Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Slack admits to leaking hashed passwords for five years
August 8
th
2022 at 15:14Β
Slack admits to leaking hashed passwords for five years
By:
Paul Ducklin
"When those invitations went out... somehow, your password hash went out with them."
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
brute force
crack
dictionary attack
hashing
password
salt
Slack
August 8
th
2022 at 15:14
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
August 4
th
2022 at 16:52Β
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read if that's what you prefer.)
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
cryptocurrency
cryptogram
Cybercrime
Naked Security Podcast
August 4
th
2022 at 16:52
Naked Security
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
August 3
rd
2022 at 16:55Β
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
By:
Paul Ducklin
And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.
π·οΈ
My labels
β
Article tags
β
Cryptography
nist
PQC
quantum
quantum computing
SIKE
August 3
rd
2022 at 16:55
Naked Security
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
August 2
nd
2022 at 16:12Β
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
By:
Paul Ducklin
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Vulnerability
cryptocoin
cryptocurrency
DeFi
Nomad
August 2
nd
2022 at 16:12
Naked Security
GnuTLS patches memory mismanagement bug β update now!
August 1
st
2022 at 16:55Β
GnuTLS patches memory mismanagement bug β update now!
By:
Paul Ducklin
GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
CVE-2022-2509
double-free
gnutls
heartbleed
August 1
st
2022 at 16:55
Naked Security
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
July 14
th
2022 at 18:47Β
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.
π·οΈ
My labels
β
Article tags
β
Cryptography
Law & order
Malware
Microsoft
Podcast
AES
Naked Security Podcast
ransomware
RSA
VBA
July 14
th
2022 at 18:47
Naked Security
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
July 7
th
2022 at 14:46Β
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
By:
Paul Ducklin
Listen now! Or read if you prefer...
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Google
Google Chrome
Law & order
Podcast
Vulnerability
2FA
busts
cryptocurrency
Naked Security Podcast
OneCoin
July 7
th
2022 at 14:46
Naked Security
OpenSSL fixes two βone-linerβ crypto bugs β what you need to know
July 6
th
2022 at 16:52Β
OpenSSL fixes two βone-linerβ crypto bugs β what you need to know
By:
Paul Ducklin
"As bad as Heartbleed"? We heard that concern a week ago, but we think it's less ungood than that...
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
AES
openssl
RSA
vulnerability
July 6
th
2022 at 16:52
Naked Security
Canadian cybercriminal pleads guilty to βNetWalkerβ attacks in US
July 4
th
2022 at 14:09Β
Canadian cybercriminal pleads guilty to βNetWalkerβ attacks in US
By:
Paul Ducklin
Bust in Canada, now bust in the USA as well.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
Ransomware
bitcoin
bust
Netwalker
ransomware
revil
July 4
th
2022 at 14:09
Naked Security
βMissing Cryptoqueenβ hits the FBIβs Ten Most Wanted list
July 1
st
2022 at 16:49Β
βMissing Cryptoqueenβ hits the FBIβs Ten Most Wanted list
By:
Paul Ducklin
The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
crypto
cryptocoin
cryptoqueen
Ignatova
Scam
July 1
st
2022 at 16:49
Naked Security
S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
June 30
th
2022 at 12:57Β
S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
By:
Paul Ducklin
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Law & order
Podcast
Vulnerability
crypto
cryptocurrency
extortion
Naked Security Podcast
openssl
scammers
June 30
th
2022 at 12:57
Naked Security
Harmony blockchain loses nearly $100M due to hacked private keys
June 27
th
2022 at 18:14Β
Harmony blockchain loses nearly $100M due to hacked private keys
By:
Paul Ducklin
The crooks needed at least two private keys, each stored in two parts... but they got them anyway.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Data loss
crypto
ether
hack
Harmony
June 27
th
2022 at 18:14
Naked Security
OpenSSL issues a bugfix for the previous bugfix
June 24
th
2022 at 15:32Β
OpenSSL issues a bugfix for the previous bugfix
By:
Paul Ducklin
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
command injection
crypto
openssl
June 24
th
2022 at 15:32
Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
June 23
rd
2022 at 11:08Β
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
By:
Paul Ducklin
Latest epsiode - listen (or read) now!
π·οΈ
My labels
β
Article tags
β
Amazon
Cryptocurrency
Data loss
Law & order
Malware
Podcast
Privacy
bust
data breach
hacking
Interpol
Naked Security Podcast
phone scams
scammers
June 23
rd
2022 at 11:08
Naked Security
Capital One identity theft hacker finally gets convicted
June 21
st
2022 at 15:24Β
Capital One identity theft hacker finally gets convicted
By:
Paul Ducklin
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
π·οΈ
My labels
β
Article tags
β
Data loss
Law & order
Malware
capital one
cryptojacking
data breach
doj
SSN
June 21
st
2022 at 15:24
Naked Security
He sold cracked passwords for a living β now heβs serving 4 years in prison
May 13
th
2022 at 15:31Β
He sold cracked passwords for a living β now heβs serving 4 years in prison
By:
Paul Ducklin
Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...
