Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
April 10
th
2023 at 20:20Β
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
By:
Paul Ducklin
That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices - patch now!
π·οΈ
My labels
β
Article tags
β
Apple
iOS
OS X
Vulnerability
Exploit
kernel bug
rce
spyware
April 10
th
2023 at 20:20
Naked Security
Popular server-side JavaScript security sandbox βvm2β patches remote execution hole
April 9
th
2023 at 00:28Β
Popular server-side JavaScript security sandbox βvm2β patches remote execution hole
By:
Paul Ducklin
The security error was in the error handling system that was supposed to catch potential security errors...
vm2-1200
π·οΈ
My labels
β
Article tags
β
Vulnerability
Exploit
RC E
Sandbox
vm2
April 9
th
2023 at 00:28
Naked Security
Apple issues emergency patches for spyware-style 0-day exploits β update now!
April 8
th
2023 at 01:20Β
Apple issues emergency patches for spyware-style 0-day exploits β update now!
By:
Paul Ducklin
A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International.
π·οΈ
My labels
β
Article tags
β
Apple
Apple Safari
Vulnerability
0 day
Amnesty International
Exploit
ios
iPhone
mac
Zero Day
April 8
th
2023 at 01:20
Naked Security
S3 Ep129: When spyware arrives from someone you trust
April 6
th
2023 at 14:57Β
S3 Ep129: When spyware arrives from someone you trust
By:
Paul Ducklin
Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days... listen now!
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Podcast
Privacy
3CX
Naked Security Podcast
supply chain
Wi-fi
world backup day
April 6
th
2023 at 14:57
Naked Security
Hack and enter! The βsecureβ garage doors that anyone can open from anywhere β what you need to know
April 5
th
2023 at 18:49Β
Hack and enter! The βsecureβ garage doors that anyone can open from anywhere β what you need to know
By:
Paul Ducklin
Grab a message/Play it back/You've just performed/A big phat hack...
π·οΈ
My labels
β
Article tags
β
Privacy
Vulnerability
Cybercrime
hacking
iot
Nexx
responsible disclosure
vulnerbility
April 5
th
2023 at 18:49
Naked Security
Supply chain blunder puts 3CX telephone app users at risk
March 30
th
2023 at 17:36Β
Supply chain blunder puts 3CX telephone app users at risk
By:
Paul Ducklin
Booby-trapped app, apparently signed and shipped by 3CX itself after its source code repository was broken into.
π·οΈ
My labels
β
Article tags
β
Malware
3CX
Electron
git
malware
suuply chain
March 30
th
2023 at 17:36
Naked Security
S3 Ep128: So you want to be a cyberΒcriminal? [Audio + Text]
March 30
th
2023 at 14:43Β
S3 Ep128: So you want to be a cyberΒcriminal? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Apple
Google
Law & order
Microsoft
Podcast
Privacy
DDoS
Naked Security Podcast
vulnerability
March 30
th
2023 at 14:43
Naked Security
Apple patches everything, including a zero-day fix for iOS 15 users
March 28
th
2023 at 00:23Β
Apple patches everything, including a zero-day fix for iOS 15 users
By:
Paul Ducklin
Got an older iPhone that can't run iOS 16? You've got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too.
π·οΈ
My labels
β
Article tags
β
Apple
Vulnerability
0 day
Exploit
ios
iPad
iPadOS
iPhone
macOS
vulnerability
Zero Day
March 28
th
2023 at 00:23
Naked Security
In Memoriam β Gordon Moore, who put the more in βMooreβs Lawβ
March 27
th
2023 at 00:05Β
In Memoriam β Gordon Moore, who put the more in βMooreβs Lawβ
By:
Paul Ducklin
His prediction was called a "Law", though it was an exhortation to engineering excellence as much it was an estimate.
gm-rip-1200
π·οΈ
My labels
β
Article tags
β
"Moore's Law"
Gordon Moore
intel
Moore
obituary
March 27
th
2023 at 00:05
Naked Security
WooCommerce Payments plugin for WordPress has an admin-level hole β patch now!
March 24
th
2023 at 17:48Β
WooCommerce Payments plugin for WordPress has an admin-level hole β patch now!
