Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
βSnakes in airplane modeβ β what if your phone says itβs offline but isnβt?
August 21
st
2023 at 17:45Β
βSnakes in airplane modeβ β what if your phone says itβs offline but isnβt?
By:
Paul Ducklin
WYSIWYG is short for "what you see is what you get". Except when it isn't...
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Airplane Mode
data leakage
iPhone
WYSIWYG
August 21
st
2023 at 17:45
Naked Security
S3 Ep146: Tell us about that breach! (If you want to.)
August 3
rd
2023 at 17:56Β
S3 Ep146: Tell us about that breach! (If you want to.)
By:
Paul Ducklin
Serious security stories explained clearly in plain English - listen now. (Full transcript available.)
π·οΈ
My labels
β
Article tags
β
Podcast
Uncategorized
BWAIN
data leakage
Firefox
Naked Security Podcast
SEC
August 3
rd
2023 at 17:56
Naked Security
S3 Ep145: Bugs With Impressive Names!
July 27
th
2023 at 16:47Β
S3 Ep145: Bugs With Impressive Names!
By:
Paul Ducklin
Fascinating fun (with a serious and educational side) - listen now! Full transcript available inside.
π·οΈ
My labels
β
Article tags
β
Apple
Cryptography
Data loss
Podcast
Vulnerability
BWAIN
iPhone
Naked Security Podcast
spyware
TETRA:BURST
Triangulation Trojan
Zenbleed
July 27
th
2023 at 16:47
Naked Security
S3 Ep136: Navigating a manic malware maelstrom
May 25
th
2023 at 16:50Β
S3 Ep136: Navigating a manic malware maelstrom
By:
Paul Ducklin
Latest episode - listen now. Full transcript inside...
π·οΈ
My labels
β
Article tags
β
Denial of Service
Law & order
Malware
Podcast
bust
Cybercrime
hacking
Naked Security Podcast
PyPI
supply chain
Uncategorized
May 25
th
2023 at 16:50
Naked Security
PyPI open-source code repository deals with manic malware maelstrom
May 23
rd
2023 at 16:45Β
PyPI open-source code repository deals with manic malware maelstrom
By:
Paul Ducklin
Controlled outage used to keep malware marauders from gumming up the works. Learn what you can do to help in future...
π·οΈ
My labels
β
Article tags
β
Malware
malware
PyPI
python
supply chain
May 23
rd
2023 at 16:45
Naked Security
Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France
May 15
th
2023 at 16:36Β
Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France
By:
Paul Ducklin
We asked you once, we told you twice, now we're ordering you for the third time...
π·οΈ
My labels
β
Article tags
β
GDPR compliance
Privacy
Clearview
Clearview AI
CNIL
Data Collection
May 15
th
2023 at 16:36
Naked Security
PHP Packagist supply chain poisoned by hacker βlooking for a jobβ
May 5
th
2023 at 16:59Β
PHP Packagist supply chain poisoned by hacker βlooking for a jobβ
By:
Paul Ducklin
I pwned you! Gizza job! You know it makes sense!
π·οΈ
My labels
β
Article tags
β
Vulnerability
Packagist
PHP
supply chain
May 5
th
2023 at 16:59
Naked Security
Tracked by hidden tags? Apple and Google unite to propose safety and security standardsβ¦
May 3
rd
2023 at 19:58Β
Tracked by hidden tags? Apple and Google unite to propose safety and security standardsβ¦
By:
Paul Ducklin
To bleat, or not to bleat, that is the question.
π·οΈ
My labels
β
Article tags
β
Apple
Google
Privacy
AirTag
cyberstalking
May 3
rd
2023 at 19:58
Naked Security
Attention gamers! Motherboard maker MSI admits to breach, issues βrogue firmwareβ alert
April 11
th
2023 at 16:58Β
Attention gamers! Motherboard maker MSI admits to breach, issues βrogue firmwareβ alert
By:
Paul Ducklin
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.
π·οΈ
My labels
β
Article tags
β
Malware
Ransomware
blackmail
data breach
extortion
MSI
private key
ransomware
supply chain
April 11
th
2023 at 16:58
Naked Security
S3 Ep129: When spyware arrives from someone you trust
April 6
th
2023 at 14:57Β
S3 Ep129: When spyware arrives from someone you trust
By:
Paul Ducklin
Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days... listen now!
π·οΈ
My labels
β
Article tags
β
Data loss
Malware
Podcast
Privacy
3CX
Naked Security Podcast
supply chain
Wi-fi
world backup day
April 6
th
2023 at 14:57
Naked Security
Supply chain blunder puts 3CX telephone app users at risk
March 30
th
2023 at 17:36Β
Supply chain blunder puts 3CX telephone app users at risk
By:
Paul Ducklin
Booby-trapped app, apparently signed and shipped by 3CX itself after its source code repository was broken into.
π·οΈ
My labels
β
Article tags
β
Malware
3CX
Electron
git
malware
suuply chain
March 30
th
2023 at 17:36
Naked Security
NPM JavaScript packages abused to create scambait links in bulk
February 22
nd
2023 at 18:59Β
NPM JavaScript packages abused to create scambait links in bulk
By:
Paul Ducklin
Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?!
π·οΈ
My labels
β
Article tags
β
Data loss
Spam
clickbait
npm
rogue packages
scamming
February 22
nd
2023 at 18:59
Naked Security
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
January 1
st
2023 at 21:36Β
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
By:
Paul Ducklin
The bad news: the crooks have your SSH private keys. The good news: only users of the "nightly" build were affected.
π·οΈ
My labels
β
Article tags
β
Machine Learning
Malware
AI
Artificial intelligence
data stealing
Linux
machine learning
malware
ML
PyTorch
triton
January 1
st
2023 at 21:36
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
December 15
th
2022 at 17:10Β
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By:
Paul Ducklin
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
π·οΈ
My labels
β
Article tags
β
Apple
Data loss
Malware
Microsoft
Podcast
Privacy
Vulnerability
0 day
Ben-Gurion University
ios
Naked Security Podcast
skimming
supply chain
vulnerability
Zero Day
December 15
th
2022 at 17:10
Naked Security
COVID-bit: the wireless spyware trick with an unfortunate name
December 13
th
2022 at 17:58Β
COVID-bit: the wireless spyware trick with an unfortunate name
By:
Paul Ducklin
It's not the switching that's the problem, it's the switching of the switching!
ind-1200
π·οΈ
My labels
β
Article tags
β
Data loss
Privacy
airgap
Ben-Gurion University
exfiltration
December 13
th
2022 at 17:58
Naked Security
TikTok βInvisible Challengeβ porn malware puts us all at risk
November 29
th
2022 at 17:58Β
TikTok βInvisible Challengeβ porn malware puts us all at risk
By:
Paul Ducklin
An injury to one is an injury to all. Especially if the other people are part of your social network.
π·οΈ
My labels
β
Article tags
β
Malware
Privacy
Social networks
github
malware
supply chain
Tik Tok
TikTok
November 29
th
2022 at 17:58
Naked Security
βGucci Masterβ business email scammer Hushpuppi gets 11 years
November 14
th
2022 at 16:24Β
βGucci Masterβ business email scammer Hushpuppi gets 11 years
By:
Naked Security writer
Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...
puppi-car-1200
π·οΈ
My labels
β
Article tags
β
BEC
Law & order
Abbas
business email compromise
Hushpuppi
November 14
th
2022 at 16:24
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
October 27
th
2022 at 16:59Β
S3 Ep106: Facial recognition without consent β should it be banned?
By:
Paul Ducklin
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
π·οΈ
My labels
β
Article tags
β
Cryptography
Data loss
GDPR compliance
Law & order
Podcast
Privacy
Ransomware
Clearview
Clearview AI
Deadbolt
Naked Security Podcast
randomness
October 27
th
2022 at 16:59
Naked Security
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
October 26
th
2022 at 00:50Β
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
By:
Paul Ducklin
"We told you to stop but you ignored us," said the French regulator, "so now we're coming after you again."
π·οΈ
My labels
β
Article tags
β
Law & order
Privacy
Clearview
Clearview AI
data collectoin
facial recognition
October 26
th
2022 at 00:50
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
September 1
st
2022 at 16:55Β
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Podcast
airgap
bugs
chrome
data loss
JavaScript
LastPass
vulnerability
September 1
st
2022 at 16:55
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By:
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
π·οΈ
My labels
β
Article tags
β
Data loss
Vulnerability
airgap
Ben Gurion
Ben-Gurion University
data leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
Apple patches double zero-day in browser and kernel β update now!
August 17
th
2022 at 23:33Β
Apple patches double zero-day in browser and kernel β update now!
By:
Paul Ducklin
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
π·οΈ
My labels
β
Article tags
β
Apple
iOS
Malware
OS X
Vulnerability
CVE-2022-32893
CVE-2022-32894
ios
iPadOS
jailbreak
macOS
spyware
August 17
th
2022 at 23:33
Naked Security
GitHub blighted by βresearcherβ who created thousands of malicious projects
August 3
rd
2022 at 23:06Β
GitHub blighted by βresearcherβ who created thousands of malicious projects
By:
Paul Ducklin
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
π·οΈ
My labels
β
Article tags
β
Law & order
github
malware
supply chain
August 3
rd
2022 at 23:06
Naked Security
Murder suspect admits she tracked cheating partner with hidden AirTag
June 14
th
2022 at 16:49Β
Murder suspect admits she tracked cheating partner with hidden AirTag
By:
Paul Ducklin
O! What a tangled web we weave, when first we practise to deceive.
π·οΈ
My labels
β
Article tags
β
Law & order
Privacy
AirTag
BLE
bluetooth
surveillance
Tracking
June 14
th
2022 at 16:49
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
May 24
th
2022 at 23:04Β
Poisoned Python and PHP packages purloin passwords for AWS access
By:
Paul Ducklin
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
π·οΈ
My labels
β
Article tags
β
Malware
Vulnerability
exfiltration
PHP
python
secops
supply chain
XDR
May 24
th
2022 at 23:04
Naked Security
Clearview AI face-matching service fined a lot less than expected
May 23
rd
2022 at 13:01Β
Clearview AI face-matching service fined a lot less than expected
By:
Paul Ducklin
The fine has finally gone through... but it's less than 45% of what was originally proposed.
eleceye-1200
π·οΈ
My labels
β
Article tags
β
Privacy
Clearview
Clearview AI
fine
ico
May 23
rd
2022 at 13:01
Naked Security
RubyGems supply chain rip-and-replace bug fixed β check your logs!
