Threatpost

The Threatpost team breaks down the top privacy-related data incidents of the week - including data leaks from HCL and a golfing app - and highlights some surprisingly good privacy news.

As passwords are increasingly viewed as security liabilities, Identity Management solutions are picking up the slack.

Coming to America: The Shade ransomware, which has historically targeted Russian victims, was recently spotted expanding its sights.

A new way of tracking mobile users creates a globally unique device fingerprint that browsers and other protections can't stop.

As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.

As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.

The "bestiary" houses six historical threats that combined resulted in at least $95B in damages worldwide.

The two critical cross-site request forgery flaws in the online learning non-profit Khan Academy have been resolved.

SandboxEscaper has released her latest local privilege-escalation exploit for Windows.

Google said it had stored G Suite enterprise users' passwords in plain text since 2005 marking a giant security faux pas.

Mozilla has released a host of fixes for its browser as it rolls out its latest 67 version of Firefox, which touts better speed and privacy.

Intel has issued fixes for a slew of vulnerabilities, separate from the side-channel bugs disclosed last week.

Enjoy the video replay of the recent Threatpost cloud security webinar, featuring a panel of experts offering best practices and ideas for managing data in a cloudified world.

A flaw in the Secure Boot trusted hardware root-of-trust affects enterprise, military and government network gear, including routers, switches and firewalls.

HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.

A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see.

All too often, information-sharing is limited to vertical market silos; to build better defenses, it's time to take a broader view beyond the ISAC.

A glitch in Microsoft's Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist.

An accidental permissions snafu caused a massive outage for all Salesforce customers that continues to affect some businesses.

A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown.