Security News

First, while the most recent versions of this stealthy phish targeted corporate users of Microsoft's Office 365 service, the same approach could be leveraged to ensnare users of many other cloud providers. In early December, security experts at PhishLabs detailed a sophisticated phishing scheme targeting Office 365 users that used a malicious link which took people who clicked to an official Office 365 login page - login.

Threatpost editors discuss this week's biggest news - from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity.

Developer interfaces used by Security Research Labs researchers to turn digital home assistants into ‘Smart Spies’.

We recently showed you how crooks rip off social networking passwords - here's what they do with stolen accounts.

Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters.

Your Instagram account has value to the crooks - so they're coming up with some cunning tricks to get at your passsword.

A round of phishing emails purports to be from job seekers - but actually uses a slew of detection evasion tactics to download malware on victim systems.

The savvy technique of avoiding malicious links in the email allowed the phishing attack to reach its targets.

Spammers and scammers are getting better at spelling and grammar - so make sure you aren't relying on language alone to spot phishes...

Social-Planning Website Says Pre-2014 User Database Has Been StolenOnline invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization...