facebook FTC Fines and Biometrics Regulation
On this week’s Threatpost news wrap, the team discusses Facebook’s FTC fine for its data security practices, a report that Amazon is collecting Echo users’ geolocation data, and more.
SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter
At SAS 2019, Recorded Future CTO discusses a new kind of high-profile influence campaign spotted using a new technique: Old news.
SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’
At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain threats.
Podcast: Chris Vickery on UpGuard’s Discovery of Millions of Facebook Records
Chris Vickery with UpGuard, who discovered two datasets exposing millions of Facebook records, discusses his findings and the implications of data collection with Threatpost.
VideosView all
Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.
Hackers Take Over IoT Devices to ‘Click’ on Ads
A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab.
Lax Telco Security Allows Mobile Phone Hijacking and Redirects
A Q&A with Kaspersky Lab researcher David Jacoby examines a gaping hole in the telco customer-service process that allows adversaries to commandeer phone calls.
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Insider Threats Get Mean, Nasty and Very Personal
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
RSA Conference 2019: The Expanding Automation Platform Attack Surface
Hacking into smart homes is becoming increasingly easy and a great way to steal victims’ personal information, Trend Micro said at RSA 2019.
RSA Conference 2019: Emotet Takes Aim at Latin America
RAT activity in Latin America and Asia ramped up at the end of 2018, indicating widespread coordinated targeting by threat actors.
RSA Conference 2019: Firms Continue to Fail at IoT Security
IoT is growing more popular in the home – and so too are the attacks that target these devices featuring valuable data, researchers said at RSA 2019.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.