Researchers say the bugs are easy to exploit and will likely be weaponized within a day.

Are you certain your users are working with strong passwords on your Linux servers? Let John the Ripper show you who is and who isn't.

The "PerSwaysion" attackers have leveraged a plethora of Microsoft services to compromise at least 150 executives in a highly targeted phishing campaign.

EventBot is an Android information stealer on its way to becoming a very capable piece of malware.

Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading

The policies are specifically meant to fight spam, but they outlaw tactics taken by malicious extensions as well, including fake reviews.

Threat actors are spreading the tricky trojan through fake messages in another opportunistic COVID-19-related campaign, said IBM X-Force.

We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.

Australia's contact tracing app sparks privacy concerns, Shade ransomware ceases operations, and Google Play deals with malicious apps. Catch up on the week's news with the Friday Five!

The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.

Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins.

Threatpost editors discuss a phishing attack abusing Microsoft Sway, a Microsoft Teams flaws and an Android spyware campaign unearthed this week.

Experts share what it takes to get your security analysts effectively countering threats from their home offices.

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

Cybercriminals are leveraging overwhelmed delivery services to further phishing schemes.

Attackers are exploiting the surge in the use of Microsoft Teams in an attempt to trap unsuspecting users, says Abnormal Security.

The new website is intended to be a one-stop source for information on securing teleworkers and their employers.

Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.

No longer a simple Android banker, Cerberus is now a full-fledged RAT that can take complete control of devices and automatically spread via mobile device management servers.