How the Dark Web Data Bazaar Fuels Enterprise Attacks
What does the age of near-ubiquitous data breaches, deep fakes, and fallible biometric authentication mean for enterprise security? Go to Source
Adobe Patches Critical ColdFusion Vulnerability With Active Exploit
Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product. Go to Source
Podcast: RSA Conference 2019 Preview
The Threatpost team talks about the biggest cybersecurity stories, trends and research we’ll see at RSA this year. Go to Source
Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
Using an on-again, off-again strategy of C2 communication helps it hide from researchers. Go to Source
Coinhive to Mine Its Last Monero in March
The controversial cryptomining service is shutting down. Go to Source
Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers
Cisco said that CVE-2019-1663, which has a CVSS score of 9.8, allows unauthenticated, remote attackers to execute arbitrary code. Go to Source
Card-Skimming Scripts Hide Behind Google Analytics, Angular
The campaign is marked by a significant level of customization, with an “individualized yet very consistent approach to every compromise. Go to Source
Ring Doorbell Flaw Opens Door to Spying
Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns. Go to Source
Cisco Patches High-Severity Webex Vulnerability For Third Time
Third time’s hopefully a charm for Cisco, which has patched a high-severity flaw once again in its Webex video conferencing platform. Go to Source
Thunderclap Flaws Shatter Peripheral Security
Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals. Go to Source