The first stop for security news | Threatpost

Securing Your Move to the Hybrid Cloud

Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.

The first stop for security news | Threatpost

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.

The first stop for security news | Threatpost

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.

The first stop for security news | Threatpost

Why Physical Security Maintenance Should Never Be an Afterthought

SecuriThings' CEO Roy Dagan tackles the sometimes overlooked security step of physical security maintenance and breaks down why it is important.

The first stop for security news | Threatpost

Conti’s Reign of Chaos: Costa Rica in the Crosshairs

Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica?

The first stop for security news | Threatpost

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.

The first stop for security news | Threatpost

Authentication Risks Discovered in Okta Platform

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational data destruction.

The first stop for security news | Threatpost

Google Boots Multiple Malware-laced Android Apps from Marketplace

Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.

The first stop for security news | Threatpost

Large-Scale Phishing Campaign Bypasses MFA

Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.

The first stop for security news | Threatpost

How War Impacts Cyber Insurance

Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.

The first stop for security news | Threatpost

‘Callback’ Phishing Campaign Impersonates Security Firms

Victims instructed to make a phone call that will direct them to a link for downloading malware.

The first stop for security news | Threatpost

Rethinking Vulnerability Management in a Heightened Threat Landscape

Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist.

The first stop for security news | Threatpost

Google Patches Actively Exploited Chrome Bug

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code.

The first stop for security news | Threatpost

A Guide to Surviving a Ransomware Attack

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.

The first stop for security news | Threatpost

Leaky Access Tokens Exposed Amazon Photos of Users

Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents.