16 hours 34 minutes ago
The "bestiary" houses six historical threats that combined resulted in at least $95B in damages worldwide.
18 hours 59 minutes ago
The two critical cross-site request forgery flaws in the online learning non-profit Khan Academy have been resolved.
21 hours 48 minutes ago
SandboxEscaper has released her latest local privilege-escalation exploit for Windows.
23 hours 27 minutes ago
Google said it had stored G Suite enterprise users' passwords in plain text since 2005 marking a giant security faux pas.
1 day 15 hours ago
Mozilla has released a host of fixes for its browser as it rolls out its latest 67 version of Firefox, which touts better speed and privacy.
1 day 15 hours ago
Intel has issued fixes for a slew of vulnerabilities, separate from the side-channel bugs disclosed last week.
1 day 16 hours ago
Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.
1 day 20 hours ago
A flaw in the Secure Boot trusted hardware root-of-trust affects enterprise, military and government network gear, including routers, switches and firewalls.
1 day 21 hours ago
HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.
1 day 22 hours ago
A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see.
2 days 16 hours ago
All too often, information-sharing is limited to vertical market silos; to build better defenses, it's time to take a broader view beyond the ISAC.
2 days 17 hours ago
A glitch in Microsoft's Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist.
2 days 20 hours ago
An accidental permissions snafu caused a massive outage for all Salesforce customers that continues to affect some businesses.
2 days 21 hours ago
A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown.
2 days 22 hours ago
An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel.
2 days 23 hours ago
Daniel Gruss, the researcher behind Spectre, Meltdown - and most recently, ZombieLoad - Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
5 days 17 hours ago
5 days 19 hours ago
The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses.
5 days 20 hours ago
The importance of reading the network tealeaves of a company’s network traffic to head off an attack.
6 days 1 hour ago
From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.
The First Stop For Security News
Subscribe to Threat Post feed