SMS Phishing Campaign Targets Mobile Bank App Users in North America
Customers of RBC, HSBC, TD, Meridian, BNC and Chase are targeted in latest attack.
Featured news
News Wrap: Valentine’s Day Scams and Emotet’s Wi-Fi Hack
Top stories of this week include a new Emotet Wi-Fi hack and Robbinhood ransomware operators using a “bring your own bug” technique.
Hackers Can Seize Control of Ballots Cast Using the Voatz Voting App, Researchers Say
Flaws in the blockchain app some states plan to use in the 2020 election allow bad actors to alter or cancel someone’s vote or expose their private info.
Apple iPhone Users Targeted with Bogus Dating App for Valentine’s Day
The scam uses a range of themes, including tech-support scares and slot machines.
Editor's Picks
-
BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver
-
Active PayPal Phishing Scam Targets SSNs, Passport Photos
-
Docker Registries Expose Hundreds of Orgs to Malware, Data Theft
-
Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm
-
Critical Android Bluetooth Bug Enables RCE, No User Interaction Needed
Latest news
Security experts say that 5G supply chain concerns should be taken seriously – whether it’s in the context of Huawei or not.
The malicious Chrome extensions were secretly collecting users’ browser data and redirecting them to malware-laced websites.
Researchers are urging users of the GDPR Cookie Consent WordPress plugin to update as soon as possible.
A new Data Protection Agency would overhaul federal regulation efforts around data privacy – but experts are skeptical that the U.S. government can get it right.
A recent phishing scam targeted Puerto Rico’s Industrial Development Company.
Most popular
-
Docker Registries Expose Hundreds of Orgs to Malware, Data Theft
-
Hackers Can Seize Control of Ballots Cast Using the Voatz Voting App, Researchers Say
-
Google: Efforts Against Bad Android Apps on Play Store Are Working
-
News Wrap: Valentine’s Day Scams and Emotet’s Wi-Fi Hack
-
Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm
Newsmaker Interviews
Most Recent ThreatLists
-
ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates
-
ThreatList: 90% of SMBs Believe Nation-State Actors Are Targeting Them
-
ThreatList: A Third of Biometric Systems Targeted by Malware in Q3
-
ThreatList: Admin Rights for Third Parties is the Norm
-
ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical
PodcastsView all
News Wrap: Valentine’s Day Scams and Emotet’s Wi-Fi Hack
Top stories of this week include a new Emotet Wi-Fi hack and Robbinhood ransomware operators using a “bring your own bug” technique.
Katie Moussouris: The Bug Bounty Conflict of Interest
Katie Moussouris sounds off on the challenges behind creating successful bug bounty programs.
Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast
The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities.
Bezos, WhatsApp Cyberattacks Show Growing Mobile Sophistication
The recently disclosed Jeff Bezos phone hack and other incidents show that mobile devices are being increasingly targeted by sophisticated nation-state attackers.
Vivin Nets Thousands of Dollars Using Cryptomining Malware
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn’t going away anytime soon.
News Wrap: PoC Exploits, Cable Haunt and Joker Malware
Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week’s news wrap.
Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft
Threatpost talks to Venafi about the recently-disclosed Microsoft vulnerability and whether the hype around the flaw was warranted.
California’s Tough New Privacy Law and Its Biggest Challenges
The California Consumer Privacy Act has been adopted, but the largest U.S. privacy regulation fails to address how companies can know where their data is.
Podcast: The Roadblocks and Opportunities For Women in Cybersecurity
Threatpost examines the challenges – and opportunities – that women are facing in the cybersecurity landscape.
VideosView all
Video: Zoom Researcher Details Web Conference Security Risks, 2020 Threats
Maya Horowitz with Check Point Research discussed recently-disclosed Zoom vulnerabilities that could have opened up web conferencing meetings to hackers.
‘Wildly Different’ Privacy Regulations Causing Compliance Chaos
Threatpost talks to Anthony di Bello with OpenText, at ENFUSE 2019, about the successes and failures of security regulations, and how companies are changing as they struggle to keep up with compliance issues.
California’s Domino Effect on U.S. Privacy Regulation
In this video, a security expert discusses the California Consumer Privacy Act (CCPA), and its potential impact on privacy regulation across the U.S.
Post-GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware
A detailed look at underground forums shows that cybercriminals aren’t sure where to look on the heels of the GandCrab ransomware group shutting its doors – and low-level actors are taking advantage of that by developing their own strains.
Election Security Threats: From Misinformation to Voting Machine Flaws
From insecure voting machines to social media misinformation, governments have alot to think about when it comes to securing elections.
Security Vulnerabilities Are Increasingly Putting Kids at Risk
A kid’s tablet with security vulnerabilities is only the latest privacy faux pas in a children’s connected device.
Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.
Hackers Take Over IoT Devices to ‘Click’ on Ads
A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab.
Lax Telco Security Allows Mobile Phone Hijacking and Redirects
A Q&A with Kaspersky Lab researcher David Jacoby examines a gaping hole in the telco customer-service process that allows adversaries to commandeer phone calls.
SlideshowView all
2020 Cybersecurity Trends to Watch
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.
Top Mobile Security Stories of 2019
Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.
Facebook Security Debacles: 2019 Year in Review
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.
Biggest Malware Threats of 2019
2019 was another banner year for bots, trojans, RATS and ransomware. Let’s take a look back.
Top 10 IoT Disasters of 2019
From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children’s connected toys, here are the top IoT disasters in 2019.
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.