Threatpost

Cisco recently patched the high-severity flaw, which could allow remote, unauthenticated attackers to launch DoS attacks against its popular small business switches.

At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft's malicious macros protections to infect MacOS users.

Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.

Government hopes to avoid interference in the upcoming November presidential vote with a hefty reward.

The groups, all tied to the Winnti supply-chain specialist gang, were seen using the same Linux rootkit and backdoor combo.

Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020.

A vulnerability in Twitter for Android could have allowed attackers to access private direct messages (DMs) and other data.

Voting Village security celeb Matt Blaze delves into the logistics of scaling up mail-in voting ahead of November's election.

The explosion of open-source AI models are lowering the barrier of entry for bad actors to create fake video, audio and images - and Facebook, Twitter and other platforms aren't ready.

Google addressed high-severity and critical flaws tied to 54 CVEs in this month's Android security bulletin.

An attacker can hide amidst legitimate traffic in the application's update function.

The agency known for its own questionable surveillance activity advised how mobile users can limit others’ ability to track where they are.

During Black Hat USA 2020, Threatpost talks to Sherrod DeGrippo, with Proofpoint, about Emotet's recent return -and how a cyber vigilante is attempting to thwart the malware's comeback.

The ransomware has surged since moving to a RaaS model.

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites.

The potential FTC fine comes after Twitter last year acknowledged that user emails and phone numbers were being used for targeted advertising.

COVID-19 pandemic spurs spoofing preference changes, plus a surge in email-based attacks.

Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected.

Starting Sept. 1, Google will crack down on misinformation, a lack of transparency and the ability to amplify or circulate politically influential content.

Almost two months after a high-severity flaw was disclosed - and seven months after it was first reported - Netgear has yet to issue fixes for 45 of its router models.