News

Times are strange when spies talk about infosec and economics colliding

The world must "understand the opportunities and threats from China's technological offer", GCHQ director Jeremy Fleming said today as he observed that there are "no clear norms or behaviours" for state-on-state cyber-squabbling.…

The attack threatens users with location-tracking, DoS, fake notifications and more.

Plus, hackers say your Facebook account is worth roughly a tall coffee

Roundup  Last week, the security world saw Adobe take a do-over, Cisco clean up some bugs and the NCC head out to space.…

Google has announced FIDO2 certification for devices running on Android 7 and above - meaning that users can use biometrics, fingerprint login or PINs instead of passwords.

Phishing emails target a bank's users with malware - and make their landing page look more legitimate with fake Google reCAPTCHAs.

There was a shocking turn of events in crypto-world.

Profitable secure SIM firm in the bag by March, Thales hopes

French defence tech conglomerate Thales has flogged off its hardware security module biz nCipher Security, a sale demanded by competition regulators over Thales' buyout of Gemalto.…

Threatpost talks to HackerOne CEO Marten Mickos on the EU's funding of open source bug bounty programs, how a company can start a program, and the next generation of bounty hunters.

U.S. and subcontinent consumers were the most affected by this week's exposure revelations.

From password manager vulnerabilities to 19-year-old flaws, the Threatpost team broke down this week's biggest news stories.

There's a PhD position in it too, if you want to get involved

NCC Group and the University of Surrey have set up a "Space Cyber Security Research Partnership" to investigate the security issues faced by satellites.…

Weigh in on password managers with our Threatpost poll.

Plus: How Microsoft Edge helps Facebook Flash files dodge click-to-play rules in Edge

Adobe is taking a second crack at patching security bugs in its Acrobat and Reader PDF apps.…

Premium-access credentials to porn sites are hot in the cyber-underground, as credential-harvesting malware proliferates.

Adobe has issued yet another patch for a critical vulnerability in its Acrobat Reader - a week after the original fix.

Cybercrims aren't just raking it in – they're dishing it out too

Extortionists are promising salaries of more than a quarter of a million pounds to skilled infosec folk willing to put on a black hat, according to research outfit Digital Shadows.…

Admins should update immediately to fix a remote code-execution vulnerability.

Users of the popular file-compression tool are urged to immediately update after a serious code-execution flaw was found in WinRAR.

Breakaway MPs accused of making off with info

The UK's Labour Party has been forced to lock down access to membership databases and campaign tools over concerns the info was being sucked up by breakaway MPs, in a possible breach of data protection laws.…

It's patching time again for Windows Server 2016 and Windows 10

Oops! Microsoft has published an advisory on a bug in its Internet Information Services (IIS) product that allows a malicious HTTP/2 request to send CPU usage to 100 per cent.…