DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails ...

Browse our curated content, contributed by the Threatpost community of industry experts, technical gurus and thought leaders.

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

SEGA's disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a "missed chat" from Microsoft Teams.

Sign-up for the Threatpost Newsletter to stay current with breaking security news, the latest threats, the best ways to stay protected against those threats, and participate in the discussions ...

Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours.

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

Dennis Fisher is a journalist with more than 13 years of experience covering information security.

A collection of Threatpost’s top recorded cybersecurity webinars available on-demand or register for our upcoming 2021 lineup of live events.

Academic researchers carry out attacks on high-end commercial devices as well as narrowband IoT sensors.