April 2020

Most industrial sites deploy firewalls as the first line of defense for their Operations Technology (OT) / industrial networks. However, configuring and managing these firewalls Read More

A website that gives advice on privacy regulation compliance has fixed a security issue that was exposing MySQL database settings — including passwords — to Read More

Several U.S. universities have been targeted in a widespread spear-phishing attack that uses adult dating as a lure. In reality, the emails spread the Hupigon Read More

Microsoft has fixed a subdomain takeover vulnerability in its collaboration platform Microsoft Teams that could have allowed an inside attacker to weaponize a single GIF Read More

For the week ended April 24, Threatpost editors discuss the hottest cybersecurity news stories, including: Download direct here, or listen to the podcast below. Below Read More

As the COVID-19 pandemic continues to force in-person cybersecurity event cancellations, Kaspersky is forging ahead with a virtual security summit, SAS@home. Topics on the agenda Read More

Unknown threat actors have allegedly dumped nearly 25,000 email addresses and passwords from notable organizations involved in the fight against the COVID-19 pandemic, including credentials Read More

Nintendo said over 160,000 accounts have been hacked, due to attackers abusing a legacy login system. Over the past few weeks, Nintendo gamers have been Read More

Cybercriminals are increasingly peddling booby-trapped version of popular apps such as Skype and Signal that contain surveillanceware. Apurva Kumar, security intelligence engineer at Lookout, said Read More

Microsoft has released an out-of-band security update for Microsoft Office, Office 365 ProPlus and Paint 3D. The applications are affected by multiple Autodesk vulnerabilities that, Read More