CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted. The Feds are warning that cybercriminals are bypassing multi-factor authentication (MFA) and successfully attacking cloud services at various U.S. organizations. According to an alert issued Wednesday by the Cybersecurity and Infrastructure Security . . . Read more
A cloud misconfig by SocialArks exposed 318 million records gleaned from Facebook, Instagram and LinkedIn. More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. . . . Read more
Provide your views on ransomware and how to deal with it in our anonymous Threatpost poll.
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. The U.S. government has identified Russia as the “likely” culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which . . . Read more
The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.
Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts. After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and application monitoring will top the . . . Read more
A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year. As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go . . . Read more
Bugcrowd CTO Casey Ellis covers new cybersecurity challenges for online retailers.
David “moose” Wolpoff at Randori explains how hackers pick their targets, and how understanding “hacker logic” can help prioritize defenses. In the past decade or so, we’ve seen a massive shift toward the cloud. The COVID-19 pandemic and associated pivot to remote work has only accelerated this cloud trend, forcing . . . Read more
Threatpost explores 5 big takeaways from 2020 — and what they mean for 2021. Goodbye, 2020 — and good riddance, right? Most of us don’t want to take too much from this year into the next — but let’s make an exception for what we learned about security in the . . . Read more