Researchers show why keeping a handle on user credentials is just as hard in the cloud as it is on local networks.
Private intelligence gathering firm LocalBlox leaked data on 48 million users that was scraped from Facebook, LinkedIn, Zillow and other sites.
Researchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel.
Researchers found a new iOS vulnerability called “trustjacking,” which exploits a feature called iTunes Wi-Fi Sync to give attackers persistent control over victims’ devices.
Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised third-party sites and a couple of day later they began
Researchers have identified a hacking group behind several widescale maritime shipping industry business email compromise (BEC) attacks since June.
Researcher Billy Rios, founder of WhiteScope, discusses medical device hacking at RSA Conference 2018 with Threatpost’s Tom Spring.
Threatpost talks to crypto expert Nate Cardozo, senior staff attorney with the Electronic Frontier Foundation at RSA Conference 2018 about the U.S. government’s current position on device encryption and law enforcement’s use of iPhone passcode cracker called GreyKey.
Original release date: April 17, 2018 Oracle has released its Critical Patch Update for April 2018 to address 254 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle April 2018 Critical Patch Update and apply
Mobile apps leak personal data via insecure ads that transmit ad-targeting data insecurely.