Threat Post

Indictments are part of special counsel Robert Mueller's investigation of Russian interference in the 2016 elections.

Cyberattackers have used a bogus mobile device management (MDM) system to target a small – but presumably high-value – set of iPhones in India in a cyberespionage campaign that has some unusual hallmarks.

HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.

The scam emails offer, as proof of compromise, a password associated with the target’s online accounts.

In this InfoSec Insider, Tim Bandos looks at why network admins will want to keep a close watch on network traffic within the enterprise.

The thief also had a second dataset, including the M1 Abrams maintenance manual, a tank platoon training course, a crew survival course and documentation on improvised explosive device (IED) mitigation tactics.

Cisco also patched three medium-security flaws in its network security offerings; and, it issued a fix for a high-severity bug in its platform for mobile operator routers, StarOS.

Old banking malware called Dorkbot has reemerged in 2018 to become a serious threat.

A new feature called site isolation is being tapped to protect Chrome users against Spectre.

A whopping 800 e-commerce sites around the world have been targeted by the Magecart criminal group so far, according to RiskIQ.

QNAP said in a security advisorythat it has fixed the issues in Q'Center Virtual Appliance, and urged customers to update to the latest version.

Why are hackers selling medical records of deceased patients?

Scott Helme, the well-known security researcher, international speaker and the founder of the securityheaders.com and report-uri.com free tools for web security, has devoted himself to improving the security environment of the internet for the past decade. Threatpost sat down with Helme to discuss the state of web security, particularly on the encryption front — including certificate […]

The newly-discovered Spectre variants can be exploited to uncover confidential data via microarchitectural side channels in CPUs.

Microsoft patches 17 critical bugs and 34 important bugs as part of its monthly security bulletin.

The company issued fixes for 112 vulnerabilities in products spanning from Flash Player, Acrobat and Reader, Experience Manager, to Adobe Connect.

Researchers released a workaround for Apple's USB Restricted Mode security feature the same day it was rolled out.

Apple has officially added a controversial security feature, USB Restricted Mode, to iPhones as part of its new iOS 11.4.1, released on Monday.

The fitness app Polar Flow exposes the whereabouts of some of its high-profile users, including “spies” and those with sensitive positions in the military.

The Zero Day Initiative said that the number of bugs reported in 2018 is on track to trump its previous busiest year, 2017.