A collection of Threatpost’s top recorded cybersecurity webinars available on-demand or register for our upcoming 2021 lineup of live events.

Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails ...

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their ...

The Iranian advanced persistent threat (APT) Charming Kitten is sharpening its claws with a new set of tools, including a novel PowerShell backdoor and related stealth tactics, that show the group ...

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

Infosec Insiders Community Browse our curated content, contributed by the Threatpost community of industry experts, technical gurus and thought leaders.