FBI warns about scams that lure you in as a mobile beta-tester

Apps on your iPhone must come from the App Store. Except when they don't... we explain what to look out for.

SEC demands four-day disclosure limit for cybersecurity breaches

When is a ransomware attack a reportable matter? And how long have you got to decide?

Apple silently pulls its latest zero-day update – what now?

Previously, we said "do it today", but now we're forced back on: "Do not delay; do it as soon as Apple and your device will let you."

Ghostscript bug could allow rogue documents to run system commands

Even if you've never heard of the venerable Ghostscript project, you may have it installed without knowing.

Serious Security: That KeePass “master password crack”, and what we can learn from it

Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)

S3 Ep136: Navigating a manic malware maelstrom

Latest episode - listen now. Full transcript inside...

PyPI open-source code repository deals with manic malware maelstrom

Controlled outage used to keep malware marauders from gumming up the works. Learn what you can do to help in future...

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

Researchers claim they can bypass Wi-Fi encryption (briefly, at least)

They can't read much of your data, but even a few stray network packets could tell them something they're not supposed to know.

Windows 11 also vulnerable to “aCropalypse” image data leakage

Turns out that the Windows 11 Snipping Tool has the same "aCropalypse" data leakage bug as Pixel phones. Here's how to work around the problem...

Google Pixel phones had a serious data leakage bug – here’s what to do!

What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?

Credit card skimming – the long and winding road of supply chain failure

Don't keep calling home to a JavaScript server that closed its doors eight years ago!

Ping of death! FreeBSD fixes crashtastic bug in network tool

It's a venerable program, and this version had a venerable bug in it.

“Gucci Master” business email scammer Hushpuppi gets 11 years

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...

Public URL scanning tools – when security leads to insecurity

Never make your users cry/By how you use an API

Zoom for Mac patches sneaky “spy-on-me” bug – update now!

Hey! That back door isn't supposed to be there at all, let alone propped open...

S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]

Latest episode - listen now (or read if you prefer!)

APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see…

If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!

Capital One identity theft hacker finally gets convicted

It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!

Colonial Pipeline facing $1,000,000 fine for poor recovery plans

How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here's some real-life advice...

Hospital robot system gets five critical security holes patched

Fortunately, we're not talking about a robot revolution, or about hospital AI run amuck. But these bugs could lead to ransomware, or worse...

S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]

Latest episode - listen now!

S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]

Latest episode - listen now!

The cool retro phone with a REAL DIAL… plus plenty of IoT problems

You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.

Apple’s Mail Privacy Protection feature – watch out if you have a Watch!

Apple's "Protect Mail Activity" is a handy privacy enhancement for your messaging habits. As long as you know its limitations...