“People think they’re going to put on a cute filter and have puppy dog ears, and not realize that that data’s being collected.”

Google has updated its Smart Lock to let iOS users security-dongle-ize their iPhones.

The January 2020 update featured a joint record of 334 patches, matching an identical number released in July 2018.

As more troops are deployed to the Middle East, the U.S. military fears OPSEC failures, an app exposed the sensitive data of babies, and a site helping Australian bushfire victims becomes a victim itself - catch up on the week's news with the Friday Five.

By inserting themselves into business emails among employees, cybercriminals can trick victims into wiring money or sharing payment information, says security firm Barracuda Networks.

Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links.

You'll get the best results when you're clear on what you want to accomplish from a pen test.

The agency changed its policy to provide more timely and actionable information to state and local election officials in the case of a cybersecurity breach to election infrastructure.

Following a year that saw the fewest number of vulnerabilities reported since 2015, Oracle's latest quarterly patch fixes nearly 200 new vulnerabilities.

The website, WeLeakData.com, claimed to have more than 12 billion records gathered from over 10,000 breaches.

A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019.

Our tips will help you boost your resistance to phishing, even when the crooks make a determined effort to reel you in.

Are publicly released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week's news wrap.

CES 2020: A "hacked" robot was on display to demonstrate how SigmaDots serverless architecture is poised to fend off IoT security threats.

Are publicly released proof-of-concept (PoC) exploits more helpful for system defenders — or bad actors?

IoT security is becoming a top-of-mind priority in the personal care industry. Essence group believes it has the solution and had it on display at CES 2020.

Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.

The WeLeakInfo "data breach notification" domain is no more.

Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.

Commentary: As more workloads move to the cloud, developers need help with security. Find out how the startup Cyral is helping to improve data security in the cloud.