Page Inspect

Threatpost | The first stop for security news

# Threatpost

- Podcasts
- Malware
- Vulnerabilities
- InfoSec Insiders
- Webinars

-
-
-
-
-
-
-

Search

### Featured news

## Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

by Nate Nelson

August 31, 2022

## Watering Hole Attacks Push ScanBox Keylogger

by Nate Nelson

August 30, 2022

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

by Nate Nelson

August 30, 2022

## Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

by Nate Nelson

August 29, 2022

## Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

by Nate Nelson

August 26, 2022

### Threatpost Content Spotlight

- Podcasts
- Webinars
- eBooks

- Listen Now

## Inside the Hackers’ Toolkit – Podcast

August 11, 2022
- Listen Now

## Being Prepared for Adversarial Attacks – Podcast

June 2, 2022
- Listen Now

## The State of Secrets Sprawl – Podcast

May 9, 2022
- Listen Now

## A Blockchain Primer and a Bored Ape Headscratcher – Podcast

March 31, 2022

- On-Demand Webinar

## Security Innovation: Secure Systems Start with Foundational Hardware
- On-Demand Webinar

## Securely Access Your Machines from Anywhere – Presented by Keeper Security
- On-Demand Webinar

## Log4j Exploit: Lessons Learned and Risk Reduction Best Practices
- On-Demand Webinar

## How to ID and Protect Sensitive Cloud Data: The Secret to Keeping Secrets

- Download Your Free Copy

## Cloud Security: The Forecast for 2022

February 15, 2022
- Download Your Free Copy

## 2021: The Evolution of Ransomware

April 19, 2021
- Download Your Free Copy

## Healthcare Security Woes Balloon in a Covid-Era World

November 24, 2020
- Download Your Free Copy

## 2020 in Security: Four Stories from the New Threat Landscape

August 4, 2020

### Latest news

## Cybercriminals Are Selling Access to Chinese Surveillance Cameras

by Nate Nelson

August 25, 2022

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

by Nate Nelson

August 25, 2022

## Twitter Whistleblower Complaint: The TL;DR Version

by Threatpost

August 24, 2022

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

by Threatpost

August 24, 2022

## Firewall Bug Under Active Attack Triggers CISA Warning

by Threatpost

August 23, 2022

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

by Threatpost

August 23, 2022

## Fake Reservation Links Prey on Weary Travelers

by Nate Nelson

August 22, 2022

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

by Nate Nelson

August 22, 2022

## iPhone Users Urged to Update to Patch 2 Zero-Days

by Elizabeth Montalbano

August 19, 2022

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

by Elizabeth Montalbano

August 19, 2022

Load more latest news

### Most popular

- ## Is your Java up to date?

February 23, 2009
- ## Top 5 Tips to Avoid Viruses and Spyware

February 23, 2009
- ## U.S. needs to investigate cyberweapons

February 24, 2009
- ## Six months later, DNS still taking a hit

February 24, 2009
- ## Pwn2Own 2009: Browsers and smart phones are targets

February 25, 2009

### Newsmaker Interviews

- ## Protecting Phones From Pegasus-Like Spyware Attacks

July 19, 2021

4
- ## Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales

May 12, 2021

2
- ## Spotlight on Cybercriminal Supply Chains

April 22, 2021
- ## Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’

January 25, 2021

1
- ## CISOs Prep For COVID-19 Exposure Notification in the Workplace

January 13, 2021

### Most Recent ThreatLists

- ## Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High

January 10, 2022
- ## PYSA Emerges as Top Ransomware Actor in November

December 22, 2021
- ## Encrypted & Fileless Malware Sees Big Growth

October 4, 2021
- ## Innovative Proxy Phantom ATO Fraud Ring Haunts eCommerce Accounts

September 30, 2021

2
- ## Women, Minorities Are Hacked More Than Others

September 27, 2021

7

### PodcastsView all

## Inside the Hackers’ Toolkit – Podcast

This edition of the Threatpost podcast is sponsored by Egress.

Sponsored Content

August 11, 2022

## Being Prepared for Adversarial Attacks – Podcast

There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s \[…\]

Sponsored Content

June 2, 2022

## The State of Secrets Sprawl – Podcast

In this podcast, we dive into the 2022 edition of the State of Secrets Sprawl report with Mackenzie Jackson, developer advocate at GitGuardian. We talk issues that corporations face with public leaks from groups like Lapsus and more, as well as ways for developers to keep their code safe.

Sponsored Content

May 9, 2022

## Cyberattackers Put the Pedal to the Medal: Podcast

Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams.

Sponsored Content

April 18, 2022

1

## MacOS Malware: Myth vs. Truth – Podcast

Huntress Labs R&D Director Jamie Levy busts the old “Macs don’t get viruses” myth and offers tips on how MacOS malware differs and how to protect against it.

April 7, 2022

1

## A Blockchain Primer and a Bored Ape Headscratcher – Podcast

Mystified? Now’s the time to learn about cryptocurrency-associated risks: Listen to KnowBe4’s Dr. Lydia Kostopoulos explain blockchain, NFTs and how to stay safe.

March 31, 2022

## Top 3 Attack Trends in API Security – Podcast

Bots & automated attacks have exploded, with attackers and developers alike in love with APIs, according to a new Cequence Security report. Hacker-in-residence Jason Kent explains the latest.

Sponsored Content

March 24, 2022

1

## Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast

It’s about time, AttackIQ’s Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill. As it is, visibility into adversary behavior has been muck.

March 17, 2022

## Staff Think Conti Group Is a Legit Employer – Podcast

The ransomware group’s benefits – bonuses, employee of the month, performance reviews & top-notch training – might be better than yours, says BreachQuest’s Marco Figueroa.

March 14, 2022

View all podcasts

### VideosView all

## Lyceum APT Returns, This Time Targeting Tunisian Firms

The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on retooling its arsenal yet again.

October 19, 2021

## National Surveillance Camera Rollout Roils Privacy Activists

TALON, a network of smart, connected security cameras developed by the Atlanta-based startup and installed by law enforcement around the country, raises surveillance-related privacy concerns.

March 4, 2021

4

## Malware Gangs Partner Up in Double-Punch Security Threat

From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.

February 26, 2021

## How Email Attacks are Evolving in 2021

The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.

February 11, 2021

1

## Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks

Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks.

December 22, 2020

## Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks.

December 15, 2020

## How the Pandemic is Reshaping the Bug-Bounty Landscape

Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.

October 28, 2020

## Experts Weigh in on E-Commerce Security Amid Snowballing Threats

How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike.

October 28, 2020

## Cybercriminals Step Up Their Game Ahead of U.S. Elections

Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared.

October 21, 2020

View all videos

### SlideshowView all

## 2020 Cybersecurity Trends to Watch

Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.

December 31, 2019

## Top Mobile Security Stories of 2019

Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.

December 30, 2019

## Facebook Security Debacles: 2019 Year in Review

2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.

December 27, 2019

## Biggest Malware Threats of 2019

2019 was another banner year for bots, trojans, RATS and ransomware. Let’s take a look back.

December 24, 2019

1

## Top 10 IoT Disasters of 2019

From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children’s connected toys, here are the top IoT disasters in 2019.

December 23, 2019

1

## 2019 Malware Trends to Watch

Here are 10 top malware trends to watch for in the New Year.

January 1, 2019

## Top 2018 Security and Privacy Stories

The top cybersecurity and privacy trends that biggest impact in 2018.

December 26, 2018

3

## 2019: The Year Ahead in Cybersecurity

What are the top cyber trends to watch out for in 2019? Here’s what we’re hearing.

December 25, 2018

10

## 2018: A Banner Year for Breaches

A look back at the blizzard of breaches that made up 2018.

December 24, 2018

2

View all slideshows

Threatpost

The First Stop For Security News

- Home
- About Us
- Contact Us
- RSS Feeds

- Copyright © 2025 Threatpost
- Privacy Policy
- Terms and Conditions

-
-
-
-
-
-
-

### Topics

- Black Hat
- Breaking News
- Cloud Security
- Critical Infrastructure
- Cryptography
- Facebook
- Government
- Hacks
- IoT
- Malware
- Mobile Security
- Podcasts
- Privacy
- RSAC
- Security Analyst Summit
- Videos
- Vulnerabilities
- Web Security

Threatpost

-
-
-
-
-
-
-

### Topics

- Cloud Security
- Malware
- Vulnerabilities
- Privacy

Show all

- Black Hat
- Critical Infrastructure
- Cryptography
- Facebook
- Featured
- Government
- Hacks
- IoT
- Mobile Security
- Podcasts
- RSAC
- Security Analyst Summit
- Slideshow
- Videos
- Web Security

### Authors

- Elizabeth Montalbano
- Nate Nelson

### Threatpost

- Home
- About Us
- Contact Us
- RSS Feeds

Search

-
-
-
-
-
-
-

InfoSec Insider

### Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

### Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.