Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
October 20
th
2022 at 16:54Β
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By:
Paul Ducklin
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Microsoft
Podcast
Privacy
data breach
Naked Security Podcast
Office
Patch Tuesday
zoom
October 20
th
2022 at 16:54
Naked Security
Women in Cryptology β USPS celebrates WW2 codebreakers
October 19
th
2022 at 16:58Β
Women in Cryptology β USPS celebrates WW2 codebreakers
By:
Paul Ducklin
What did you do in the war, Mom? Oh, y'know, a bit of this and that...
π·οΈ
My labels
β
Article tags
β
Cryptography
October 19
th
2022 at 16:58
Naked Security
Zoom for Mac patches sneaky βspy-on-meβ bug β update now!
October 18
th
2022 at 15:58Β
Zoom for Mac patches sneaky βspy-on-meβ bug β update now!
By:
Paul Ducklin
Hey! That back door isn't supposed to be there at all, let alone propped open...
π·οΈ
My labels
β
Article tags
β
Uncategorized
CVE-2022-28762
snooping
spyware
vulnerabiloity
zoom
October 18
th
2022 at 15:58
Naked Security
Dangerous hole in Apache Commons Text β like Log4Shell all over again
October 18
th
2022 at 16:26Β
Dangerous hole in Apache Commons Text β like Log4Shell all over again
By:
Paul Ducklin
Third time unlucky. Time to put your patching boots on again...
act-1200
π·οΈ
My labels
β
Article tags
β
Vulnerability
Apache
Apache Commons Text
CVE-2022-42889
Log4j
Log4Shell
string interpolation
October 18
th
2022 at 16:26
Naked Security
Fashion brand SHEIN fined $1.9m for lying about data breach
October 17
th
2022 at 16:50Β
Fashion brand SHEIN fined $1.9m for lying about data breach
By:
Naked Security writer
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
π·οΈ
My labels
β
Article tags
β
Data loss
GDPR compliance
cover-up
data breach
New York
ROMWE
SHEIN
Zoetop
October 17
th
2022 at 16:50
Naked Security
Serious Security: Microsoft Office 365 attacked over feeble encryption
October 14
th
2022 at 16:59Β
Serious Security: Microsoft Office 365 attacked over feeble encryption
By:
Paul Ducklin
How 2022 is your encryption?
π·οΈ
My labels
β
Article tags
β
Cryptography
Microsoft
ECB
Office
Windows
October 14
th
2022 at 16:59
Naked Security
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
October 13
th
2022 at 16:37Β
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
By:
Paul Ducklin
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...
π·οΈ
My labels
β
Article tags
β
Apple
iOS
Podcast
Ransomware
ada
Ada Lovelace
iPhone
Naked Security Podcast
Netwalker
ransomware
Sullivan
Uber
WhatsApp
October 13
th
2022 at 16:37
Naked Security
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
October 12
th
2022 at 16:58Β
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
By:
Paul Ducklin
There's a zero-day patch, but it's not for the zero-day you thought.
π·οΈ
My labels
β
Article tags
β
Microsoft
Vulnerability
Windows
0 day
Exploit
Patch Tuesday
vulnerability
October 12
th
2022 at 16:58
Naked Security
Move over Patch Tuesday β itβs Ada Lovelace Day!
October 11
th
2022 at 15:22Β
Move over Patch Tuesday β itβs Ada Lovelace Day!
By:
Paul Ducklin
Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine.
π·οΈ
My labels
β
Article tags
β
Machine Learning
ada
Ada Lovelace Day
Alan Turing
babbage
computer science
Lady Lovelace
October 11
th
2022 at 15:22
Naked Security
Mystery iPhone update patches against iOS 16 mail crash-attack
October 11
th
2022 at 00:28Β
Mystery iPhone update patches against iOS 16 mail crash-attack
By:
Paul Ducklin
The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages...
π·οΈ
My labels
β
Article tags
β
Apple
iOS
Vulnerability
crash-of-death
CVE-2022-22658
ios
October 11
th
2022 at 00:28
Naked Security
Serious Security: OAuth 2 and why Microsoft is finally forcing you into it
October 10
th
2022 at 14:02Β
Serious Security: OAuth 2 and why Microsoft is finally forcing you into it
By:
Paul Ducklin
Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.
