Threatpost

After a report found that Snap employees were abusing their access to Snapchat data, experts are warning that insider threats will continue to be a top challenge for privacy.

New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites.

The Windows 10 update that's rolling out addresses insecure Wi-Fi hotspots with new user notifications.

The Threatpost team breaks down the top privacy-related data incidents of the week - including data leaks from HCL and a golfing app - and highlights some surprisingly good privacy news.

As passwords are increasingly viewed as security liabilities, Identity Management solutions are picking up the slack.

Coming to America: The Shade ransomware, which has historically targeted Russian victims, was recently spotted expanding its sights.

A new way of tracking mobile users creates a globally unique device fingerprint that browsers and other protections can't stop.

As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.

As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.

The "bestiary" houses six historical threats that combined resulted in at least $95B in damages worldwide.

The two critical cross-site request forgery flaws in the online learning non-profit Khan Academy have been resolved.

SandboxEscaper has released her latest local privilege-escalation exploit for Windows.

Google said it had stored G Suite enterprise users' passwords in plain text since 2005 marking a giant security faux pas.

Mozilla has released a host of fixes for its browser as it rolls out its latest 67 version of Firefox, which touts better speed and privacy.

Intel has issued fixes for a slew of vulnerabilities, separate from the side-channel bugs disclosed last week.

Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.

A flaw in the Secure Boot trusted hardware root-of-trust affects enterprise, military and government network gear, including routers, switches and firewalls.

HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.

A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see.

All too often, information-sharing is limited to vertical market silos; to build better defenses, it's time to take a broader view beyond the ISAC.