May 9
th
2022 at 15:41Β
RubyGems supply chain rip-and-replace bug fixed β check your logs!
By:
Paul Ducklin
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank".
ruby-1200
π·οΈ
My labels
β
Article tags
β
Vulnerability
CVE-2022-29176
ruby
RubyGems
suppy chain
vulnerability
May 9
th
2022 at 15:41
Naked Security
GitHub issues final report on supply-chain source code intrusions
April 29
th
2022 at 16:15Β
GitHub issues final report on supply-chain source code intrusions
By:
Paul Ducklin
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
π·οΈ
My labels
β
Article tags
β
Data loss
Microsoft
github
oauth
supply chain
zero trust
April 29
th
2022 at 16:15
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
April 19
th
2022 at 16:00Β
Beanstalk cryptocurrency heist: scammer votes himself all the money
By:
Paul Ducklin
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Vulnerability
Blockchain
cryptocoin
cryptocurrency
vulnerability
April 19
th
2022 at 16:00
Naked Security
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
March 3
rd
2022 at 14:04Β
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
By:
Paul Ducklin
Latest episode - listen now (or read it, if that's your preference)...
π·οΈ
My labels
β
Article tags
β
Apple
Instagram
Podcast
AirTag
browsers
Naked Security Podcast
phishing
March 3
rd
2022 at 14:04
Naked Security
Apple AirTag anti-stalking protection bypassed by researchers
February 23
rd
2022 at 17:59Β
Apple AirTag anti-stalking protection bypassed by researchers
By:
Paul Ducklin
Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.
π·οΈ
My labels
β
Article tags
β
Apple
Privacy
AirTag
cyberstalking
Find My
stalking
February 23
rd
2022 at 17:59
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
February 4
th
2022 at 17:38Β
Wormhole cryptotrading company turns over $340,000,000 to criminals
By:
Paul Ducklin
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
π·οΈ
My labels
β
Article tags
β
Cryptocurrency
Blockchain
Jump Crypto
smart contract
Wormhole
February 4
th
2022 at 17:38
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
January 13
th
2022 at 15:26Β
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
By:
Paul Ducklin
Latest episode -listen to it or read it now!
π·οΈ
My labels
β
Article tags
β
Podcast
Vulnerability
Honda
Naked Security Podcast
npm
supply chain
January 13
th
2022 at 15:26
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
January 11
th
2022 at 00:54Β
JavaScript developer destroys own projects in supply chain βlessonβ
By:
Paul Ducklin
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
π·οΈ
My labels
β
Article tags
β
colors.js
faker.js
JavaScript
npm
supply chain
January 11
th
2022 at 00:54
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
December 16
th
2021 at 17:41Β
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By:
Paul Ducklin
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
π·οΈ
My labels
β
Article tags
β
Apple
Podcast
CVE-2021-44228
Exploit
iPhone
jailbreak
Log4Shell
macOS
Naked Security Podcast
December 16
th
2021 at 17:41
Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
December 2
nd
2021 at 20:50Β
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
By:
Paul Ducklin
Latest episode - listen now!
π·οΈ
My labels
β
Article tags
β
Law & order
Podcast
Privacy
Ada Lovelace
AI
computer ethics
Cybercrime
cybersecurity
facial recognition
Naked Security Podcast
December 2
nd
2021 at 20:50
Naked Security
Clearview AI face-matching service set to be fined over $20m
November 30
th
2021 at 19:13Β
Clearview AI face-matching service set to be fined over $20m
By:
Paul Ducklin
Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.
π·οΈ
My labels
β
Article tags
β
Law & order
Privacy
Social networks
Clearview
Clearview AI
facial recognition
ico
OAIC
surveillance
November 30
th
2021 at 19:13
Naked Security
Samba update patches plaintext password plundering problem
November 12
th
2021 at 17:59Β
Samba update patches plaintext password plundering problem
By:
Paul Ducklin
When Microsoft itself says STOP USING X, where X is one of its own protocols... we think you should listen.
π·οΈ
My labels
β
Article tags
β
Cryptography
legacy
plaintext
Samba
SMB1
November 12
th
2021 at 17:59
Naked Security
Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
November 9
th
2021 at 12:31Β
Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
By:
Paul Ducklin
The crooks have shown that they're willing to learn and adapt their attacks, so we need to make sure we learn and adapt, too.
π·οΈ
My labels
β
Article tags
β
Machine Learning
Malware
Mobile
Security leadership
Security threats
AI
MTR
sophoslabs
Threat Report
November 9
th
2021 at 12:31
There are no more articles
β
Mark all as read
Login
FreshRSS 