By:
Paul Ducklin
Admin-level holes in websites are always a bad thing... and for "bad", read "worse" if it's an e-commerce site.
woo-1200
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
Vulnerability
vulnerability
WooCommerce
Wordpress
March 24
th
2023 at 17:48
Naked Security
S3 Ep127: When you chop someone out of a photo, but there they are anywayβ¦
March 23
rd
2023 at 17:59Β
S3 Ep127: When you chop someone out of a photo, but there they are anywayβ¦
By:
Paul Ducklin
Listen now - latest episode. Full transcript inside.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Data loss
Google
Microsoft
Podcast
Vulnerability
aCropalypse
BTC
cryptocurrency
Cybercrime
March 23
rd
2023 at 17:59
Naked Security
Dangerous Android phone 0-day bugs revealed β patch or work around them now!
March 17
th
2023 at 17:56Β
Dangerous Android phone 0-day bugs revealed β patch or work around them now!
By:
Paul Ducklin
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
π·οΈ
My labels
β
Article tags
β
Android
Google
Samsung
Vulnerability
Patches
rce
vulnerability
March 17
th
2023 at 17:56
Naked Security
S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]
March 16
th
2023 at 17:56Β
S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]
By:
Paul Ducklin
Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!
π·οΈ
My labels
β
Article tags
β
Data loss
Google
Microsoft
Mozilla
Podcast
Privacy
Vulnerability
Cybercrime
Firefox
Naked Security Podcast
Outlook
Patch Tuesday
SHEIN
vulnerability
March 16
th
2023 at 17:56
Naked Security
Microsoft fixes two 0-days on Patch Tuesday β update now!
March 15
th
2023 at 00:06Β
Microsoft fixes two 0-days on Patch Tuesday β update now!
By:
Paul Ducklin
An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.
π·οΈ
My labels
β
Article tags
β
Microsoft
Vulnerability
Windows
0 day
Exploit
MOTW
NTLM v2
Outlook
Patch Tuesday
SmartScreen
vulnerability
Zero Day
March 15
th
2023 at 00:06
Naked Security
Firefox 111 patches 11 holes, but not 1 zero-day among themβ¦
March 14
th
2023 at 17:16Β
Firefox 111 patches 11 holes, but not 1 zero-day among themβ¦
By:
Paul Ducklin
In the game of cricket, 111 is an inauspicious number, but for Firefox, there doesn't seem to be much to worry about this month.
π·οΈ
My labels
β
Article tags
β
Mozilla
Vulnerability
Firefox
update
vulnerability
March 14
th
2023 at 17:16
Naked Security
S3 Ep125: When security hardware has security holes [Audio + Text]
March 9
th
2023 at 18:58Β
S3 Ep125: When security hardware has security holes [Audio + Text]
By:
Paul Ducklin
Lastest episode - listen now! (Full transcript inside.)
π·οΈ
My labels
β
Article tags
β
Cryptography
Law & order
Podcast
Ransomware
Vulnerability
bust
CISA
Naked Security Podcast
ransomware
tpm
March 9
th
2023 at 18:58
Naked Security
Serious Security: TPM 2.0 vulns β is your super-secure data at risk?
March 7
th
2023 at 17:59Β
Serious Security: TPM 2.0 vulns β is your super-secure data at risk?
By:
Paul Ducklin
Security bugs in the very code you've been told you must have to improve the security of your computer...
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
TCG
tpm
TPM 2.0
Windows 11
March 7
th
2023 at 17:59
Naked Security
Feds warn about right Royal ransomware rampage that runs the gamut of TTPs
March 3
rd
2023 at 17:56Β
Feds warn about right Royal ransomware rampage that runs the gamut of TTPs
By:
Paul Ducklin
Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?
π·οΈ
My labels
β
Article tags
β
Data loss
Ransomware
CISA
mitre
ransomware
Royal
TTPs
March 3
rd
2023 at 17:56
Naked Security
S3 Ep124: When so-called security apps go rogue [Audio + Text]
March 2
nd
2023 at 15:40Β
S3 Ep124: When so-called security apps go rogue [Audio + Text]
By:
Paul Ducklin
Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!
s3-ep124-auth--1200
π·οΈ
My labels
β
Article tags
β
Apple
Cryptography
Data loss
Google
Law & order
Podcast
2FA
Cybercrime
extortion
hacking
LastPass
Naked Security Podcast
ransomware
March 2
nd
2023 at 15:40
Naked Security
S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]
February 23
rd
2023 at 17:58Β
S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! Top-notch advice for cybersecurity, both at work and at home.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Data loss
Podcast
Privacy
2FA
Coinbase
crypto
cryptocurrency
Cybercrime
GoDaddy
malware
Naked Security Podcast
Twitter
February 23
rd
2023 at 17:58
Naked Security
NPM JavaScript packages abused to create scambait links in bulk
February 22
nd
2023 at 18:59Β
NPM JavaScript packages abused to create scambait links in bulk
By:
Paul Ducklin
Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?!
π·οΈ
My labels
β
Article tags
β
Data loss
Spam
clickbait
npm
rogue packages
scamming
February 22
nd
2023 at 18:59
Naked Security
Twitter tells users: Pay up if you want to keep using insecure 2FA
February 20
th
2023 at 17:58Β
Twitter tells users: Pay up if you want to keep using insecure 2FA
By:
Paul Ducklin
Ironically, Twitter Blue users will be allowed to keep using the very 2FA process that's not considered secure enough for everyone else.
π·οΈ
My labels
β
Article tags
β
2-factor Authentication
Twitter
2FA
SIM
sim swap
February 20
th
2023 at 17:58
Naked Security
S3 Ep122: Stop calling every breach βsophisticatedβ! [Audio + Text]
February 16
th
2023 at 17:46Β
S3 Ep122: Stop calling every breach βsophisticatedβ! [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now! (Full transcript inside.)
π·οΈ
My labels
β
Article tags
β
Podcast
Apple
Cybercrime
Exploit
hacking
Microsoft
Naked Security Podcast
Patch Tuesday
reddit
vulnerability
Zero Day
February 16
th
2023 at 17:46
Naked Security
Apple fixes zero-day spyware implant bug β patch now!
February 14
th
2023 at 13:08Β
Apple fixes zero-day spyware implant bug β patch now!
By:
Paul Ducklin
Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!
π·οΈ
My labels
β
Article tags
β
Apple
Apple Safari
Vulnerability
VE-2023-23529
Zero Day
February 14
th
2023 at 13:08
Naked Security
Reddit admits it was hacked and data stolen, says βDonβt panicβ
February 10
th
2023 at 17:59Β
Reddit admits it was hacked and data stolen, says βDonβt panicβ
By:
Paul Ducklin
Reddit is suggesting three tips as a follow-up to this breach. We agree with two of them but not with the third...
π·οΈ
My labels
β
Article tags
β
Data loss
breach
reddit
February 10
th
2023 at 17:59
Naked Security
S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]
February 9
th
2023 at 19:41Β
S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]
By:
Paul Ducklin
Latest epsiode. Listen now!
π·οΈ
My labels
β
Article tags
β
Law & order
Podcast
Ransomware
Vulnerability
bust
Cybercrime
KeePass
Naked Security Podcast
openssh
openssl
pathes
VMware
February 9
th
2023 at 19:41
Naked Security
OpenSSL fixes High Severity data-stealing bug β patch now!
February 8
th
2023 at 02:58Β
OpenSSL fixes High Severity data-stealing bug β patch now!
By:
Paul Ducklin
7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
memory mismanagement
openssl
timing attack
February 8
th
2023 at 02:58
Naked Security
VMWare user? Worried about βESXi ransomwareβ? Check your patches now!
February 7
th
2023 at 17:59Β
VMWare user? Worried about βESXi ransomwareβ? Check your patches now!
By:
Paul Ducklin
To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!
π·οΈ
My labels
β
Article tags
β
Ransomware
Vulnerability
ESXi
Patching
ransomware
VMware
February 7
th
2023 at 17:59
Naked Security
OpenSSH fixes double-free memory bug thatβs pokable over the network
February 3
rd
2023 at 17:59Β
OpenSSH fixes double-free memory bug thatβs pokable over the network
By:
Paul Ducklin
It's a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code...
π·οΈ
My labels
β
Article tags
β
Vulnerability
double-free
openssh
February 3
rd
2023 at 17:59
Naked Security
S3 Ep120: When dud crypto simply wonβt let go [Audio + Text]
February 2
nd
2023 at 17:50Β
S3 Ep120: When dud crypto simply wonβt let go [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Cryptography
Law & order
Podcast
Ransomware
collision
Hive
MD5
Naked Security Podcast
ransomware
Samba
vulnerability
February 2
nd
2023 at 17:50
Naked Security
Password-stealing βvulnerabilityβ reported in KeePass β bug or feature?
February 1
st
2023 at 18:58Β
Password-stealing βvulnerabilityβ reported in KeePass β bug or feature?
By:
Paul Ducklin
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
Vulnerability
CVE-2023-24055
data leakage
KeePass
trigger
February 1
st
2023 at 18:58
Naked Security
GitHub code-signing certificates stolen (but will be revoked this week)
January 31
st
2023 at 11:35Β
GitHub code-signing certificates stolen (but will be revoked this week)
By:
Paul Ducklin
There was a breach, so the bad news isn't great, but the good news isn't too bad...
π·οΈ
My labels
β
Article tags
β
Data loss
Microsoft
Vulnerability
certificate breach
Code signing
compromise
github
January 31
st
2023 at 11:35
Naked Security
Serious Security: The Samba logon bug caused by outdated crypto
January 30
th
2023 at 17:59Β
Serious Security: The Samba logon bug caused by outdated crypto
By:
Paul Ducklin
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
CIFS
collision
CVE-2022-38023
mac
MD5
message digest
Samba
SMB
January 30
th
2023 at 17:59
Naked Security
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
January 26
th
2023 at 15:57Β
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
By:
Paul Ducklin
Lastest episode - listen now! (Or read the transcript.)
π·οΈ
My labels
β
Article tags
β
Apple
Data loss
Google
Podcast
Vulnerability
DNS
GoTo
LastPass
vulnerability
Zero Day
January 26
th
2023 at 15:57
Naked Security
Apple patches are out β old iPhones get an old zero-day fix at last!
January 24
th
2023 at 01:24Β
Apple patches are out β old iPhones get an old zero-day fix at last!
By:
Paul Ducklin
Don't delay, especially if you're still running an iOS 12 device... please do it today!
π·οΈ
My labels
β
Article tags
β
Apple
Vulnerability
CVE-2022-42856
Exploit
ios
ios 12
iPadOS
macOS
Ventura
Zero Day
January 24
th
2023 at 01:24
Naked Security
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
January 23
rd
2023 at 17:59Β
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
By:
Paul Ducklin
It's a really cool and super-simple trick. The question is, "Will it help?"
π·οΈ
My labels
β
Article tags
β
Vulnerability
DNS
hijack
Spoofing
January 23
rd
2023 at 17:59
Naked Security
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
January 19
th
2023 at 15:53Β
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
By:
Paul Ducklin
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Podcast
bust
cracking
Cybercrime
data breach
hacking
JWT
Naked Security Podcast
January 19
th
2023 at 15:53
Naked Security
S3 Ep117: The crypto crisis that wasnβt (and farewell forever to Win 7) [Audio + Text]
January 12
th
2023 at 17:59Β
S3 Ep117: The crypto crisis that wasnβt (and farewell forever to Win 7) [Audio + Text]
By:
Paul Ducklin
Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)
π·οΈ
My labels
β
Article tags
β
Cryptography
Law & order
Podcast
Vulnerability
bust
Naked Security Podcast
RSA
Scam
Windows 7
Windows 8.1
January 12
th
2023 at 17:59
Naked Security
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
January 11
th
2023 at 00:22Β
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
By:
Paul Ducklin
Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...
π·οΈ
My labels
β
Article tags
β
Microsoft
Vulnerability
Exploit
malware. spam. vulnerability
Patch Tuesday
January 11
th
2023 at 00:22
Naked Security
Popular JWT cloud security library patches βremoteβ code execution hole
January 10
th
2023 at 17:59Β
Popular JWT cloud security library patches βremoteβ code execution hole
By:
Paul Ducklin
It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.
