Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
S3 Ep102: How to avoid a data breach [Audio + Transcript]
September 29
th
2022 at 18:45Β
S3 Ep102: How to avoid a data breach [Audio + Transcript]
By:
Paul Ducklin
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
π·οΈ
My labels
β
Article tags
β
Podcast
data breach
GTA6
Naked Security Podcast
Uber
WhatsApp forwarding
September 29
th
2022 at 18:45
Naked Security
Optus breach β Aussie telco told it will have to pay to replace IDs
September 28
th
2022 at 13:55Β
Optus breach β Aussie telco told it will have to pay to replace IDs
By:
Paul Ducklin
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
data breach
Optus
September 28
th
2022 at 13:55
Naked Security
WhatsApp βzero-day exploitβ news scare β what you need to know
September 27
th
2022 at 18:51Β
WhatsApp βzero-day exploitβ news scare β what you need to know
By:
Paul Ducklin
Is WhatsApp currently under active attack by cybercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
π·οΈ
My labels
β
Article tags
β
Vulnerability
Exploit
vulnerability
WhatsApp
September 27
th
2022 at 18:51
Naked Security
Uber and Rockstar β has a LAPSUS$ linchpin just been busted (again)?
September 24
th
2022 at 22:57Β
Uber and Rockstar β has a LAPSUS$ linchpin just been busted (again)?
By:
Paul Ducklin
Is this the same suspect as before? Is he part of LAPSUS$? Is this the man who hacked Uber and Rockstar? And, if so, who else?
π·οΈ
My labels
β
Article tags
β
Law & order
2FA
hacking
lapsus
Rockstar
Uber
September 24
th
2022 at 22:57
Naked Security
Morgan Stanley fined millions for selling off devices full of customer PII
September 23
rd
2022 at 14:07Β
Morgan Stanley fined millions for selling off devices full of customer PII
By:
Paul Ducklin
Critical data on old disks always seems inaccessible if you really need it. But when you DON''T want it back, guess what happens...
π·οΈ
My labels
β
Article tags
β
Data loss
GDPR compliance
data desctruction
data loss
Encryption
Morgan Stanley
September 23
rd
2022 at 14:07
Naked Security
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
September 22
nd
2022 at 16:42Β
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
π·οΈ
My labels
β
Article tags
β
Data loss
Podcast
2FA
data breach
LastPass
MFA
Naked Security Podcast
Uber
September 22
nd
2022 at 16:42
Naked Security
Interested in cybersecurity? Join us for Security SOS Week 2022!
September 21
st
2022 at 14:24Β
Interested in cybersecurity? Join us for Security SOS Week 2022!
By:
Paul Ducklin
Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.
π·οΈ
My labels
β
Article tags
β
Security events
Security leadership
Event
malware
SOS Week
September 21
st
2022 at 14:24
Naked Security
LastPass source code breach β incident response report released
September 19
th
2022 at 16:59Β
LastPass source code breach β incident response report released
By:
Paul Ducklin
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
π·οΈ
My labels
β
Article tags
β
Data loss
data breach
incident response
LastPass
password
password manager
zero trust
September 19
th
2022 at 16:59
Naked Security
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
September 17
th
2022 at 20:57Β
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
By:
Paul Ducklin
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."
π·οΈ
My labels
β
Article tags
β
Data loss
Podcast
Security leadership
September 17
th
2022 at 20:57
Naked Security
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
September 16
th
2022 at 15:43Β
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
By:
Paul Ducklin
Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?"
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
data breach
hacking
Uber
September 16
th
2022 at 15:43
Naked Security
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
September 15
th
2022 at 18:50Β
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...
s3-ep100-js-1200
π·οΈ
My labels
β
Article tags
β
Podcast
Cybercrime
Deadbolt
Naked Security Podcast
ransomware
Zero Day
September 15
th
2022 at 18:50
Naked Security
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
September 13
th
2022 at 20:52Β
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
By:
Paul Ducklin
Simple but super-sneaky - use a picture of a browser, and convince people it's real...
pipe-light-not-1200
π·οΈ
My labels
β
Article tags
β
Data loss
Phishing
BitB
MitB
MITM
phishing
Scam
September 13
th
2022 at 20:52
Naked Security
Apple patches zero-day holes β even in the brand new iOS 16
September 12
th
2022 at 21:25Β
Apple patches zero-day holes β even in the brand new iOS 16
By:
Paul Ducklin
Five updates, one upgrade, plus two zero-days. Patch your Macs, iPhones and iPads as soon as you can (again)...
apple-plus-16-1200
π·οΈ
My labels
β
Article tags
β
Apple
iOS
OS X
Vulnerability
September 12
th
2022 at 21:25
Naked Security
How to deal with dates and times without any timezone tantrumsβ¦
September 9
th
2022 at 18:59Β
How to deal with dates and times without any timezone tantrumsβ¦
By:
Paul Ducklin
Heartfelt encouragement to embrace RFC 3339 - find out why!
π·οΈ
My labels
β
Article tags
β
Security leadership
rfc 3339
timezone
September 9
th
2022 at 18:59
Naked Security
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
September 8
th
2022 at 13:21Β
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
π·οΈ
My labels
β
Article tags
β
Podcast
Eckersley
Lets Encrypt
Naked Security Podcast
Peter
Tik Tok
September 8
th
2022 at 13:21
Naked Security
DEADBOLT ransomware rears its head again, attacks QNAP devices
September 7
th
2022 at 16:57Β
DEADBOLT ransomware rears its head again, attacks QNAP devices
By:
Paul Ducklin
NAS devices make it easy for anyone to add high-capacity file servers to their network. Guess why cybercrooks love NAS devices too...
π·οΈ
My labels
β
Article tags
β
Ransomware
Deadbolt
QNAP
ransomware
September 7
th
2022 at 16:57
Naked Security
Chrome and Edge fix zero-day security hole β update now!
September 5
th
2022 at 15:12Β
Chrome and Edge fix zero-day security hole β update now!
By:
Paul Ducklin
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Vulnerability
chrome
CVE-2022-3075
Exploit
Patch
Zero Day
September 5
th
2022 at 15:12
Naked Security
Peter Eckersley, co-creator of Letβs Encrypt, dies at just 43
September 4
th
2022 at 00:50Β
Peter Eckersley, co-creator of Letβs Encrypt, dies at just 43
By:
Paul Ducklin
This site, like millions of others, has a certificate from Let's Encrypt. Farewell, Peter Eckersley, PhD, who helped make it all possible.
π·οΈ
My labels
β
Article tags
β
eff
Lets Encrypt
obituary
Peter Eckersley
September 4
th
2022 at 00:50
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
September 1
st
2022 at 16:55Β
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Podcast
airgap
bugs
chrome
data loss
JavaScript
LastPass
vulnerability
September 1
st
2022 at 16:55
Naked Security
URGENT! Apple slips out zero-day update for older iPhones and iPads
August 31
st
2022 at 18:42Β
URGENT! Apple slips out zero-day update for older iPhones and iPads
By:
Paul Ducklin
Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.
π·οΈ
My labels
β
Article tags
β
Apple
iOS
CVE-2022-32893
ios
spyware
webkit
Zero Day
August 31
st
2022 at 18:42
Naked Security
Chrome patches 24 security holes, enables βSanitizerβ safety system
August 31
st
2022 at 11:48Β
Chrome patches 24 security holes, enables βSanitizerβ safety system
By:
Paul Ducklin
24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Vulnerability
buffer overflow
chrome
Sanitizer
use-after-free
vulnerability
XSS
August 31
st
2022 at 11:48
Naked Security
JavaScript bugs aplenty in Node.js ecosystem β found automatically
August 30
th
2022 at 16:59Β
JavaScript bugs aplenty in Node.js ecosystem β found automatically
By:
Paul Ducklin
How to get the better of bugs in all the possible packages in your supply chain?
π·οΈ
My labels
β
Article tags
β
Vulnerability
bug-hunting
cve
JavaScript
vulnerability
August 30
th
2022 at 16:59
Naked Security
LastPass source code breach β do we still recommend password managers?
August 29
th
2022 at 16:59Β
LastPass source code breach β do we still recommend password managers?
By:
Paul Ducklin
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
π·οΈ
My labels
β
Article tags
β
Data loss
breach
LastPass
password manager
August 29
th
2022 at 16:59
Naked Security
Firefox 104 is out β no critical bugs, but update anyway
August 26
th
2022 at 16:27Β
Firefox 104 is out β no critical bugs, but update anyway
By:
Paul Ducklin
Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.
π·οΈ
My labels
β
Article tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
August 26
th
2022 at 16:27
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
August 25
th
2022 at 15:37Β
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer the text version.)
