Threatpost Blog

Subscribe to Threatpost Blog feed
The First Stop For Security News
Updated: 1 hour 30 min ago

State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally

April 17, 2019 - 7:32pm
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.

RatVermin Spyware Targets Ukraine Gov Agencies

April 16, 2019 - 9:04pm
Researchers are pinning a recent phishing campaign against Ukraine government agencies on the Luhansk People's Republic, a proto-state in eastern Ukraine which declared independence in 2015.

Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers

April 12, 2019 - 6:56pm
The duo are convicted of infecting 400,000 computers in the U.S. with malware and scamming victims out of millions of dollars.

North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT

April 12, 2019 - 4:58pm
The custom malware is a spy tool and can also disrupt processes at U.S. assets.

ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps

April 12, 2019 - 4:08pm
Convincing phishing pages and millions of suspicious apps are plaguing tax season.

SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort

April 10, 2019 - 6:30am
The SneakyPastes campaign was highly effective but hardly advanced.

SAS 2019: Meet ‘TajMahal,’ A New and Highly Advanced APT Framework

April 10, 2019 - 5:11am
A highly sophisticated APT framework has been found targeting a single Central Asian diplomatic entity for years.

Lazarus Group Widens Tactics in Cryptocurrency Attacks

March 28, 2019 - 5:12pm
MacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea.

FTC Demands Broadband Providers Reveal Data Handling Practices

March 27, 2019 - 10:08pm
The FTC is ordering seven companies - including AT&T, T-Mobile, Comcast and more - to outline what data they collect, what they use the data for, and how transparent they're being with consumers.

Grindr Poses National Security Risk, U.S. Gov Says

March 27, 2019 - 6:41pm
According to a report, Grindr's Chinese owners are selling the platform after concerns were raised about user data handling.

FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors

March 25, 2019 - 3:00pm
The contractor with whom it shared the data has a vulnerable, unpatched network.

Years-Long Phishing Campaign Targets Saudi Gov Agencies

March 20, 2019 - 8:03pm
The campaign, codenamed “Bad Tidings,” has sought out victims’ credentials with clever fake landing pages pretending to be the Saudi Arabian Ministry of Interior’s e-Service portal.

Privacy Regulations Needed for Next-Gen Cars

March 18, 2019 - 4:46pm
With wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.

Purveyor of Cracked Netflix, Hulu, Spotify Accounts Arrested

March 13, 2019 - 8:44pm
A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit.

Federal Focus on Cyber Plays Out in President’s Budget, IoT Legislation

March 12, 2019 - 10:05pm
Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts.

RSA Conference 2019: The Sky’s the Limit For Satellite Hacks

March 6, 2019 - 8:45pm
Satellites are spotted with vulnerabilities and design flaws - and hackers are taking note, researchers report at the RSA Conference.

RSAC 2019: An Antidote for Tech Gone Wrong

March 4, 2019 - 12:00pm
As many ponder the big ethical questions around cyber, some are proposing public interest technologist as a solution.

RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope

March 4, 2019 - 3:00am
New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers' expectations in complexity, scope and breadth.

Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks

February 27, 2019 - 1:30pm
The China-linked threat group has returned in 2018 using updated RATs to launch its attacks, including ZxShell, Gh0st RAT, and SysUpdate malware.

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections

February 20, 2019 - 5:16pm
As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts.