Threatpost

Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols.

Here are 10 top takeaways from Intel's most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week.

Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting.

Microsoft Patch Tuesday security bulletin tackles 22 critical vulnerabilities.

A massive update addresses the breadth of the computing giant's product portfolio.

Intel has disclosed a new class of speculative execution side channel attacks.

Adobe has issued patches for 87 vulnerabilities on Patch Tuesday - the bulk of which exist in Adobe's Acrobat and Reader product.

The bug is remotely exploitable without authentication or user interaction.

WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones.

Cynet  protects the entire internal environment – including hosts, files, users and the network.

The two high-severity bugs impact a wide array of enterprise, military and government networks.

A Twitter glitch "inadvertently" leaked iOS users' location data to an unnamed partner.

In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT.

From ZIP attachments spreading Gandcrab, to DOC files distributing Trickbot, researchers tracked five widescale spam campaigns in 2019 that have made use of malicious attachments.

Using a bug patched in March, the attacks are starting to ramp up worldwide.

From a creepy Airbnb incident to Verizon's Data Breach Investigations Report, Threatpost editors break down the top privacy and security stories for the week ended May 10.

The WannaCry attack proved pivotal, changing the way organizations go about securing their environments.

Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.

Nigerian scam groups launched even more attacks in 2018 - and used more complex types of malware to reach more victims.

A simple Wireshark analysis was enough to subvert the gadget, which uses iris identification to protect the drive.