With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions.

At every turn, the info-stealer uses legitimate services to get around normal email, endpoint and network defenses.

Maybe you love your executive team, your security processes, tools, or strategy. Maybe you hate them. Whatever the situation, it's likely at some point that things will have changed.

Disquiet for some as DNS-over-HTTPS is readied for prime time; Apple hits back at Google over iPhone hack warning; and a parody music video tackles phishing head-on

DNS-over-HTTPS sounds as though it should be safer than plain DNS, because of the "HTTPS" part - but not everyone is delighted about it...

Researchers warn that U.S. firms are being targeted with legitimate - but trojanized - documents that are often socially engineered to a tee.

There's another vulnerability in Intel chips, with another catchy name: NetCAT.

Threatpost editors Tara Seals and Lindsey O'Donnell talk about the top news stories of the week - from leaky databases to SIM card attacks.

Crooks made bogus accounts to buy tickets with fake credit cards, resold them to unsuspecting buyers, and left the database-o-fraud wide open.

New tactics aimed at business executives and users are being used to reap greater reward from email based fraud, which continues to rise, researchers said.