A collection of Threatpost’s top recorded cybersecurity webinars available on-demand or register for our upcoming 2021 lineup of live events.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves ...

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates ...

From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children's connected toys, here are the top IoT disasters in 2019.

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails ...

Infosec Insiders Community Browse our curated content, contributed by the Threatpost community of industry experts, technical gurus and thought leaders.

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

The threat actors stole data and used Clop's leaks site to demand money in an extortion scheme, though no ransomware was deployed.