Fifty-one million iMesh accounts are for sale on Dark Web for $700, bringing the number of user accounts tied to recent breaches to over 700 million.

More than a year after hackers managed to manipulate the system the Internal Revenue Service has reinstated its Get Transcript service.

Netgear on Friday released firmware updates for two of its router products lines, patching vulnerabilities that were reported six months ago. Users should update to firmware version 1.0.0.59, which includes fixes for an authentication bypass vulnerability and also addresses a hard-coded cryptographic key embedded in older versions of the firmware. A vulnerability note published by...

For close to a month, the master encryption key unlocking files ravaged by TeslaCrypt has been publicly available, putting an end to a profitable strain of ransomware. In the weeks since, various decryptors have been developed that can be used to unlock files. Kaspersky Lab, for one, updated its Rakhni utility to include TeslaCrypt v3...

Mike Mimoso and Chris Brook discuss news from the week, including how the recent data breaches have fed off password reuse, how a Canadian university paid $20K CDN following a ransomware attack, a scan that showed a lack of secured services on the internet, and more. Download: Threatpost_News_Wrap_June_9_2016.mp3 Music by Chris Gonsalves

Twitter has forced a password reset on an unnamed number of accounts exposed this week in a dump of 32.8 million account names and credentials. A Russian hacker known as Tessa88 has been involved in a number of recent password disclosures with Twitter being the most recent. He shared the cache of Twitter data with...

A Windows zero-day for sale on the black market for $90,000 just received a price drop. The flaw that allegedly leaves all versions of Windows users exposed to a local privilege escalation (LPE) vulnerability can now be snatched up for $85,000. According to Trustwave, which has been monitoring the price, this is the second price drop...

BitTorrent has warned users of its uTorrent client to change their passwords after a third-party breach allowed hackers to walk off with a list of its forum users. “On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums,” the company said in an advisory this week....

A high-severity vulnerability in Google’s Chrome browser that allows attackers to execute code on targeted systems via a PDF exploit has been patched by Google. Researchers at Cisco said users were at risk if they were enticed to view a specially crafted PDF document with an embedded jpeg2000 image within Google’s Chrome default PDF viewer, called...

Tens of millions of Twitter account records including cleartext passwords are up for sale on a black market site, the latest cache of bundled credentials for major online services to be made available. The Twitter records have been analyzed by LeakedSource, which said in a post yesterday that a Russian hacker known as Tessa88 provided...