π·οΈ
My labels
β
Article tags
β
Cryptography
Microsoft
Podcast
exchange
Modern Auth
Oath
oauth
TOTP
October 10
th
2022 at 14:02
Naked Security
WhatsApp goes after Chinese password scammers via US court
October 7
th
2022 at 16:14Β
WhatsApp goes after Chinese password scammers via US court
By:
Paul Ducklin
If you can't beat 'em, sue 'em!
π·οΈ
My labels
β
Article tags
β
Malware
Android
Google Play
malware
Meta
scammers
WhatsApp
October 7
th
2022 at 16:14
Naked Security
S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]
October 6
th
2022 at 14:43Β
S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]
By:
Paul Ducklin
Latest episode - listen and learn now (or read and revise, if the written word is your thing)...
π·οΈ
My labels
β
Article tags
β
Law & order
Microsoft
Podcast
:ProxyNotShell
BEC
bust
exchange
Exploit
Naked Security Podcast
robocalls
romance scam
vulnerability
October 6
th
2022 at 14:43
Naked Security
Former Uber CSO convicted of covering up megabreach back in 2016
October 6
th
2022 at 01:04Β
Former Uber CSO convicted of covering up megabreach back in 2016
By:
Naked Security writer
Obstructed FTC proceedings, and concealed a crime, said the jury.
π·οΈ
My labels
β
Article tags
β
Data loss
GDPR compliance
Privacy
Sullivan
Uber
October 6
th
2022 at 01:04
Naked Security
NetWalker ransomware affiliate sentenced to 20 years by Florida court
October 5
th
2022 at 16:55Β
NetWalker ransomware affiliate sentenced to 20 years by Florida court
By:
Naked Security writer
Judge tells the accused that if he hadn't pleaded guilty, "I would have given you life."
π·οΈ
My labels
β
Article tags
β
Law & order
Ransomware
bust
Desjardins
Netwalker
ransomware
October 5
th
2022 at 16:55
Naked Security
BEC fraudster and romance scammer sent to prison for 25 years
October 4
th
2022 at 19:12Β
BEC fraudster and romance scammer sent to prison for 25 years
By:
Paul Ducklin
Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth.
rs-1200
π·οΈ
My labels
β
Article tags
β
Law & order
Privacy
Cybermonth
BEC
bust
romance scam
October 4
th
2022 at 19:12
Naked Security
Scammers and rogue callers β can anything ever stop them?
October 4
th
2022 at 00:06Β
Scammers and rogue callers β can anything ever stop them?
By:
Paul Ducklin
Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?
π·οΈ
My labels
β
Article tags
β
Law & order
cold callers
do not call
scam calls
TPS
October 4
th
2022 at 00:06
Naked Security
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
October 1
st
2022 at 14:05Β
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
By:
Paul Ducklin
Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...
π·οΈ
My labels
β
Article tags
β
Microsoft
Podcast
Vulnerability
:ProxyNotShell
chester wisniewski
CVE-2022-41040
CVE-2022-41042
exchange
Zero Day
October 1
st
2022 at 14:05
Naked Security
URGENT! Microsoft Exchange double zero-day β βlike ProxyShell, only differentβ
September 30
th
2022 at 13:25Β
URGENT! Microsoft Exchange double zero-day β βlike ProxyShell, only differentβ
By:
Paul Ducklin
Double-play 0-day in Exchange - what you need to know, and what you can do
π·οΈ
My labels
β
Article tags
β
Microsoft
Vulnerability
CVE-2022-41040
CVE-2022-41082
exchange
vulnerability
Zero Day
September 30
th
2022 at 13:25
Naked Security
S3 Ep102: How to avoid a data breach [Audio + Transcript]
September 29
th
2022 at 18:45Β
S3 Ep102: How to avoid a data breach [Audio + Transcript]
By:
Paul Ducklin
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
π·οΈ
My labels
β
Article tags
β
Podcast
data breach
GTA6
Naked Security Podcast
Uber
WhatsApp forwarding
September 29
th
2022 at 18:45
Naked Security
Optus breach β Aussie telco told it will have to pay to replace IDs
September 28
th
2022 at 13:55Β
Optus breach β Aussie telco told it will have to pay to replace IDs
By:
Paul Ducklin
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
data breach
Optus
September 28
th
2022 at 13:55
Naked Security
WhatsApp βzero-day exploitβ news scare β what you need to know
September 27
th
2022 at 18:51Β
WhatsApp βzero-day exploitβ news scare β what you need to know
By:
Paul Ducklin
Is WhatsApp currently under active attack by cybercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
π·οΈ
My labels
β
Article tags
β
Vulnerability
Exploit
vulnerability
WhatsApp
September 27
th
2022 at 18:51
Naked Security
Uber and Rockstar β has a LAPSUS$ linchpin just been busted (again)?
September 24
th
2022 at 22:57Β
Uber and Rockstar β has a LAPSUS$ linchpin just been busted (again)?
By:
Paul Ducklin
Is this the same suspect as before? Is he part of LAPSUS$? Is this the man who hacked Uber and Rockstar? And, if so, who else?
π·οΈ
My labels
β
Article tags
β
Law & order
2FA
hacking
lapsus
Rockstar
Uber
September 24
th
2022 at 22:57
Naked Security
Morgan Stanley fined millions for selling off devices full of customer PII
September 23
rd
2022 at 14:07Β
Morgan Stanley fined millions for selling off devices full of customer PII
By:
Paul Ducklin
Critical data on old disks always seems inaccessible if you really need it. But when you DON''T want it back, guess what happens...
π·οΈ
My labels
β
Article tags
β
Data loss
GDPR compliance
data desctruction
data loss
Encryption
Morgan Stanley
September 23
rd
2022 at 14:07
Naked Security
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
September 22
nd
2022 at 16:42Β
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
π·οΈ
My labels
β
Article tags
β
Data loss
Podcast
2FA
data breach
LastPass
MFA
Naked Security Podcast
Uber
September 22
nd
2022 at 16:42
Naked Security
Interested in cybersecurity? Join us for Security SOS Week 2022!
September 21
st
2022 at 14:24Β
Interested in cybersecurity? Join us for Security SOS Week 2022!
By:
Paul Ducklin
Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.
π·οΈ
My labels
β
Article tags
β
Security events
Security leadership
Event
malware
SOS Week
September 21
st
2022 at 14:24
Naked Security
LastPass source code breach β incident response report released
September 19
th
2022 at 16:59Β
LastPass source code breach β incident response report released
By:
Paul Ducklin
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
π·οΈ
My labels
β
Article tags
β
Data loss
data breach
incident response
LastPass
password
password manager
zero trust
September 19
th
2022 at 16:59
Naked Security
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
September 17
th
2022 at 20:57Β
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
By:
Paul Ducklin
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."
π·οΈ
My labels
β
Article tags
β
Data loss
Podcast
Security leadership
September 17
th
2022 at 20:57
Naked Security
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
September 16
th
2022 at 15:43Β
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
By:
Paul Ducklin
Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?"
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
data breach
hacking
Uber
September 16
th
2022 at 15:43
Naked Security
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
September 15
th
2022 at 18:50Β
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...
s3-ep100-js-1200
π·οΈ
My labels
β
Article tags
β
Podcast
Cybercrime
Deadbolt
Naked Security Podcast
ransomware
Zero Day
September 15
th
2022 at 18:50
Naked Security
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
September 13
th
2022 at 20:52Β
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
By:
Paul Ducklin
Simple but super-sneaky - use a picture of a browser, and convince people it's real...
pipe-light-not-1200
π·οΈ
My labels
β
Article tags
β
Data loss
Phishing
BitB
MitB
MITM
phishing
Scam
September 13
th
2022 at 20:52
Naked Security
Apple patches zero-day holes β even in the brand new iOS 16
September 12
th
2022 at 21:25Β
Apple patches zero-day holes β even in the brand new iOS 16
By:
Paul Ducklin
Five updates, one upgrade, plus two zero-days. Patch your Macs, iPhones and iPads as soon as you can (again)...
apple-plus-16-1200
π·οΈ
My labels
β
Article tags
β
Apple
iOS
OS X
Vulnerability
September 12
th
2022 at 21:25
Naked Security
How to deal with dates and times without any timezone tantrumsβ¦
September 9
th
2022 at 18:59Β
How to deal with dates and times without any timezone tantrumsβ¦
By:
Paul Ducklin
Heartfelt encouragement to embrace RFC 3339 - find out why!
π·οΈ
My labels
β
Article tags
β
Security leadership
rfc 3339
timezone
September 9
th
2022 at 18:59
Naked Security
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
September 8
th
2022 at 13:21Β
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
π·οΈ
My labels
β
Article tags
β
Podcast
Eckersley
Lets Encrypt
Naked Security Podcast
Peter
Tik Tok
September 8
th
2022 at 13:21
Naked Security
DEADBOLT ransomware rears its head again, attacks QNAP devices
September 7
th
2022 at 16:57Β
DEADBOLT ransomware rears its head again, attacks QNAP devices
By:
Paul Ducklin
NAS devices make it easy for anyone to add high-capacity file servers to their network. Guess why cybercrooks love NAS devices too...
