Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.
The end-to-end encryption feature will not be offered to free users, Zoom's CEO said, in case Zoom needed to comply with federal and local law enforcement.
Researchers are warning of spear-phishing emails with CV lures that spread the ZLoader malware, which steals banking credentials from victims.
An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials.
Researchers warn of critical flaws in SAP's Sybase Adaptive Server Enterprise software.
Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.
DivvyCloud discusses the changing nature of identity access management (IAM) - and what kind of challenges and opportunities that is creating for businesses.
Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by attackers to takeover victims' third-party applications.
Attackers managed to compromise NTT Communication’s Active Directory server and a construction information management server.
Google TAG report reveals that "hack for hire" firms are tapping into the coronavirus pandemic via WHO phishing lures.
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.
The lawsuit, filed against Google by Arizona's Attorney General, alleges that the tech giant uses “deceptive and unfair conduct” to obtain users’ location data.
Even seeing data breaches in the news, more than half of consumers are still reusing passwords.
Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign.
Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.
Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution.
Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack.
The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds.
Threatpost talks to Verizon DBIR co-author Gabriel Bassett about the top takeaways from this year's Data Breach Investigations Report.
Researchers link the malware to Wolf Research operators with "high confidence" after it was spotted in campaigns targeting Thai users.
A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch.
Denial of Service (DoS), ransomware, and financially-motivated data breaches were the winners in this year's Verizon DBIR.
ProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection.
A bug introduced in an iOS software update on the Edison Mail app allowed emails to be viewed by strangers.
Threatpost editors discuss recent ransomware attacks and contact-tracing app privacy concerns.
A new threat group uses NSIS as an installer to target industrial companies with revolving payloads, including LokiBot, FormBook, BetaBot, Agent Tesla and Netwire.
A group of children's privacy advocates alleged in a recent FTC complaint that TikTok violated an agreement to protect children's private data.
Microsoft is letting Windows Insiders test-drive DNS-over-HTTPS protocol in a pre-release build of Windows 10.
BEC gangs like "Exaggerated Lion" are using tricky tactics - like exploiting G Suite - to scam companies out of millions.
Texas appellate courts and judicial agencies’ websites and computer servers were shut down after a ransomware attack.