π·οΈ
My labels
β
Article tags
β
Apple
Cryptocurrency
Google
Microsoft
Podcast
Vulnerability
"Edge"
chrome
crypto
cryptocurrency
denial of service
DOS
iPhone
Naked Security Podcast
R&B
Zero Day
August 25
th
2022 at 15:37
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By:
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
π·οΈ
My labels
β
Article tags
β
Data loss
Vulnerability
airgap
Ben Gurion
Ben-Gurion University
data leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
Bitcoin ATMs leeched by attackers who created fake admin accounts
August 23
rd
2022 at 15:35Β
Bitcoin ATMs leeched by attackers who created fake admin accounts
By:
Paul Ducklin
The criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Vulnerability
atm
BTC
crypto
cryptocurrency
General Bytes
phantom withdrawal
vulnerability
August 23
rd
2022 at 15:35
Naked Security
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
August 22
nd
2022 at 16:03Β
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
By:
Paul Ducklin
We haven't validated this vuln ourselves... but the source of the story is impeccable. (Impeccably dressed, at least.)
π·οΈ
My labels
β
Article tags
β
Vulnerability
chen
CVE-2022-38392
Janet Jackson
music
Raymond Chen
resonance
August 22
nd
2022 at 16:03
Naked Security
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
August 18
th
2022 at 14:38Β
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now (or read if you prefer!)
π·οΈ
My labels
β
Article tags
β
Cryptography
Intel
Law & order
Malware
Podcast
Privacy
AEPIC
Conti
healthcare
Naked Security Podcast
ransomware
zoom
August 18
th
2022 at 14:38
Naked Security
Apple patches double zero-day in browser and kernel β update now!
August 17
th
2022 at 23:33Β
Apple patches double zero-day in browser and kernel β update now!
By:
Paul Ducklin
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
π·οΈ
My labels
β
Article tags
β
Apple
iOS
Malware
OS X
Vulnerability
CVE-2022-32893
CVE-2022-32894
ios
iPadOS
jailbreak
macOS
spyware
August 17
th
2022 at 23:33
Naked Security
Chrome browser gets 11 security fixes with 1 zero-day β update now!
August 17
th
2022 at 13:16Β
Chrome browser gets 11 security fixes with 1 zero-day β update now!
By:
Paul Ducklin
Don't delay - patch today.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Vulnerability
August 17
th
2022 at 13:16
Naked Security
US offers reward βup to $10 millionβ for information about the Conti gang
August 16
th
2022 at 16:57Β
US offers reward βup to $10 millionβ for information about the Conti gang
By:
Naked Security writer
Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)
π·οΈ
My labels
β
Article tags
β
Law & order
Ransomware
Conti
ransomware
RfJ
usa
August 16
th
2022 at 16:57
Naked Security
Zoom for Mac patches critical bug β update now!
August 15
th
2022 at 18:26Β
Zoom for Mac patches critical bug β update now!
By:
Paul Ducklin
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...
π·οΈ
My labels
β
Article tags
β
OS X
Vulnerability
CVE-2022-28756
macOS
Wardle
zoom
August 15
th
2022 at 18:26
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
August 11
th
2022 at 14:34Β
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer.)
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Law & order
Malware
Microsoft
Podcast
Privacy
Cybercrime
github
hacking
malware
Naked Security Podcast
quantum computing
August 11
th
2022 at 14:34
Naked Security
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
August 10
th
2022 at 16:59Β
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
By:
Paul Ducklin
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Vulnerability
APIC
CVE-2022-21233
EPIC
SGX
ΓPIC Leak
August 10
th
2022 at 16:59
Naked Security
Slack admits to leaking hashed passwords for five years
August 8
th
2022 at 15:14Β
Slack admits to leaking hashed passwords for five years
By:
Paul Ducklin
"When those invitations went out... somehow, your password hash went out with them."
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
brute force
crack
dictionary attack
hashing
password
salt
Slack
August 8
th
2022 at 15:14
Naked Security
Traffic Light Protocol for cybersecurity responders gets a revamp
August 5
th
2022 at 16:57Β
Traffic Light Protocol for cybersecurity responders gets a revamp
By:
Paul Ducklin
Traffic lights make a handy global metaphor for denoting the sensitivity of cybersecurity threat data - three colours that everyone knows.
