WhatsApp Axes COVID-19 Mass Message Forwarding
Amid rampant misinformation, users of the Facebook-owned messaging platform can no longer send coronavirus messages to more than one user at a time.
Featured news
Serious Exchange Flaw Still Plagues 350K Servers
The Microsoft Exchange vulnerability was patched in February and has been targeted by several threat groups.
‘Fake Fingerprints’ Bypass Scanners with 3D Printing
New research used 3D printing technology to bypass fingerprint scanners, and tested it against Apple, Samsung and Microsoft mobile products.
xHelper: The Russian Nesting Doll of Android Malware
Ultimately delivering the Triada payload, xHelper goes to great lengths to become virtually indestructible once installed on a smartphone.
Latest news
The CISO Checklist for Secure Remote Working was built to assist CISOs in navigating through COVID-19, providing them with a concise, high-level list of the absolute essentials needed to ensure their organization is well protected in these challenging times.
FIN6 fingerprints were spotted in recent cyberattacks that initially infected victims with the TrickBot trojan, and then eventually downloaded the Anchor backdoor malware.
Android apps launched for citizens in Iran, Colombia and Italy offer cyberattackers new attack vectors.
More zero-day exploits coming up for sale by NSO Group and others is democratizing the attack vector and placing them within reach of less sophisticated attackers.
The FBI is cracking down on the practice of Zoom bombing, saying the hijacking of web conferences can be punishable by jail time.
Newsmaker Interviews
Most Recent ThreatLists
-
ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates
-
ThreatList: 90% of SMBs Believe Nation-State Actors Are Targeting Them
-
ThreatList: A Third of Biometric Systems Targeted by Malware in Q3
-
ThreatList: Admin Rights for Third Parties is the Norm
-
ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical
PodcastsView all
‘Fake Fingerprints’ Bypass Scanners with 3D Printing
New research used 3D printing technology to bypass fingerprint scanners, and tested it against Apple, Samsung and Microsoft mobile products.
News Wrap, Coronavirus Edition: WFH Security Woes, Pwn2Own
Threatpost editors discuss this week’s top news stories from COVID-19 themed malware attacks to Pwn2Own updates.
More Than Half of IoT Devices Vulnerable to Severe Attacks
A full 98 percent of all IoT device traffic is unencrypted, exposing personal and confidential data on the network.
RSAC 2020: Editors’ Preview of Hottest Sessions, Speakers and Themes
From data privacy to industrial IoT cybersecurity concerns, Threatpost editors discuss the top stories they expect to see at this year’s RSA Conference, which kicks off next week in San Francisco.
News Wrap: Valentine’s Day Scams and Emotet’s Wi-Fi Hack
Top stories of this week include a new Emotet Wi-Fi hack and Robbinhood ransomware operators using a “bring your own bug” technique.
Katie Moussouris: The Bug Bounty Conflict of Interest
Katie Moussouris sounds off on the challenges behind creating successful bug bounty programs.
Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast
The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities.
Bezos, WhatsApp Cyberattacks Show Growing Mobile Sophistication
The recently disclosed Jeff Bezos phone hack and other incidents show that mobile devices are being increasingly targeted by sophisticated nation-state attackers.
Vivin Nets Thousands of Dollars Using Cryptomining Malware
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn’t going away anytime soon.
VideosView all
Tokyo Olympics Postponed, But 5G Security Lessons Shine
Threatpost Senior Editor Tara Seals is joined by Russ Mohr, engineer and Apple evangelist at MobileIron along with Jerry Ray, COO at SecureAge, for a discussion about the now postponed Tokyo Games and its use of 5G and the myriad of security concerns Japan is preparing for.
Cloud Misconfig Mistakes Show Need For DevSecOps
Unit 42 researchers discuss public cloud misconfiguration issues that are leading to breaches of sensitive data.
Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial services industry were targeting APIs.
Chris Eng: Patch Management Challenges Drive ‘Security Debt’
Chris Eng with Veracode talks about how organizations are falling into security debt due to patch management issues.
Cobalt Ulster Strikes Again With New ForeLord Malware
Threatpost talks to Alex Tilley, senior security researcher with Dell SecureWorks’ Counter Threat Unit Research Team, about a recently discovered campaign linked to an Iranian APT.
Forrester: Keeping Smart Cities Safe From Hacks
As cities grow more connected, municipal operators must deal with new risks like ransomware, IoT hacks and more.
Patrick Wardle: Apple Devices Hit With Recycled macOS Malware
Patrick Wardle talks about the biggest threats he’s seeing impacting Apple devices.
IoT Insecurity: When Your Vacuum Turns on You
From vacuum cleaners to baby monitors, the IoT landscape continues to be plagued by concerning security issues that lead to privacy threats.
Video: Ransomware a Growing Industrial Security Threat
Lior Frenkel, CEO and co-founder of Waterfall Security, discusses the top cybersecurity threats that are facing the industrial, manufacturing and critical infrastructure industries.
SlideshowView all
2020 Cybersecurity Trends to Watch
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.
Top Mobile Security Stories of 2019
Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.
Facebook Security Debacles: 2019 Year in Review
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.
Biggest Malware Threats of 2019
2019 was another banner year for bots, trojans, RATS and ransomware. Let’s take a look back.
Top 10 IoT Disasters of 2019
From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children’s connected toys, here are the top IoT disasters in 2019.
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.