π·οΈ
My labels
β
Article tags
β
Ransomware
Deadbolt
QNAP
ransomware
September 7
th
2022 at 16:57
Naked Security
Chrome and Edge fix zero-day security hole β update now!
September 5
th
2022 at 15:12Β
Chrome and Edge fix zero-day security hole β update now!
By:
Paul Ducklin
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Vulnerability
chrome
CVE-2022-3075
Exploit
Patch
Zero Day
September 5
th
2022 at 15:12
Naked Security
Peter Eckersley, co-creator of Letβs Encrypt, dies at just 43
September 4
th
2022 at 00:50Β
Peter Eckersley, co-creator of Letβs Encrypt, dies at just 43
By:
Paul Ducklin
This site, like millions of others, has a certificate from Let's Encrypt. Farewell, Peter Eckersley, PhD, who helped make it all possible.
π·οΈ
My labels
β
Article tags
β
eff
Lets Encrypt
obituary
Peter Eckersley
September 4
th
2022 at 00:50
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
September 1
st
2022 at 16:55Β
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Podcast
airgap
bugs
chrome
data loss
JavaScript
LastPass
vulnerability
September 1
st
2022 at 16:55
Naked Security
URGENT! Apple slips out zero-day update for older iPhones and iPads
August 31
st
2022 at 18:42Β
URGENT! Apple slips out zero-day update for older iPhones and iPads
By:
Paul Ducklin
Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.
π·οΈ
My labels
β
Article tags
β
Apple
iOS
CVE-2022-32893
ios
spyware
webkit
Zero Day
August 31
st
2022 at 18:42
Naked Security
Chrome patches 24 security holes, enables βSanitizerβ safety system
August 31
st
2022 at 11:48Β
Chrome patches 24 security holes, enables βSanitizerβ safety system
By:
Paul Ducklin
24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Vulnerability
buffer overflow
chrome
Sanitizer
use-after-free
vulnerability
XSS
August 31
st
2022 at 11:48
Naked Security
JavaScript bugs aplenty in Node.js ecosystem β found automatically
August 30
th
2022 at 16:59Β
JavaScript bugs aplenty in Node.js ecosystem β found automatically
By:
Paul Ducklin
How to get the better of bugs in all the possible packages in your supply chain?
π·οΈ
My labels
β
Article tags
β
Vulnerability
bug-hunting
cve
JavaScript
vulnerability
August 30
th
2022 at 16:59
Naked Security
LastPass source code breach β do we still recommend password managers?
August 29
th
2022 at 16:59Β
LastPass source code breach β do we still recommend password managers?
By:
Paul Ducklin
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
π·οΈ
My labels
β
Article tags
β
Data loss
breach
LastPass
password manager
August 29
th
2022 at 16:59
Naked Security
Firefox 104 is out β no critical bugs, but update anyway
August 26
th
2022 at 16:27Β
Firefox 104 is out β no critical bugs, but update anyway
By:
Paul Ducklin
Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.
π·οΈ
My labels
β
Article tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
August 26
th
2022 at 16:27
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
August 25
th
2022 at 15:37Β
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer the text version.)
π·οΈ
My labels
β
Article tags
β
Apple
Cryptocurrency
Google
Microsoft
Podcast
Vulnerability
"Edge"
chrome
crypto
cryptocurrency
denial of service
DOS
iPhone
Naked Security Podcast
R&B
Zero Day
August 25
th
2022 at 15:37
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By:
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
π·οΈ
My labels
β
Article tags
β
Data loss
Vulnerability
airgap
Ben Gurion
Ben-Gurion University
data leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
Bitcoin ATMs leeched by attackers who created fake admin accounts
August 23
rd
2022 at 15:35Β
Bitcoin ATMs leeched by attackers who created fake admin accounts
By:
Paul Ducklin
The criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Vulnerability
atm
BTC
crypto
cryptocurrency
General Bytes
phantom withdrawal
vulnerability
August 23
rd
2022 at 15:35
Naked Security
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
August 22
nd
2022 at 16:03Β
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
By:
Paul Ducklin
We haven't validated this vuln ourselves... but the source of the story is impeccable. (Impeccably dressed, at least.)
