Threatpost

Manual steps have been replaced by automation.

Comprehensive testing of 21 free Android antivirus apps revealed big security vulnerabilities and privacy concerns; especially for AEGISLAB, BullGuard, dfndr and VIPRE.

Researchers spotted the never-before-seen LookBack malware being used in spearphishing campaigns against three U.S. utilities.

Vast majority of Apple iOS users haven't updated to iOS 12.4, leaving themselves wide open to a public exploit.

Apple's Siri follows Amazon Alexa and Google Home in facing backlash for its data retention policies.

The proxy is being distributed by the RIG and Fallout exploit kits.

Researchers are warning that unpatched flaws found in the Hickory Smart Bluetooth Enabled Deadbolt allow an attacker with access to a victim's phone to break into their houses.

The complaint claims the networking giant knowingly sold bug-riddled software to federal and state governments, that would allow complete network compromise.

The RIG exploit kit and Safari redirects are both in the adversaries' bag of tricks.

A researcher said that he found a Honda ElasticSearch database exposing 40GB of internal system and device data.

In addition, Google’s latest Chrome version implements 43 new security fixes.

Anyone can listen to the camera's audio over the internet.

Threatpost editors discuss the top trends, keynotes and sessions that they look forward to at Black Hat USA and DEF CON 2019.

Hackers with physical access to small aircraft can easily hack the plane's CAN bus system and take control of key navigation systems.

Remote exploitation can be achieved with no user interaction.

A new strain of ransomware is being distributed to Android users via online forums and SMS messages.

Even though mobile data security is less mature than its desktop equivalent, the quality of the information on offer is top-tier.

More than 100 million customers have had their data compromised by a hacker after a cloud misconfiguration at Capital One.

Standard email authentication to prevent spoofing and phishing remains elusive for most.

During this week's Threatpost Podcast, editor Lindsey O'Donnell talks to Jacob Serpa with Bitglass about how more enterprises are struggling with a cloud security conundrum when it comes to public cloud vs on prem.