π·οΈ
My labels
β
Article tags
β
Security leadership
cybersecurity
MDR
MTR
research
TLP
August 5
th
2022 at 16:57
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
August 4
th
2022 at 16:52Β
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read if that's what you prefer.)
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
cryptocurrency
cryptogram
Cybercrime
Naked Security Podcast
August 4
th
2022 at 16:52
Naked Security
GitHub blighted by βresearcherβ who created thousands of malicious projects
August 3
rd
2022 at 23:06Β
GitHub blighted by βresearcherβ who created thousands of malicious projects
By:
Paul Ducklin
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
π·οΈ
My labels
β
Article tags
β
Law & order
github
malware
supply chain
August 3
rd
2022 at 23:06
Naked Security
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
August 3
rd
2022 at 16:55Β
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
By:
Paul Ducklin
And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.
π·οΈ
My labels
β
Article tags
β
Cryptography
nist
PQC
quantum
quantum computing
SIKE
August 3
rd
2022 at 16:55
Naked Security
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
August 2
nd
2022 at 16:12Β
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
By:
Paul Ducklin
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Vulnerability
cryptocoin
cryptocurrency
DeFi
Nomad
August 2
nd
2022 at 16:12
Naked Security
GnuTLS patches memory mismanagement bug β update now!
August 1
st
2022 at 16:55Β
GnuTLS patches memory mismanagement bug β update now!
By:
Paul Ducklin
GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
CVE-2022-2509
double-free
gnutls
heartbleed
August 1
st
2022 at 16:55
Naked Security
How to celebrate SysAdmin Day!
July 29
th
2022 at 15:37Β
How to celebrate SysAdmin Day!
By:
Paul Ducklin
I've just popped in to wish you all/The best SysAdmin Day!
π·οΈ
My labels
β
Article tags
β
Security leadership
SysAdminDay
SAAD
sysadmin day
July 29
th
2022 at 15:37
Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
July 28
th
2022 at 15:47Β
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Apple
Data loss
Law & order
Mozilla
Podcast
Privacy
Vulnerability
Safari
T-Mobile
vulnerability
Zero Day
July 28
th
2022 at 15:47
Naked Security
Critical Samba bug could let anyone become Domain Admin β patch now!
July 27
th
2022 at 21:15Β
Critical Samba bug could let anyone become Domain Admin β patch now!
By:
Paul Ducklin
It's a serious bug... but there's a fix for it, so you know exactly what to do!
π·οΈ
My labels
β
Article tags
β
Vulnerability
CVE-2022-32744
password reset
Samba
July 27
th
2022 at 21:15
Naked Security
Mild monthly security update from Firefox β but update anyway
July 27
th
2022 at 00:41Β
Mild monthly security update from Firefox β but update anyway
By:
Paul Ducklin
You're probably thinking we're going to say, "Don't delay/Do it today"... and that's exactly what we are saying!
π·οΈ
My labels
β
Article tags
β
Firefox
Mozilla
Vulnerability
clickjacking
vulnerability
July 27
th
2022 at 00:41
Naked Security
T-Mobile to cough up $500 million over 2021 data breach
July 25
th
2022 at 16:20Β
T-Mobile to cough up $500 million over 2021 data breach
By:
Paul Ducklin
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.
π·οΈ
My labels
β
Article tags
β
Data loss
Law & order
Privacy
data breach
T-Mobile
July 25
th
2022 at 16:20
Naked Security
Office macro security: on-again-off-again feature now BACK ON AGAIN!
July 23
rd
2022 at 01:10Β
Office macro security: on-again-off-again feature now BACK ON AGAIN!
By:
Paul Ducklin
20 years to turn it on, then 20 weeks to turn it off, then just 2 weeks to turn it back on again. That's progress!
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Microsoft
Privacy
macros
Office
VBA
July 23
rd
2022 at 01:10
Naked Security
S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]
July 21
st
2022 at 16:25Β
S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]
By:
Paul Ducklin
Latest episode - listen, read or both!
π·οΈ
My labels
β
Article tags
β
Podcast
Facebook
Naked Security Podcast
tips
July 21
st
2022 at 16:25
Naked Security
Apple patches β0-dayβ browser bug fixed 2 weeks ago in Chrome, Edge
July 21
st
2022 at 12:38Β
Apple patches β0-dayβ browser bug fixed 2 weeks ago in Chrome, Edge
By:
Paul Ducklin
One vendor's zero-day is another vendor's routine patch...
