Google Virus Total leaks list of spooky email addresses

Careful with that file, Eugene!

S3 Ep138: I like to MOVEit, MOVEit

Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)

Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now

Chrome and Edge 0-days patched.

Tracked by hidden tags? Apple and Google unite to propose safety and security standards…

To bleat, or not to bleat, that is the question.

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short.

Google wins court order to force ISPs to filter botnet traffic

CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.

S3 Ep132: Proof-of-concept lets anyone hack at will

When Doug says, "Happy Remote Code Execution Day, Duck"... it's irony. For the avoidance of all doubt :-)

Google leaking 2FA secrets – researchers advise against new “account sync” feature for now

You waited 13 years for this feature in Google Authenticator. Now researchers are advising you to wait a while longer, just in case...

Double zero-day in Chrome and Edge – check your versions now!

Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?

S3 Ep131: Can you really have fun with FORTRAN?

Loop-the-loop in this week's episode. Entertaining, educational and all in plain English. Transcript inside.

FBI and FCC warn about “Juicejacking” – but just how useful is their advice?

USB charging stations - can you trust them? What are the real risks, and how can you keep your data safe on the road?

S3 Ep128: So you want to be a cyber­criminal? [Audio + Text]

Latest episode - listen now!

S3 Ep127: When you chop someone out of a photo, but there they are anyway…

Listen now - latest episode. Full transcript inside.

Google Pixel phones had a serious data leakage bug – here’s what to do!

What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?

Dangerous Android phone 0-day bugs revealed – patch or work around them now!

Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.

S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]

Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!

S3 Ep124: When so-called security apps go rogue [Audio + Text]

Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

Lastest episode - listen now! (Or read the transcript.)

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.

Number Nine! Chrome fixes another 2022 zero-day, Edge patched too

Ninth more unto the breach, dear friends, ninth more.

Chrome fixes 8th zero-day of 2022 – check your version now (Edge too!)

There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!

Dangerous SIM-swap lockscreen bypass – update Android now!

A bit like leaving the front door keys under the doormat...

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

Listen now - latest episode - audio plus full transcript

Chrome issues urgent zero-day fix – update now!

We've said it before/And we'll say it again/It's not *if* you should patch/It's a matter of *when*. (Hint: now!)

WhatsApp goes after Chinese password scammers via US court

If you can't beat 'em, sue 'em!

Chrome and Edge fix zero-day security hole – update now!

This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.

Chrome patches 24 security holes, enables “Sanitizer” safety system

24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

Latest episode - listen now! (Or read the transcript if you prefer the text version.)

Chrome browser gets 11 security fixes with 1 zero-day – update now!

Don't delay - patch today.

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

Listen now! Or read if you prefer...

Google patches “in-the-wild” Chrome zero-day – update now!

Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...

You didn’t leave enough space between ROSE and AND, and AND and CROWN

What weird Google Docs bug connects the words THEREFORE, AND, SECONDLY, WHY, BUT and BESIDES?

Android monthly updates are out – critical bugs found in critical places!

Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...

Yet another Chrome zero-day emergency update – patch now!

The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

Latest episode - listen now! Cybersecurity news and advice in plain English.

Google’s monthly Android updates patch numerous “get root” holes

Get the update now... if it's available for your phone. Here's how to check.

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

Latest episode - listen now!

Google Chrome patches mysterious new zero-day bug – update now

CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!

“Dirty Pipe” Linux kernel bug lets anyone write to any file

Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

Latest episode - listen and learn!

Google announces zero-day in Chrome browser – update now!

Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week"

Cloud Security: Don’t wait until your next bill to find out about an attack!

Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.