Ford's CEO sees the tech company model as key to the company's next chapter. | Continue reading
The issue comes from how Gmail automatically files messages into the "Sent" folder. | Continue reading
"Our advice is to stop using this watch" as mitigations are not available, researchers told Threatpost. | Continue reading
The critical vulnerability, which was patched earlier in September, has put ColdFusion servers at risk. | Continue reading
The results could start a wave of major damages for companies that collect and sell consumer information. | Continue reading
Two samples have already been added to the malware zoo, indicating a new openness from the federal government when it comes to cyber. | Continue reading
Users must update their vulnerable libraries manually. | Continue reading
Support for PHP 5.6 drops on December 31 - but a recent report found that almost 62 percent of websites are still using version 5. | Continue reading
The bugs let hackers crash IoT devices, leak their information, and completely take them over. | Continue reading
Researchers devise post-intrusion attack that use existing system binaries to achieve arbitrary code execution to maintain stealth and persistence. | Continue reading
Malicious apps can trivially thwart Mojave 10.14's new privacy protections. | Continue reading
Software patching becomes a new reality for smart TV owners. | Continue reading
Researchers say a medium severity bug should now be rated critical because of a new hack technique that allows for remote code execution on MikroTik edge and consumer routers. | Continue reading
This code-signing issue represents a new attack vector, according to the researcher. | Continue reading
Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content. | Continue reading
Android, Debian and Ubuntu users are still at risk. | Continue reading
A lack of authentication in Apple's Device Enrollment Program could allow attackers to scoop up Wi-Fi passwords and VPN configurations. | Continue reading
Hackers see green field opportunities in vulnerable software supply chains. | Continue reading
A recent report found that Google services - with functions like checking maps, the weather, and search - are tracking users even when they deny permission. | Continue reading
Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities. | Continue reading
Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug. | Continue reading
The malicious spyware has also been found in use in countries known for targeting human rights. | Continue reading
The flaws disclosed this month are related to a critical bug previously discovered by VerSprite in April 2018. | Continue reading
A threat actor been spotted on a number of honeypots looking to download and execute malicious cryptomining malware. | Continue reading
Air Canada said 20,000 mobile app users have had passport information exposed; and millions have been affected by a breach at Asian hotel giant Huazhu. | Continue reading
Two vulnerabilities were discovered on Dongguan Diqee-branded vacuum cleaners, Thursday. | Continue reading
The attack targets IKE’s handshake implementation used for IPsec-based VPN connections, opening the door for MiTM attacks or for bad actors to access data carried in VPN sessions. | Continue reading
Configuration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets. | Continue reading
Analytics, advertising and other web scripts can capture information housed in user confirmations for flight bookings, food delivery, medical testing and more. | Continue reading
Project Zero researcher highlights stubborn iOS bugs as an example of why Apple and the rest of the industry needs to take a fresh approach to securing systems. | Continue reading
Researchers found 20 flaws in Samsung’s SmartThings Hub controller - opening up supported third-party smart home devices to attack. | Continue reading
Airport TSA agents don’t check terminals for insecure WiFi networks, so stay on your toes when using hotspots at these airports. | Continue reading
The two teens used the rewards points built up in the accounts to make purchases, before selling the account credentials on the Dark Web. | Continue reading
Researchers said over a dozen malicious docker images available on Docker Hub allowed hackers to earn $90,000 in cryptojacking profits. | Continue reading
A glitch in Auth0 could allow attackers to spoof a legitimate website and collect sensitive information from visitors. | Continue reading
Telcom firm leaves port open on customer routers after maintenance update exposing hundreds of customers to possible attack. | Continue reading
Threatpost talked to several security researchers about what's changed in the past year. | Continue reading
Intel may be facing as many as eight new Spectre-level vulnerabilities in its chips, a German magazine alleges. | Continue reading
The apps are deemed malicious by doing things such as capturing pictures and audio when the app is closed, or making an unusually large amount of network calls. | Continue reading
A backdoor could be exploited to allow an attacker to manipulate the implants and cause heart problems and even death, | Continue reading
Google, Microsoft, security researchers and hacking groups have lined up to protest the bill, which would criminalize unauthorized computer access. | Continue reading