After a report found that Snap employees were abusing their access to Snapchat data, experts are warning that insider threats will continue to be a top challenge for privacy.
New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites.
The Windows 10 update that's rolling out addresses insecure Wi-Fi hotspots with new user notifications.
The Threatpost team breaks down the top privacy-related data incidents of the week - including data leaks from HCL and a golfing app - and highlights some surprisingly good privacy news.
As passwords are increasingly viewed as security liabilities, Identity Management solutions are picking up the slack.
Coming to America: The Shade ransomware, which has historically targeted Russian victims, was recently spotted expanding its sights.
A new way of tracking mobile users creates a globally unique device fingerprint that browsers and other protections can't stop.
As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.
As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.
The "bestiary" houses six historical threats that combined resulted in at least $95B in damages worldwide.
The two critical cross-site request forgery flaws in the online learning non-profit Khan Academy have been resolved.
SandboxEscaper has released her latest local privilege-escalation exploit for Windows.
Google said it had stored G Suite enterprise users' passwords in plain text since 2005 marking a giant security faux pas.
Mozilla has released a host of fixes for its browser as it rolls out its latest 67 version of Firefox, which touts better speed and privacy.
Intel has issued fixes for a slew of vulnerabilities, separate from the side-channel bugs disclosed last week.
Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.
A flaw in the Secure Boot trusted hardware root-of-trust affects enterprise, military and government network gear, including routers, switches and firewalls.
HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.
A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see.
All too often, information-sharing is limited to vertical market silos; to build better defenses, it's time to take a broader view beyond the ISAC.
The First Stop For Security NewsSubscribe to Threatpost feed