π·οΈ
My labels
β
Article tags
β
Apple
Vulnerability
iPad
iPhone
mac
macOS
vulnerability
July 21
st
2022 at 12:38
Naked Security
Last member of Gozi malware troika arrives in US for criminal trial
July 20
th
2022 at 14:56Β
Last member of Gozi malware troika arrives in US for criminal trial
By:
Paul Ducklin
His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...
π·οΈ
My labels
β
Article tags
β
Law & order
Malware
banking malware
bust
Gozi
SpyEye
Zeus
July 20
th
2022 at 14:56
Naked Security
8 months on, US says Log4Shell will be around for βa decade or longerβ
July 18
th
2022 at 16:57Β
8 months on, US says Log4Shell will be around for βa decade or longerβ
By:
Paul Ducklin
When it comes to cybersecurity, ask not what everyone else can do for you...
π·οΈ
My labels
β
Article tags
β
Malware
Vulnerability
CSRB
DHS
Log4j
Log4Shell
Security.txt
July 18
th
2022 at 16:57
Naked Security
7 cybersecurity tips for your summer vacation!
July 15
th
2022 at 16:23Β
7 cybersecurity tips for your summer vacation!
By:
Paul Ducklin
Here you go - seven thoughtful cybersecurity tips to help you travel safely...
π·οΈ
My labels
β
Article tags
β
Privacy
holiday
spycam
surveillance
travel
vacation
Wi-fi
July 15
th
2022 at 16:23
Naked Security
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
July 14
th
2022 at 18:47Β
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.
π·οΈ
My labels
β
Article tags
β
Cryptography
Law & order
Malware
Microsoft
Podcast
AES
Naked Security Podcast
ransomware
RSA
VBA
July 14
th
2022 at 18:47
Naked Security
Facebook 2FA scammers return β this time in just 21 minutes
July 13
th
2022 at 16:46Β
Facebook 2FA scammers return β this time in just 21 minutes
By:
Paul Ducklin
Last time they arrived 28 minutes after lighting up their fake domain... this time it was just 21 minutes
π·οΈ
My labels
β
Article tags
β
Facebook
Phishing
Privacy
2FA
Scam
July 13
th
2022 at 16:46
Naked Security
Paying ransomware crooks wonβt reduce your legal risk, warns regulator
July 12
th
2022 at 13:24Β
Paying ransomware crooks wonβt reduce your legal risk, warns regulator
By:
Paul Ducklin
"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?
π·οΈ
My labels
β
Article tags
β
GDPR compliance
Law & order
Ransomware
Uncategorized
cyberextortion
GCHQ
ico
NCSC
ransomware
July 12
th
2022 at 13:24
Naked Security
That didnβt last! Microsoft turns off the Office security it just turned on
July 11
th
2022 at 13:27Β
That didnβt last! Microsoft turns off the Office security it just turned on
By:
Paul Ducklin
An Office anti-malware setting that took more than 20 years to arrive... and fewer than 20 weeks to vanish again.
π·οΈ
My labels
β
Article tags
β
Malware
Microsoft
Phishing
macro
malware
Office
VBA
July 11
th
2022 at 13:27
Naked Security
Apache βCommons Configurationβ patches Log4Shell-style bug β what you need to know
July 8
th
2022 at 00:59Β
Apache βCommons Configurationβ patches Log4Shell-style bug β what you need to know
By:
Paul Ducklin
It's a bit like Log4J, but for configuration files, not for logging.
π·οΈ
My labels
β
Article tags
β
Vulnerability
Apache Commons
CVE-2022-33980
July 8
th
2022 at 00:59
Naked Security
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
July 7
th
2022 at 14:46Β
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
By:
Paul Ducklin
Listen now! Or read if you prefer...
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Google
Google Chrome
Law & order
Podcast
Vulnerability
2FA
busts
cryptocurrency
Naked Security Podcast
OneCoin
July 7
th
2022 at 14:46
Naked Security
OpenSSL fixes two βone-linerβ crypto bugs β what you need to know
July 6
th
2022 at 16:52Β
OpenSSL fixes two βone-linerβ crypto bugs β what you need to know
By:
Paul Ducklin
"As bad as Heartbleed"? We heard that concern a week ago, but we think it's less ungood than that...
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
AES
openssl
RSA
vulnerability
July 6
th
2022 at 16:52
Load more articles