Data Breach Bonanza: Dating Apps, Equifax, Mass Credential Dumps
Data-exposure “lowlights” for the week ending Feb. 15, 2019.
Featured news
Trickbot Malware Goes After Remote Desktop Credentials
The banking trojan is consistently evolving in hopes of boosting its efficacy.
Eight Cryptojacking Apps Booted From Microsoft Store
The eight apps were secretly stealing victims’ CPU power to mine for Monero.
Ultra-Sneaky Phishing Scam Swipes Facebook Credentials
Researchers warn that the phishing campaign looks “deceptively realistic.”
Latest news
Threat-hunters say the breached data from the massive Equifax incident is nowhere to be found, indicating a spy job.
Despite a welcome and needed DNS revamp, preventable abuse continues.
It has added the technique of using malicious XML files as its delivery method.
A Threatpost poll found that 52 percent don’t feel prepared to prevent a mobile security incident from happening. The results reflect a challenging mobile security landscape.
The dating site said users’ names and email addresses that were added to the system prior to May 2018 may be impacted.
Most popular
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
PodcastsView all
Threatpost News Wrap Podcast For Feb. 1
From Facebook’s research app being pulled from iOS devices to a new-found dump of compromised credentials, here are the top news of the week.
Threatpost News Wrap Podcast For Jan. 25
From a massive GDPR fine on a big tech company, to an emergency government security alert, here are the top security stories of the week.
Threatpost News Wrap Podcast For Jan. 18
Threatpost editors break down the top headlines from the week ended Jan. 18.
Podcast: Emotet Grows With Fast-Evolving Tactics
Threatpost discusses the future of the Emotet banking trojan with Cylance.
Snowden’s Attorney Urges Canada to Take in Whistleblower Helpers (Part Two)
Robert Tibbo discusses being pushed to leave Hong Kong under pressure and efforts made to the Canadian government to grant refugee status to the “Snowden refugees.”
Podcast: Beware These Top Security Threats in 2019
In this week’s podcast, we weigh in on the top threats to watch out for in 2019 – from fraud to IoT.
Snowden’s Attorney Talks Govt Harrassment of Whistleblower Helpers (Part One)
Robert Tibbo discusses the challenges he and his clients face in Hong Kong as the government there targets both in a harassment campaign for aiding Edward Snowden.
Podcast: Breaking Down the Magecart Threat (Part Two)
In part two of our podcast series on Magecart, we talk to expert Yonathan Klijnsma, who has been tracking the threat for years.
Threatpost News Wrap Podcast for Nov. 23
From Ford data security speculation to the VisionDirect data breach, the Threatpost editors talk about this week’s biggest stories.
VideosView all
Video: Bishop Fox on Device Threats and Layered Security
Bishop Fox’s Christie Terrill talks to us about IoT security and other trends at Black Hat 2018 this month.
Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises
Armis’ CTO discusses the top IoT security issues in the marketplace today – and whether device manufacturers will start to prioritize security.
Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks
Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats
Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.
HackerOne CEO Talks Bug Bounty Programs at RSA Conference
Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?
A Closer Look at APT Group Sofacy’s Latest Targets
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.
Programs Controlling ICS Robotics Are ‘Wide Open’ to Vulnerabilities
Dewan Chowdhury, founder of MalCrawler, talks at SAS about the risks that companies face when securing their industrial control systems and robotics.
The ‘Perfect Storm’ of Disinformation and Hacking
Matt Tait gives a list of examples throughout history where politically motivated groups have used disinformation and hacking as part of a campaign to shape public opinion.
Cisco Warns of Critical Flaw in Voice OS-based Products
Cisco Systems issued patch that fixes a critical vulnerability impacting 12 products running the Cisco Voice Operating System software.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.