After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.
Overall Oracle patched 297 flaws across multiple product as part of its April security update.
The financial services industry sees nearly half of all website traffic coming from malicious bots.
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.
Researchers are pinning a recent phishing campaign against Ukraine government agencies on the Luhansk People’s Republic, a proto-state in eastern Ukraine which declared independence in 2015.
The IT giant’s networks were infiltrated and used to mount supply-chain attacks on its enterprise customers.
Patched just last week, the Windows kernel bug is being used for full system takeover.
After the HawkEye malware kit underwent an ownership change and new development, researchers are spotting the keylogger used in several malicious email campaigns.
At SAS 2019, Recorded Future CTO discusses a new kind of high-profile influence campaign spotted using a new technique: Old news.
At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain threats.
Chris Vickery with UpGuard, who discovered two datasets exposing millions of Facebook records, discusses his findings and the implications of data collection with Threatpost.
Threatpost talks to Phil Neray with CyberX about Tuesday’s ransomware attack on aluminum producer Norsk Hydro, and how it compares to past manufacturing attacks like Triton, WannaCry and more.
From privacy to patches, Threatpost editors discuss the biggest infosec news and trends that they saw this week at RSA Conference 2019.
A new report outlines the cyberattacks and threats that financial firms are facing.
Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws.
The Threatpost team talks about the biggest cybersecurity stories, trends and research we’ll see at RSA this year.
From password manager vulnerabilities to 19-year-old flaws, the Threatpost team broke down this week’s biggest news stories.
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
Hacking into smart homes is becoming increasingly easy and a great way to steal victims’ personal information, Trend Micro said at RSA 2019.
RAT activity in Latin America and Asia ramped up at the end of 2018, indicating widespread coordinated targeting by threat actors.
IoT is growing more popular in the home – and so too are the attacks that target these devices featuring valuable data, researchers said at RSA 2019.
BleedingBit’s impact continues to spread across various devices, researchers at RSA Conference 2019 said.
Offensive cyber attack chains are accelerating rapidly thanks to a combination of artificial intelligence, machine learning and broadening threat landscape.
A scammer ring dubbed Scarlet Widow has targeted nonprofits, schools and universities with an array of business email compromise (BEC) attacks over the past few months.
Here are 10 top malware trends to watch for in the New Year.
The top cybersecurity and privacy trends that biggest impact in 2018.
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
A look back at the blizzard of breaches that made up 2018.
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.
InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.