Using a real Office 365 account at a legitimate company to send out lures helps phishers evade email defenses.

The country’s National Cyber Security Centre has more positive news on voluntary self-reporting

The web skimmer has been spotted on at least 17 popular eCommerce websites, a new Visa alert warns.

From serving as an artillery Marine to working a help desk, a baker's dozen of security pros share experiences that had the greatest influence on their careers.

Threatpost talks to Anthony di Bello with OpenText, at ENFUSE 2019, about the successes and failures of security regulations, and how companies are changing as they struggle to keep up with compliancy issues.

White-hat hackers using never-before-seen zero days against popular applications and devices against competed at two-day gathering in Chengdu.

$500 awarded for CSS injection vulnerability

US intelligence agencies won’t harvest US residents’ geolocation data in future investigations, revealed the US government this month.

The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.

Prosecutors allege that Meiggs and Harrington took over their targets' mobile phone and email accounts via SIM-swapping.