Microsoft to Apply California’s Privacy Law to All U.S. Users
The move takes a broader stand to protect user data and support the requirements of CCPA nationwide.
Threatpost
DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure
The specific type of TCP attack used in the recent spate of DDoS efforts were TCP SYN-ACK reflection attacks.
ThreatList: Data Breaches Batter Stock Prices at Public Companies, For Months
When it comes to bouncing back, long-term impact to share prices from a data breach incident is significant on average for large companies.
Ransomware Attack Downs Hosting Service SmarterASP.NET
SmarterASP.NET said that it is in the middle of recovering accounts downed by the ransomware attack.
Encrypted Emails on macOS Found Stored in Unprotected Way
Apple is investigating an issue raised by a Mac specialist discovered to be storing emails that are supposed to be S/MIME-encrypted as readable files.
Platinum APT Shines Up New Titanium Backdoor
The trojan was observed as the final payload in a sophisticated and complex malware installation code set.
Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone
Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies.
Art Imitates Life: Lessons from the Final Season of Mr. Robot
Unlike Elliot, real-world adversaries don’t have lofty ideals nor do they suffer crises of conscience.
Pwn2Own Tokyo Roundup: Amazon Echo, Routers, Smart TVs Fall to Hackers
The latest edition of the bi-annual hacking contest saw creative exploits in new device categories.
News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails
From voice assistant hacks to insider threats, Threatpost editors break down this week's biggest news.
Amazon Fixes Ring Video Doorbell Flaw That Leaked Wi-Fi Credentials
Attackers could access Wi-Fi credentials due to a problem in initial configuration of the smart doorbell device.
Ex-Twitter Employees Spied on Saudi Dissidents: DoJ
The DoJ charges former Twitter employees for allegedly accessing thousands of accounts on behalf of Saudi Arabia.
Amazon Kindle, Embedded Devices Open to Code-Execution
Flaws in Das U-Boot affect third-party hardware that uses the universal bootloader as an underlying component.
Gamers Hit with Nvidia GPU Driver, GeForce Flaws
Vulnerabilities in several PC gaming products offered by Nvidia can lead to escalation of privilege, denial of service and other malicious attacks.
How to Secure Critical Infrastructure When Patching Isn’t Possible
Mission-critical systems can't just be switched off to apply security updates -- so patching can take weeks if not years.
Why Big Breach Fines Don’t Equal Fewer Breaches
Despite trillions of dollars in breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise.
Google Enlists Help to Fight Bad Android Apps
The tech giant formed an alliance with three endpoint security firms aimed at stopping malicious apps before they get to the Google Play Store.
Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security
Tactics for when authorized users need to connect to network resources, or need to venture out to the web to complete important tasks.
You’ve Been Served…with Subpoena-Themed Phishing Emails
A targeted campaign is delivering an information-stealing malware called Predator the Thief.
Rogue Trend Micro Employee Sold Customer Data for 68K Accounts
Trend Micro customers whose data was sold are getting scam calls from criminals purporting to be support staff.
The First Stop For Security News
Subscribe to Threatpost feed