π·οΈ
My labels
β
Article tags
β
Cryptography
Vulnerability
JSON
jsonwebtoken
JWT
rce
vulnerability
January 10
th
2023 at 17:59
Naked Security
CircleCI β code-building service suffers total credential compromise
January 9
th
2023 at 14:52Β
CircleCI β code-building service suffers total credential compromise
By:
Paul Ducklin
They're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help you find them all.
π·οΈ
My labels
β
Article tags
β
Data loss
Vulnerability
breach
CircleCI
January 9
th
2023 at 14:52
Naked Security
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
January 5
th
2023 at 17:52Β
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
By:
Paul Ducklin
Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now! (Full transcript inside.)
π·οΈ
My labels
β
Article tags
β
Cryptography
Podcast
LastPass
Naked Security Podcast
PyTorch
January 5
th
2023 at 17:52
Naked Security
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
January 4
th
2023 at 19:50Β
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
By:
Paul Ducklin
Lessons for us all: improve cryptography, fight cybercrime, own your supply chain... and don't steal my data and then pretend you're sorry.
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Podcast
Security leadership
Vulnerability
Cryptography
Cybercrime
Linux
machine learning
vulnerability
January 4
th
2023 at 19:50
Naked Security
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
January 1
st
2023 at 21:36Β
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
By:
Paul Ducklin
The bad news: the crooks have your SSH private keys. The good news: only users of the "nightly" build were affected.
π·οΈ
My labels
β
Article tags
β
Machine Learning
Malware
AI
Artificial intelligence
data stealing
Linux
machine learning
malware
ML
PyTorch
triton
January 1
st
2023 at 21:36
Naked Security
Naked Security 33Β 1/3 β Cybersecurity predictions for 2023 and beyond
December 30
th
2022 at 17:59Β
Naked Security 33Β 1/3 β Cybersecurity predictions for 2023 and beyond
By:
Paul Ducklin
The problem with anniversaries is that there's an almost infinite number of them every day...
hny-1200
π·οΈ
My labels
β
Article tags
β
Security leadership
Security threats
cybersecurity
MDR
morris worm
NYD
nye
vulnerability
December 30
th
2022 at 17:59
Naked Security
S3 Ep115: True crime stories β A day in the life of a cybercrime fighter [Audio + Text]
December 29
th
2022 at 09:20Β
S3 Ep115: True crime stories β A day in the life of a cybercrime fighter [Audio + Text]
By:
Paul Ducklin
Listen now - you'll be alarmed, amused and educated, all in equal measure. (Full transcript in article.)
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Podcast
Ransomware
Security leadership
Cybercrime
hacking
MDR
Naked Security Podcast
Peter Mackenzie
ransomware
December 29
th
2022 at 09:20
Naked Security
Twitter data of β+400 million unique usersβ up for sale β what to do?
December 28
th
2022 at 17:59Β
Twitter data of β+400 million unique usersβ up for sale β what to do?
By:
Paul Ducklin
If the crooks have connected up your phone number and your Twitter handle... what could go wrong?
π·οΈ
My labels
β
Article tags
β
Data loss
breach
extortion
Twitter
December 28
th
2022 at 17:59
Naked Security
S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text]
December 22
nd
2022 at 17:56Β
S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text]
By:
Paul Ducklin
Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.
π·οΈ
My labels
β
Article tags
β
Malware
Podcast
Security leadership
Cybercrime
fraser howard
malware
Security SOS Week
sophoslabs
SOS Week
threat prevention
December 22
nd
2022 at 17:56
Naked Security
Microsoft dishes the dirt on Appleβs βAchilles heelβ shortly after fixing similar Windows bug
December 20
th
2022 at 17:59Β
Microsoft dishes the dirt on Appleβs βAchilles heelβ shortly after fixing similar Windows bug
By:
Paul Ducklin
It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.
π·οΈ
My labels
β
Article tags
β
Apple
Microsoft
Vulnerability
Achilles
CVE-2022-42821
Gatekeeper
macOS
MOTW
vulnerability
December 20
th
2022 at 17:59
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
December 15
th
2022 at 17:10Β
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By:
Paul Ducklin
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
π·οΈ
My labels
β
Article tags
β
Apple
Data loss
Malware
Microsoft
Podcast
Privacy
Vulnerability
0 day
Ben-Gurion University
ios
Naked Security Podcast
skimming
supply chain
vulnerability
Zero Day
December 15
th
2022 at 17:10
Naked Security
Apple patches everything, finally reveals mystery of iOS 16.1.2
December 14
th
2022 at 02:11Β
Apple patches everything, finally reveals mystery of iOS 16.1.2
By:
Paul Ducklin
There's an update for everything this time, not just for iOS.
π·οΈ
My labels
β
Article tags
β
Apple
Vulnerability
CVE-2022-42856
December 14
th
2022 at 02:11
Naked Security
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
December 14
th
2022 at 01:13Β
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
By:
Paul Ducklin
Tales of derring-do in the cyberunderground! (And some zero-days.)
π·οΈ
My labels
β
Article tags
β
Microsoft
Vulnerability
driver signing
Exploit
Patch Tuesday
vulnerability
December 14
th
2022 at 01:13
Naked Security
COVID-bit: the wireless spyware trick with an unfortunate name
December 13
th
2022 at 17:58Β
COVID-bit: the wireless spyware trick with an unfortunate name
By:
Paul Ducklin
It's not the switching that's the problem, it's the switching of the switching!
ind-1200
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
airgap
Ben-Gurion University
exfiltration
December 13
th
2022 at 17:58
Naked Security
Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties
December 12
th
2022 at 17:58Β
Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties
By:
Paul Ducklin
That's a mean average of $15,710 per bug... and 63 fewer bugs out there for crooks and rogues to find.
π·οΈ
My labels
β
Article tags
β
Security events
Vulnerability
Exploit
hacking
Pwn2Own
vulnerability
December 12
th
2022 at 17:58
Naked Security
S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]
December 9
th
2022 at 16:46Β
S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]
By:
Paul Ducklin
Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.
π·οΈ
My labels
β
Article tags
β
Apple
Google
Law & order
Malware
Microsoft
Podcast
Privacy
Vulnerability
"Edge"
chrome
Cybercrime
Exploit
hacking
ios
Naked Security Podcast
December 9
th
2022 at 16:46
Naked Security
Credit card skimming β the long and winding road of supply chain failure
December 8
th
2022 at 17:58Β
Credit card skimming β the long and winding road of supply chain failure
By:
Paul Ducklin
Don't keep calling home to a JavaScript server that closed its doors eight years ago!
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Privacy
Cockpit
e-commerce
HTML injection
skimming
December 8
th
2022 at 17:58
Naked Security
Ping of death! FreeBSD fixes crashtastic bug in network tool
December 5
th
2022 at 17:59Β
Ping of death! FreeBSD fixes crashtastic bug in network tool
By:
Paul Ducklin
It's a venerable program, and this version had a venerable bug in it.
π·οΈ
My labels
β
Article tags
β
Vulnerability
buffer overflow
freebsd
ICMP
ping
December 5
th
2022 at 17:59
Naked Security
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
December 5
th
2022 at 00:58Β
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
By:
Paul Ducklin
Ninth more unto the breach, dear friends, ninth more.
π·οΈ
My labels
β
Article tags
β
Google
Google Chrome
Microsoft
Vulnerability
"Edge"
chrome
Chromium
CVE-2022-4262
Zero Day
December 5
th
2022 at 00:58
Naked Security
Apple pushes out iOS security update thatβs more tight-lipped than ever
December 2
nd
2022 at 21:02Β
Apple pushes out iOS security update thatβs more tight-lipped than ever
By:
Paul Ducklin
We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...
π·οΈ
My labels
β
Article tags
β
Apple
iOS
ios
iPhone
security patch
December 2
nd
2022 at 21:02
Naked Security
S3 Ep111: The business risk of a sleazy βnudity unfilterβ [Audio + Text]
December 1
st
2022 at 17:58Β
S3 Ep111: The business risk of a sleazy βnudity unfilterβ [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now (or read if you prefer)...
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Law & order
Malware
Podcast
Privacy
CryptoRom
Cybercrime
iSpoof
Naked Security Podcast
porn scam
TikTok
December 1
st
2022 at 17:58
Load more articles