π·οΈ
My labels
β
Article tags
β
Cryptography
Law & order
bust
cracking
Cybercrime
doj
May 13
th
2022 at 15:31
Naked Security
S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]
April 21
st
2022 at 13:41Β
S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]
By:
Paul Ducklin
Do you know your Adam Osborne from your John Osbourne? Your Z80 from your 6502? Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Law & order
Podcast
Beanstalk
cryptocurrency
Cybercrime
Naked Security Podcast
April 21
st
2022 at 13:41
Naked Security
Critical cryptographic Java security blunder patched β update now!
April 20
th
2022 at 16:43Β
Critical cryptographic Java security blunder patched β update now!
By:
Paul Ducklin
Either know the private key and use it scrupulously in your digital signature calculation.... or just send a bunch of zeros instead.
π·οΈ
My labels
β
Article tags
β
Cryptography
Java
Oracle
Vulnerability
CVE-2022-21449
digital signature
vulnerability
April 20
th
2022 at 16:43
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
April 19
th
2022 at 16:00Β
Beanstalk cryptocurrency heist: scammer votes himself all the money
By:
Paul Ducklin
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Vulnerability
Blockchain
cryptocoin
cryptocurrency
vulnerability
April 19
th
2022 at 16:00
Naked Security
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
April 14
th
2022 at 13:39Β
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
darkweb
Hydra
iot
Naked Security Podcast
PQC
quantum computing
robot
takedown
April 14
th
2022 at 13:39
Naked Security
US cryptocurrency coder gets 5 years for North Korea sanctions busting
April 13
th
2022 at 15:52Β
US cryptocurrency coder gets 5 years for North Korea sanctions busting
By:
Naked Security writer
Cryptocurrency expert didn't take "No" for an answer when the US authorities said he couldn't pursue cryptocoin opps in North Korea.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
bust
doj
FBI
North Korea
April 13
th
2022 at 15:52
Naked Security
OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default
April 11
th
2022 at 16:58Β
OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default
By:
Paul Ducklin
Useful quantum computers might not actually be possible. But what if they are? And what if they arrive, say, tomorrow?
cat-1200
π·οΈ
My labels
β
Article tags
β
Cryptography
NTRU Prime
openssh
quantum computing
April 11
th
2022 at 16:58
Naked Security
Serious Security: Darkweb drugs market Hydra taken offline by German police
April 6
th
2022 at 16:22Β
Serious Security: Darkweb drugs market Hydra taken offline by German police
By:
Paul Ducklin
Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English...
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
bust
cryptocurrency
dark web
darkweb
Hydra
takedown
April 6
th
2022 at 16:22
Naked Security
UK police arrest 7 hacking suspects β have they bust the LAPSUS$ gang?
March 25
th
2022 at 01:48Β
UK police arrest 7 hacking suspects β have they bust the LAPSUS$ gang?
By:
Naked Security writer
Seven alleged hackers have been arrested in the UK. But who are they, and which hacking crew are they from?
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
bust
Cybercrime
DEV-0537
hacking
lapsus
March 25
th
2022 at 01:48
Naked Security
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
March 24
th
2022 at 13:49Β
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Malware
Podcast
Vulnerability
CafePress
data breach
ftc
lapsus
Naked Security Podcast
March 24
th
2022 at 13:49
Naked Security
OpenSSL patches infinite-loop DoS bug in certificate verification
March 18
th
2022 at 17:59Β
OpenSSL patches infinite-loop DoS bug in certificate verification
By:
Paul Ducklin
When it comes to writing loops in your code... never sit on the fence!
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
CVE-2022-0778
DOS
openssl
ormandy
vulnerability
March 18
th
2022 at 17:59
Naked Security
Beware bogus Betas β cryptocoin scammers abuse Appleβs TestFlight system
March 16
th
2022 at 15:49Β
Beware bogus Betas β cryptocoin scammers abuse Appleβs TestFlight system
By:
Paul Ducklin
"Install this moneymaking app" - this one is so special that it isn't available on Google Play or the App Store!
π·οΈ
My labels
β
Article tags
β
Apple
Cryptocurrency
iOS
Malware
cryptocoin scam
CryptoRom
fake app
malware
scammer
TestFlight
March 16
th
2022 at 15:49
Naked Security
Cryptocoin ATMs ruled illegal β βShut down at onceβ, says regulator
March 14
th
2022 at 17:51Β
Cryptocoin ATMs ruled illegal β βShut down at onceβ, says regulator
By:
Paul Ducklin
If you live in the UK and hadn't yet heard of cryptocoin ATMs... it's too late now!
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
cryptcoins
Money Laundering
scams
March 14
th
2022 at 17:51
Naked Security
Alleged Kaseya ransomware attacker arrives in Texas for trial
March 11
th
2022 at 14:59Β
Alleged Kaseya ransomware attacker arrives in Texas for trial
By:
Naked Security writer
The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
Ransomware
bust
Kaseya
ransomware
March 11
th
2022 at 14:59
Naked Security
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
February 17
th
2022 at 17:12Β
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
By:
Paul Ducklin
Latest episode - listen and learn!
