Cisco Patches Critical Flaw In ASR 9000 Routers
The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.
Featured news
Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug
The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.
Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.
Poll: Facebook Harvests Email Contacts for 1.5M Users – Is Enough, Enough?
Take our short poll on how far Facebook can push its luck.
Editor's Picks
-
Authentication Bypass Bug Hits Top Enterprise VPNs
-
Microsoft Outlook Breach Widens in Scope, Impacting MSN And Hotmail – Report
-
Rogue Waves: Preparing the Internet for the Next Mega DDoS Attack
-
WordPress Yellow Pencil Plugin Flaws Actively Exploited
-
SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’
Latest news
The flaw, which existed in a Shopify API endpoint, has been patched.
After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.
The financial services industry sees nearly half of all website traffic coming from malicious bots.
Overall Oracle patched 297 flaws across multiple product as part of its April security update.
Most popular
Newsmaker Interviews
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
-
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Most Recent ThreatLists
-
ThreatList: Bad Bots Account for a Fifth of All Web Traffic, FinServ Hit the Worst
-
ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps
-
ThreatList: Half of All Attacks Aim at Supply Chain
-
ThreatList: Game of Thrones, a Top Malware Conduit for Cybercriminals
-
ThreatList: Remote Workers Threaten 1 in 3 Organizations
PodcastsView all
SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter
At SAS 2019, Recorded Future CTO discusses a new kind of high-profile influence campaign spotted using a new technique: Old news.
SAS 2019: Joe FitzPatrick Warns of the ‘$5 Supply Chain Attack’
At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain threats.
Podcast: Chris Vickery on UpGuard’s Discovery of Millions of Facebook Records
Chris Vickery with UpGuard, who discovered two datasets exposing millions of Facebook records, discusses his findings and the implications of data collection with Threatpost.
Podcast: The High-Risk Threats Behind the Norsk Hydro Cyberattack
Threatpost talks to Phil Neray with CyberX about Tuesday’s ransomware attack on aluminum producer Norsk Hydro, and how it compares to past manufacturing attacks like Triton, WannaCry and more.
RSA Conference 2019 Recap
From privacy to patches, Threatpost editors discuss the biggest infosec news and trends that they saw this week at RSA Conference 2019.
RSA Conference 2019: Data-Wiping Cyberattacks Plague Financial Firms
A new report outlines the cyberattacks and threats that financial firms are facing.
RSA Conference 2019: Picking Apart the Foreshadow Attack
Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws.
Podcast: RSA Conference 2019 Preview
The Threatpost team talks about the biggest cybersecurity stories, trends and research we’ll see at RSA this year.
Threatpost News Wrap Podcast For Feb. 22
From password manager vulnerabilities to 19-year-old flaws, the Threatpost team broke down this week’s biggest news stories.
VideosView all
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Insider Threats Get Mean, Nasty and Very Personal
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
RSA Conference 2019: The Expanding Automation Platform Attack Surface
Hacking into smart homes is becoming increasingly easy and a great way to steal victims’ personal information, Trend Micro said at RSA 2019.
RSA Conference 2019: Emotet Takes Aim at Latin America
RAT activity in Latin America and Asia ramped up at the end of 2018, indicating widespread coordinated targeting by threat actors.
RSA Conference 2019: Firms Continue to Fail at IoT Security
IoT is growing more popular in the home – and so too are the attacks that target these devices featuring valuable data, researchers said at RSA 2019.
RSA Conference 2019: BleedingBit Flaws Continue to Plague Firms
BleedingBit’s impact continues to spread across various devices, researchers at RSA Conference 2019 said.
RSA Video 2019: How to Defend Against an AI vs AI ‘Flash War’
Offensive cyber attack chains are accelerating rapidly thanks to a combination of artificial intelligence, machine learning and broadening threat landscape.
RSA Conference 2019: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts
A scammer ring dubbed Scarlet Widow has targeted nonprofits, schools and universities with an array of business email compromise (BEC) attacks over the past few months.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.