π·οΈ
My labels
β
Article tags
β
Vulnerability
chen
CVE-2022-38392
Janet Jackson
music
Raymond Chen
resonance
August 22
nd
2022 at 16:03
Naked Security
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
August 18
th
2022 at 14:38Β
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now (or read if you prefer!)
π·οΈ
My labels
β
Article tags
β
Cryptography
Intel
Law & order
Malware
Podcast
Privacy
AEPIC
Conti
healthcare
Naked Security Podcast
ransomware
zoom
August 18
th
2022 at 14:38
Naked Security
Apple patches double zero-day in browser and kernel β update now!
August 17
th
2022 at 23:33Β
Apple patches double zero-day in browser and kernel β update now!
By:
Paul Ducklin
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
π·οΈ
My labels
β
Article tags
β
Apple
iOS
Malware
OS X
Vulnerability
CVE-2022-32893
CVE-2022-32894
ios
iPadOS
jailbreak
macOS
spyware
August 17
th
2022 at 23:33
Naked Security
Chrome browser gets 11 security fixes with 1 zero-day β update now!
August 17
th
2022 at 13:16Β
Chrome browser gets 11 security fixes with 1 zero-day β update now!
By:
Paul Ducklin
Don't delay - patch today.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Vulnerability
August 17
th
2022 at 13:16
Naked Security
US offers reward βup to $10 millionβ for information about the Conti gang
August 16
th
2022 at 16:57Β
US offers reward βup to $10 millionβ for information about the Conti gang
By:
Naked Security writer
Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)
π·οΈ
My labels
β
Article tags
β
Law & order
Ransomware
Conti
ransomware
RfJ
usa
August 16
th
2022 at 16:57
Naked Security
Zoom for Mac patches critical bug β update now!
August 15
th
2022 at 18:26Β
Zoom for Mac patches critical bug β update now!
By:
Paul Ducklin
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...
π·οΈ
My labels
β
Article tags
β
OS X
Vulnerability
CVE-2022-28756
macOS
Wardle
zoom
August 15
th
2022 at 18:26
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
August 11
th
2022 at 14:34Β
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer.)
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Law & order
Malware
Microsoft
Podcast
Privacy
Cybercrime
github
hacking
malware
Naked Security Podcast
quantum computing
August 11
th
2022 at 14:34
Naked Security
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
August 10
th
2022 at 16:59Β
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
By:
Paul Ducklin
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Vulnerability
APIC
CVE-2022-21233
EPIC
SGX
ΓPIC Leak
August 10
th
2022 at 16:59
Naked Security
Slack admits to leaking hashed passwords for five years
August 8
th
2022 at 15:14Β
Slack admits to leaking hashed passwords for five years
By:
Paul Ducklin
"When those invitations went out... somehow, your password hash went out with them."
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
brute force
crack
dictionary attack
hashing
password
salt
Slack
August 8
th
2022 at 15:14
Naked Security
Traffic Light Protocol for cybersecurity responders gets a revamp
August 5
th
2022 at 16:57Β
Traffic Light Protocol for cybersecurity responders gets a revamp
By:
Paul Ducklin
Traffic lights make a handy global metaphor for denoting the sensitivity of cybersecurity threat data - three colours that everyone knows.
π·οΈ
My labels
β
Article tags
β
Security leadership
cybersecurity
MDR
MTR
research
TLP
August 5
th
2022 at 16:57
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
August 4
th
2022 at 16:52Β
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Or read if that's what you prefer.)
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
cryptocurrency
cryptogram
Cybercrime
Naked Security Podcast
August 4
th
2022 at 16:52
Naked Security
GitHub blighted by βresearcherβ who created thousands of malicious projects
August 3
rd
2022 at 23:06Β
GitHub blighted by βresearcherβ who created thousands of malicious projects
By:
Paul Ducklin
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
π·οΈ
My labels
β
Article tags
β
Law & order
github
malware
supply chain
August 3
rd
2022 at 23:06
Naked Security
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
August 3
rd
2022 at 16:55Β
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
By:
Paul Ducklin
And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.
π·οΈ
My labels
β
Article tags
β
Cryptography
nist
PQC
quantum
quantum computing
SIKE
August 3
rd
2022 at 16:55
Naked Security
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
August 2
nd
2022 at 16:12Β
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
By:
Paul Ducklin
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Cryptography
Vulnerability
cryptocoin
cryptocurrency
DeFi
Nomad
August 2
nd
2022 at 16:12
Load more articles