Cybersecurity News


The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem

The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem We all make assumptions. They rarely turn out well. A new/old date problem offers a lesson in why that's so.
20 January 2020

Mitsubishi Electric discloses security breach, China is main suspect

Mitsubishi Electric says hackers did not obtain sensitive information about defense contracts.
20 January 2020

Betting companies given access to UK gov't information on millions of children

Reports suggest a government database was misused for age verification purposes.
20 January 2020

Citrix rolls out patches for critical ADC vulnerability exploited in the wild

Citrix is racing to develop patches for software builds vulnerable to the severe bug.
20 January 2020

LastPass is in the midst of a major outage

LastPass issue appears to impact users with accounts dating back to 2014 and earlier.
20 January 2020

Secure Your Home Wi-Fi Network

Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.
20 January 2020

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

The list was shared by the operator of a DDoS booter service.
19 January 2020

Microsoft warns about Internet Explorer zero-day, but no patch yet

IE zero-day connected to last week's Firefox zero-day.
17 January 2020

New JhoneRAT Malware Targets Middle East

New JhoneRAT Malware Targets Middle East Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
17 January 2020

Feds Cut Off Access to Billions of Breached Records with Site Takedown

Feds Cut Off Access to Billions of Breached Records with Site Takedown The WeLeakInfo "data breach notification" domain is no more.
17 January 2020

Mobile Carrier Customer Service Ushers in SIM-Swap Fraud

Mobile Carrier Customer Service Ushers in SIM-Swap Fraud Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
17 January 2020

Visa's plan against Magecart attacks: Devalue and disrupt

Visa is actively going after Magecart groups, but also deploying new technologies to safeguard payment card data.
17 January 2020

Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?

Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea? Are publicly released proof-of-concept exploits more helpful for system defenders -- or bad actors?
17 January 2020

News Wrap: PoC Exploits, Cable Haunt and Joker Malware

News Wrap: PoC Exploits, Cable Haunt and Joker Malware Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week's news wrap.
17 January 2020

Mobile Banking Malware Up 50% in First Half of 2019

A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019.
17 January 2020

FBI Seizes Domain That Sold Info Stolen in Data Breaches

The website, WeLeakData.com, claimed to have more than 12 billion records gathered from over 10,000 breaches.
17 January 2020

FBI Plans to Inform States of Election Breaches

FBI Plans to Inform States of Election Breaches The agency changed its policy to provide more timely and actionable information to state and local election officials in the case of a cybersecurity breach to election infrastructure.
17 January 2020

7 Ways to Get the Most Out of a Penetration Test

7 Ways to Get the Most Out of a Penetration Test You'll get the best results when you're clear on what you want to accomplish from a pen test.
17 January 2020

ADP Users Hit with Phishing Scam Ahead of Tax Season

Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links.
17 January 2020

Massive Oracle Patch Reverses Company's Trend Toward Fewer Flaws

Following a year that saw the fewest number of vulnerabilities reported since 2015, Oracle's latest quarterly patch fixes nearly 200 new vulnerabilities.
17 January 2020