Security news aggregator

Latest coverage for Journalist

Journalists may handle sensitive sources, investigate cyber incidents, and face risks involving surveillance, phishing, and data exposure.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Journalists gather, verify, and publish information, often handling unpublished documents, confidential source identities, and sensitive communications. Their security relevance is concentrated in protecting source confidentiality, editorial materials, accounts, and personal safety from targeted phishing, account takeover, device compromise, surveillance, or theft of stored data.

Useful controls include phishing-resistant multifactor authentication, prompt patching, encrypted communications and storage, strong separation between personal and reporting accounts, and careful handling of identifying metadata such as file histories and location data. Security planning should also cover source verification, secure transfer and deletion procedures, device and travel risks, and a response plan to revoke sessions, preserve evidence, assess exposed sources, and communicate through trusted channels after a suspected compromise.

Showing 2 most recent headlines Filtered view
Krebs on Security 2 years, 3 months ago

Thread Hijacking: Phishes That Prey on Your Curiosity

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient's natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here's the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop.