Naked Security
US offers reward “up to $10 million” for information about the Conti gang
August 16^th 2022 at 16:57

US offers reward “up to $10 million” for information about the Conti gang

By: Naked Security writer

Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)

🏷️ My labels
- ❌
Article tags
August 16^th 2022 at 16:57

Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
August 11^th 2022 at 14:34

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

By: Paul Ducklin

Latest episode - listen now! (Or read the transcript if you prefer.)

Naked Security
GitHub blighted by “researcher” who created thousands of malicious projects
August 3^rd 2022 at 23:06

GitHub blighted by “researcher” who created thousands of malicious projects

By: Paul Ducklin

If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.

🏷️ My labels
- ❌
Article tags
August 3^rd 2022 at 23:06

Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
July 28^th 2022 at 15:47

S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
T-Mobile to cough up $500 million over 2021 data breach
July 25^th 2022 at 16:20

T-Mobile to cough up $500 million over 2021 data breach

By: Paul Ducklin

Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.

Naked Security
Last member of Gozi malware troika arrives in US for criminal trial
July 20^th 2022 at 14:56

Last member of Gozi malware troika arrives in US for criminal trial

By: Paul Ducklin

His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...

Naked Security
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
July 14^th 2022 at 18:47

S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]

By: Paul Ducklin

Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

Naked Security
Paying ransomware crooks won’t reduce your legal risk, warns regulator
July 12^th 2022 at 13:24

Paying ransomware crooks won’t reduce your legal risk, warns regulator

By: Paul Ducklin

"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?

Naked Security
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
July 7^th 2022 at 14:46

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

By: Paul Ducklin

Listen now! Or read if you prefer...

Naked Security
Canadian cybercriminal pleads guilty to “NetWalker” attacks in US
July 4^th 2022 at 14:09

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

By: Paul Ducklin

Bust in Canada, now bust in the USA as well.

Naked Security
“Missing Cryptoqueen” hits the FBI’s Ten Most Wanted list
July 1^st 2022 at 16:49

“Missing Cryptoqueen” hits the FBI’s Ten Most Wanted list

By: Paul Ducklin

The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.

Naked Security
S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
June 30^th 2022 at 12:57

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

By: Paul Ducklin

Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!

Naked Security
FTC warns of LGBTQ+ extortion scams – be aware before you share!
June 27^th 2022 at 14:58

FTC warns of LGBTQ+ extortion scams – be aware before you share!

By: Paul Ducklin

It's a simple jingle and it's solid advice: "If in doubt, don't give it out!"

Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
June 23^rd 2022 at 11:08

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

By: Paul Ducklin

Latest epsiode - listen (or read) now!

Naked Security
Capital One identity theft hacker finally gets convicted
June 21^st 2022 at 15:24

Capital One identity theft hacker finally gets convicted

By: Paul Ducklin

It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!

Naked Security
Interpol busts 2000 suspects in phone scamming takedown
June 20^th 2022 at 18:10

Interpol busts 2000 suspects in phone scamming takedown

By: Paul Ducklin

Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...

Naked Security
Murder suspect admits she tracked cheating partner with hidden AirTag
June 14^th 2022 at 16:49

Murder suspect admits she tracked cheating partner with hidden AirTag

By: Paul Ducklin

O! What a tangled web we weave, when first we practise to deceive.

Naked Security
SSNDOB Market domains seized, identity theft “brokerage” shut down
June 8^th 2022 at 14:53

SSNDOB Market domains seized, identity theft “brokerage” shut down

By: Paul Ducklin

The online identity "brokerage" SSNDOB Market didn't want people to be in any doubt what it was selling.

Naked Security
S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]
May 19^th 2022 at 13:56

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
He sold cracked passwords for a living – now he’s serving 4 years in prison
May 13^th 2022 at 15:31

He sold cracked passwords for a living – now he’s serving 4 years in prison

By: Paul Ducklin

Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...

Naked Security
Ransomware Survey 2022 – like the Curate’s Egg, “good in parts”
April 27^th 2022 at 15:22

Ransomware Survey 2022 – like the Curate’s Egg, “good in parts”

By: Paul Ducklin

You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look!

Naked Security
S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]
April 21^st 2022 at 13:41

S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]

By: Paul Ducklin

Do you know your Adam Osborne from your John Osbourne? Your Z80 from your 6502? Latest episode - listen now!

Naked Security
US cryptocurrency coder gets 5 years for North Korea sanctions busting
April 13^th 2022 at 15:52

US cryptocurrency coder gets 5 years for North Korea sanctions busting

By: Naked Security writer

Cryptocurrency expert didn't take "No" for an answer when the US authorities said he couldn't pursue cryptocoin opps in North Korea.

Naked Security
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
April 7^th 2022 at 12:24

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

By: Paul Ducklin

Latest episode - listen now! Cybersecurity news and advice in plain English.

Naked Security
Serious Security: Darkweb drugs market Hydra taken offline by German police
April 6^th 2022 at 16:22

Serious Security: Darkweb drugs market Hydra taken offline by German police

By: Paul Ducklin

Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English...

Naked Security
LAPSUS$ hacks continue despite two hacker suspects in court
April 4^th 2022 at 21:36

LAPSUS$ hacks continue despite two hacker suspects in court

By: Paul Ducklin

Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?

Naked Security
S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]
March 31^st 2022 at 13:38

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
UK police arrest 7 hacking suspects – have they bust the LAPSUS$ gang?
March 25^th 2022 at 01:48

UK police arrest 7 hacking suspects – have they bust the LAPSUS$ gang?

By: Naked Security writer

Seven alleged hackers have been arrested in the UK. But who are they, and which hacking crew are they from?

Naked Security
S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]
March 17^th 2022 at 13:32

S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
Alleged Kaseya ransomware attacker arrives in Texas for trial
March 11^th 2022 at 14:59

Alleged Kaseya ransomware attacker arrives in Texas for trial

By: Naked Security writer

The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...

Naked Security
S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]
February 10^th 2022 at 01:15

S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
Self-styled “Crocodile of Wall Street” arrested with husband over Bitcoin megaheist
February 9^th 2022 at 14:44

Self-styled “Crocodile of Wall Street” arrested with husband over Bitcoin megaheist

By: Naked Security writer

The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion!

Naked Security
Alleged carder gang mastermind and three acolytes under arrest in Russia
January 24^th 2022 at 14:14

Alleged carder gang mastermind and three acolytes under arrest in Russia

By: Naked Security writer

The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames.

🏷️ My labels
- ❌
Article tags
January 24^th 2022 at 14:14

Naked Security
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
January 20^th 2022 at 17:28

S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]

By: Paul Ducklin

Latest epsiode - listen now!

Naked Security
Romance scammer who targeted 670 women gets 28 months in jail
January 17^th 2022 at 14:13

Romance scammer who targeted 670 women gets 28 months in jail

By: Paul Ducklin

Found love online? Sending them money? Friends and family warning you it could be a scam? Don't be too quick to dismiss their concerns...

🏷️ My labels
- ❌
Article tags
January 17^th 2022 at 14:13

Naked Security
FTC threatens “legal action” over unpatched Log4j and other vulns
January 5^th 2022 at 16:37

FTC threatens “legal action” over unpatched Log4j and other vulns

By: Paul Ducklin

Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!

Naked Security
Plundered bitcoins recovered by FBI – all 3,879-and-one-sixth of them!
December 22^nd 2021 at 17:57

Plundered bitcoins recovered by FBI – all 3,879-and-one-sixth of them!

By: Paul Ducklin

Phew! An audacious crime... that didn't work out.

Naked Security
S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]
December 9^th 2021 at 17:40

S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]

By: Paul Ducklin

Listen now or read as an article! (Full transcript inside.)

Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
December 2^nd 2021 at 20:50

S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
IoT devices must “protect consumers from cyberharm”, says UK government
December 2^nd 2021 at 17:10

IoT devices must “protect consumers from cyberharm”, says UK government

By: Paul Ducklin

"Must be at least THIS tall to go on ride" seems to be the starting point. Too little, too late? Or better than nothing?

Naked Security
Clearview AI face-matching service set to be fined over $20m
November 30^th 2021 at 19:13

Clearview AI face-matching service set to be fined over $20m

By: Paul Ducklin

Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.

Naked Security
S3 Ep59: Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase [Podcast]
November 18^th 2021 at 15:00

S3 Ep59: Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase [Podcast]

By: Paul Ducklin

Latest episode - listen now!

Naked Security
Emotet malware: “The report of my death was an exaggeration”
November 16^th 2021 at 14:13

Emotet malware: “The report of my death was an exaggeration”

By: Paul Ducklin

"Old malware rarely dies." The best way to predict the future is to look at the past... if it worked before, it will probably work again.

Naked Security
FBI email hack spreads fake security alerts. Here’s what to do…
November 13^th 2021 at 20:50

FBI email hack spreads fake security alerts. Here’s what to do…

By: Naked Security writer

Fake warnings and false accusations - it's a "call to distraction"

🏷️ My labels
- ❌
Article tags
November 13^th 2021 at 20:50

Naked Security
S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust [Podcast]
November 11^th 2021 at 17:41

S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust [Podcast]

By: Paul Ducklin

Latest epsiode - listen now!

Naked Security
Kaseya ransomware suspect nabbed in Poland, $6m seized from absent colleague
November 8^th 2021 at 22:37

Kaseya ransomware suspect nabbed in Poland, $6m seized from absent colleague

By: Naked Security writer

Suspects nabbed, millions seized, in ransomware busts across the globe.

🏷️ My labels
- ❌
Article tags
November 8^th 2021 at 22:37

Naked Security
S3 Ep57: Europol v. Ransomware, Shrootless bug, and Linux browser flamewars [Podcast]
November 4^th 2021 at 17:46

S3 Ep57: Europol v. Ransomware, Shrootless bug, and Linux browser flamewars [Podcast]

By: Paul Ducklin

Latest episode - listen now!