π·οΈ
My labels
β
Article tags
β
Podcast
Adobe
Apple
bitcoin
bust
cryptocoins
cryptocurrency
Google
Naked Security Podcast
February 17
th
2022 at 17:12
Naked Security
S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]
February 10
th
2022 at 01:15Β
S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Law & order
Microsoft
Podcast
Security threats
bust
cryptocurrency
Cybercrime
Naked Security Podcast
February 10
th
2022 at 01:15
Naked Security
Self-styled βCrocodile of Wall Streetβ arrested with husband over Bitcoin megaheist
February 9
th
2022 at 14:44Β
Self-styled βCrocodile of Wall Streetβ arrested with husband over Bitcoin megaheist
By:
Naked Security writer
The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion!
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Law & order
Big Bitcoin Heist
bitcoin
BTC
bust
cryptocurrency
doj
quantum cryptography
February 9
th
2022 at 14:44
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
February 4
th
2022 at 17:38Β
Wormhole cryptotrading company turns over $340,000,000 to criminals
By:
Paul Ducklin
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Blockchain
Jump Crypto
smart contract
Wormhole
February 4
th
2022 at 17:38
Naked Security
S3 Ep67: Tax scams, carder busts and crypto capers [Podcast + Transcript]
January 27
th
2022 at 17:57Β
S3 Ep67: Tax scams, carder busts and crypto capers [Podcast + Transcript]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Podcast
2FA
cryptocurrency
Naked Security Podcast
scams
January 27
th
2022 at 17:57
Naked Security
Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft
January 21
st
2022 at 16:25Β
Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft
By:
Paul Ducklin
The company has put out a brief security report that summarises the 'what', but not yet the 'how' or 'why'.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Vulnerability
2FA
Crypto.com
cryptocurrency
January 21
st
2022 at 16:25
Naked Security
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
January 20
th
2022 at 17:28Β
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
By:
Paul Ducklin
Latest epsiode - listen now!
π·οΈ
My labels
β
Article tags
β
Apple
iOS
Law & order
Linux
Microsoft
Podcast
Vulnerability
Cryptography
Cybercrime
Loinux
Naked Security Podcast
Windows
January 20
th
2022 at 17:28
Naked Security
Serious Security: Linux full-disk encryption bug fixed β patch now!
January 14
th
2022 at 17:58Β
Serious Security: Linux full-disk encryption bug fixed β patch now!
By:
Paul Ducklin
Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.
π·οΈ
My labels
β
Article tags
β
Cryptography
cryptsetup
Linux
January 14
th
2022 at 17:58
Naked Security
Plundered bitcoins recovered by FBI β all 3,879-and-one-sixth of them!
December 22
nd
2021 at 17:57Β
Plundered bitcoins recovered by FBI β all 3,879-and-one-sixth of them!
By:
Paul Ducklin
Phew! An audacious crime... that didn't work out.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
bitcoin
cyberheist
doj
Japan
December 22
nd
2021 at 17:57
Naked Security
Serious Security: OpenSSL fixes βerror conflationβ bugs β how mixing up mistakes can lead to trouble
December 17
th
2021 at 17:57Β
Serious Security: OpenSSL fixes βerror conflationβ bugs β how mixing up mistakes can lead to trouble
By:
Paul Ducklin
Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!
π·οΈ
My labels
β
Article tags
β
Cryptography
CVE-2021-4044
openssl
Patching
vulnerability
December 17
th
2021 at 17:57
Naked Security
Cryptocurrency startup fails to subtract before adding, loses $31m
December 6
th
2021 at 15:50Β
Cryptocurrency startup fails to subtract before adding, loses $31m
By:
Paul Ducklin
Think of a number, any number. Take away 42. Add 42 back in. Then pretend you didn't take away 42. How much is left?
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
cryptocoin
cryptocurrency
race condition
December 6
th
2021 at 15:50
Naked Security
Mozilla patches critical βBigSigβ cryptographic bug: Hereβs how to track it down and fix it
December 3
rd
2021 at 17:58Β
Mozilla patches critical βBigSigβ cryptographic bug: Hereβs how to track it down and fix it
By:
Paul Ducklin
Mozilla's cryptographic code had a critical bug. Problem is that numerous apps are affected and may need patching individually.
π·οΈ
My labels
β
Article tags
β
Mozilla
Vulnerability
Cryptography
NSS
vulnerability
December 3
rd
2021 at 17:58
Naked Security
Cloud Security: Donβt wait until your next bill to find out about an attack!
November 26
th
2021 at 17:58Β
Cloud Security: Donβt wait until your next bill to find out about an attack!
By:
Paul Ducklin
Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
cloud security
cryptomining
Google Cloud
November 26
th
2021 at 17:58
Naked Security
Samba update patches plaintext password plundering problem
November 12
th
2021 at 17:59Β
Samba update patches plaintext password plundering problem
By:
Paul Ducklin
When Microsoft itself says STOP USING X, where X is one of its own protocols... we think you should listen.
π·οΈ
My labels
β
Article tags
β
Cryptography
legacy
plaintext
Samba
SMB1
November 12
th
2021 at 17:59
There are no more articles
β
Mark all as read