Mozilla Foundation rushes patches to fix bugs in its browser that could allow for remote code execution.
A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations.
A group of CDNs and cloud providers are joining in on a fight against common internet routing attacks.
The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus.
Google is rolling out the newest Chrome browser version, 80.0.3987.162, in the coming days.
The feature, criticized for "undisclosed data-mining," is only the latest privacy faux pas for Zoom this month.
Old phishing kits are being pressed into service to keep up with the unprecedented volume of new scams that exploit the pandemic.
Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.
Attacks using a brand-new card-harvesting code is targeting small- to medium-sized businesses, claiming 19 sites so far.
Like NotPetya, it overwrites the master boot record to render computers "trashed."
A spate of phishing attacks have promised financial relief due to the coronavirus pandemic - but in reality swiped victims' credentials, payment card data and more.
A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors.
The zero-day Zoom flaws could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera.
An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
The New York Attorney General has inquired about Zoom's data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies.
An old RAT learns an old trick.
The second breach in less than 24 months stemmed from employee account compromises.
An informal Threatpost reader poll shows the majority of site visitors are privacy absolutists. But attitudes shift when the trade off is saving lives.
Phishing and zero-days continue to be a core part of the APT arsenal.