September 2018

More threat actors are pushing weaponized Excel web query (IQY) files to deliver malicious code – as seen in recent campaigns by several major malspam Read More

The Threatpost team breaks down the biggest news from the week ended Sept. 7. Read More

Two high-severity vulnerabilities have been disclosed in Cisco’s security platform that could allow an attacker to gain administrative privileges – and take full control of Read More

The Justice Department has charged a North Korean man in the hacking of Sony Pictures Entertainment (SPE) in 2014 – as well as the global Read More

The recently discovered Windows zero-day – which still doesn’t have a patch – has been used in the wild for the last week, with an Read More

The systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors are increasingly in the crosshairs of Read More

Mozilla released nine fixes in its Wednesday launch of Firefox 62 for Windows, Mac and Android – including one for a critical glitch that could Read More

Researchers claim that APT10, a likely China-based threat actor, is believed directly connected to the Chinese Ministry of State Security’s (MSS) Tianjin bureau. The allegations come from Read More

A scam campaign involving “.tk” domains has been active since at least May 2018, redirecting unsuspecting users to fake blogger sites that are collectively bringing Read More

Despite huge progress in the vulnerability disclosure process, things remain broken when it comes to vendor-researcher relationships. Case in point: Last year when Leigh-Anne Galloway Read More