Student Loan Breach Exposes 2.5M Records
2.5 million people were affected, in a breach that could spell more trouble down the line.
Featured news
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Threatpost Content Spotlight
Latest news
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Newsmaker Interviews
-
Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales
-
How the Pandemic is Reshaping the Bug-Bounty Landscape
-
A Cyber ‘Vigilante’ is Sabotaging Emotet’s Return
-
Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes
-
Encryption Under ‘Full-Frontal Nuclear Assault’ By U.S. Bills
PodcastsView all
Threatpost Podcast & Video Hub: Going Beyond the Headlines
A collection of in-depth discussions on the cybersecurity topics that matter most.
Wikileaks Alleges Years of CIA D-Link and Linksys Router Hacking Via ‘Cherry Blossom’ Program
The latest dump from Wikileaks alleges the CIA installed custom router firmware on unsuspecting targets in order to spy on internet activity.
Bash Exploit Reported, First Round of Patches Incomplete
Reports of the first in-the-wild exploits targeting the Bash vulnerability have surfaced, as have complaints the first patches for the bug are incomplete.
Threatpost News Wrap, February 21, 2014
Dennis Fisher and Mike Mimoso preview next week’s RSA conference, discuss the sessions they’re looking forward to covering and what the fallout from the NSA controversy will be during the week.
Jeremiah Grossman on His New Role as CEO of WhiteHat Security
Dennis Fisher talks with Jeremiah Grossman, the new interim CEO of WhiteHat Security, about taking on the new role, how things have changed since he was CEO 10 years ago and what the biggest challenges will be.
Threatpost News Wrap, January 24, 2014
Dennis Fisher and Mike Mimoso talk about the big security stories of the last couple of weeks, including the developments in the Target data breach, the president’s speech on NSA surveillance reforms and SCADA security woes.
Rich Mogull on the Target Data Breach
Dennis Fisher talks with Rich Mogull of Securosis about the Target data breach, how the attack may have worked, why these breaches are still so common and what can be done to improve the situation.
Threatpost News Wrap, January 10, 2014
Dennis Fisher and Mike Mimoso discuss the news of the weird in the security industry since the holidays, including the latest revelations about the Target data breach and the decision by some speakers to boycott the RSA Conference because of the NSA revelations.
2013: The Security Year in Review
Dennis Fisher and Mike Mimoso talk about the year that was in the security industry, including the last six months of NSA drama, the Microsoft bug bounty program, exploit sales and attacks against major banks.
VideosView all
Lyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on retooling its arsenal yet again.
National Surveillance Camera Rollout Roils Privacy Activists
TALON, a network of smart, connected security cameras developed by the Atlanta-based startup and installed by law enforcement around the country, raises surveillance-related privacy concerns.
Malware Gangs Partner Up in Double-Punch Security Threat
From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.
How Email Attacks are Evolving in 2021
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks
Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks.
Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares
From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks.
How the Pandemic is Reshaping the Bug-Bounty Landscape
Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.
Experts Weigh in on E-Commerce Security Amid Snowballing Threats
How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike.
Cybercriminals Step Up Their Game Ahead of U.S. Elections
Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared.
SlideshowView all
2020 Cybersecurity Trends to Watch
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.
Top Mobile Security Stories of 2019
Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.
Facebook Security Debacles: 2019 Year in Review
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.
Biggest Malware Threats of 2019
2019 was another banner year for bots, trojans, RATS and ransomware. Let’s take a look back.
Top 10 IoT Disasters of 2019
From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children’s connected toys, here are the top IoT disasters in 2019.
2019 Malware Trends to Watch
Here are 10 top malware trends to watch for in the New Year.
Top 2018 Security and Privacy Stories
The top cybersecurity and privacy trends that biggest impact in 2018.
2019: The Year Ahead in Cybersecurity
What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.
2018: A Banner Year for Breaches
A look back at the blizzard of breaches that made up 2018.