LastPass Fixes Bug That Leaks Credentials
The company has patched a vulnerability that could allow malicious sites unauthorized access to usernames and passwords.
Featured news
AMD Radeon Graphics Cards Open VMware Workstations to Attack
Bug impacts VMware Workstation 15 running 64-bit versions of Windows 10 as the guest VM.
Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs
Independent researchers found 125 different CVEs across 13 different router and NAS models.
Google Calendar Settings Gaffes Exposes Users’ Meetings, Company Details
A configuration setting in Google Calendars does not sufficiently warn users that it makes their calendars public to all, a researcher argues.
Latest news
Julian Assange is among those impacted.
Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity.
ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the certificates on the black market.
Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover.
Most popular
-
1B Mobile Users Vulnerable to Ongoing ‘SimJacker’ Surveillance Attack
-
U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks
-
Marketing Analytics Company Leaks Deep Profiles of Entire Ecuador Population
-
Microsoft Addresses Two Zero-Days Under Active Attack
-
New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware
Newsmaker Interviews
-
Thousands of IoT Devices Bricked By Silex Malware
-
Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
-
Newsmaker Interview: Troy Mursch on Top Botnet Trends
-
Chris Vickery on the Marriott Breach and a Rash of Recent High-Profile Hacks
-
Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs
Most Recent ThreatLists
-
ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users
-
ThreatList: Police Use of Facial Recognition is Just Fine, Say Most Americans
-
ThreatList: Half of All Social Media Logins Are Fraud
-
ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019
-
ThreatList: DMARC Adoption Nonexistent at 80% of Orgs
PodcastsView all
News Wrap: IoT Radio Telnet Backdoor And ‘SimJacker’ Active Exploit
Threatpost editors Tara Seals and Lindsey O’Donnell talk about the top news stories of the week – from leaky databases to SIM card attacks.
Strangest Phishing Lures of 2019: From Divorce Papers to Real Estate Decoys
Proofpoint’s senior director of the threat research team discusses the strange levels that attackers are going to in order to persuade victims to click on phishing messages.
News Wrap: Deepfake CEO Voice Scam, Facebook Phone Data Exposed
From deepfake to data exposures, the Threatpost team talks about the top security trends driving this week’s biggest news stories.
News Wrap: Dentist Offices Hit By Ransomware, Venmo Faces Privacy Firestorm
From new ransomware attacks to privacy issues around Venmo and Ring, Threatpost editors break down the top news of this week.
News Wrap: Linux Utility Backdoor, Steam Zero Day Disclosure Drama
From a backdoor placed in the Webmin utility to vulnerability disclosure drama around zero-days in Valve’s Steam gaming clients, Threatpost breaks down this week’s top stories.
The Texas Ransomware Attacks: A Gamechanger for Cybercriminals
Security researchers worry that this weekend’s coordinated attacks on more than 20 Texas governments mark a change in how ransomware attacks will be launched in the future.
News Wrap: DejaBlue Bugs and Biometrics Data Breaches
From the biometrics of one million being exposed, to new Microsoft Bluekeep-like threats, Threatpost discusses the top news of the week.
Threatpost Podcasts: Going Beyond the Headlines
A collection of in-depth discussions on the cybersecurity topics that matter most.
TikTok Scammers Cash In On Adult Dating, Impersonation Tricks
Scammers are profiting from TikTok’s younger audience with adult dating and account impersonation tricks.
VideosView all
Post-GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware
A detailed look at underground forums shows that cybercriminals aren’t sure where to look on the heels of the GandCrab ransomware group shutting its doors – and low-level actors are taking advantage of that by developing their own strains.
Election Security Threats: From Misinformation to Voting Machine Flaws
From insecure voting machines to social media misinformation, governments have alot to think about when it comes to securing elections.
Security Vulnerabilities Are Increasingly Putting Kids at Risk
A kid’s tablet with security vulnerabilities is only the latest privacy faux pas in a children’s connected device.
Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.
Hackers Take Over IoT Devices to ‘Click’ on Ads
A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab.
Lax Telco Security Allows Mobile Phone Hijacking and Redirects
A Q&A with Kaspersky Lab researcher David Jacoby examines a gaping hole in the telco customer-service process that allows adversaries to commandeer phone calls.
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats
Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.
Insider Threats Get Mean, Nasty and Very Personal
Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks
In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
SlideshowView all
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts.
Slideshow: Scenes from Black Hat USA 2013
Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.
More from CanSecWest 2013
Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett
Ryan McGeehan and Chad Greene
Ryan McGeehan, the director of incident response at Facebook and Chad Greene, the manager of the Facebook CERT on Thursday both explained how the social network has planned red team exercises in the past to prepare the company’s security team for a real attack.
Stefan Esser
Mobile security researcher Stefan Esser discussed the security model of Apple iOS and some of the recent changes the company has made to lock it down even further.