Mom’s Meals issues “Notice of Data Event”: What to know and what to do

By: Paul Ducklin — August 29^th 2023 at 16:51

It took six months for notifications to start, and we still don't know exactly what went down... but here's our advice on what to do.

Naked Security

SEC demands four-day disclosure limit for cybersecurity breaches

By: Paul Ducklin — July 31^st 2023 at 16:57

When is a ransomware attack a reportable matter? And how long have you got to decide?

Naked Security

S3 Ep131: Can you really have fun with FORTRAN?

By: Paul Ducklin — April 20^th 2023 at 17:55

Loop-the-loop in this week's episode. Entertaining, educational and all in plain English. Transcript inside.

Naked Security

Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security

By: Paul Ducklin — April 18^th 2023 at 16:56

Did the sentence fit the crime? Read the backstory, and then have your say in our comments! (You may post anonymously.)

Naked Security

Attention gamers! Motherboard maker MSI admits to breach, issues “rogue firmware” alert

By: Paul Ducklin — April 11^th 2023 at 16:58

Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.

Naked Security

Dutch police arrest three cyberextortion suspects who allegedly earned millions

By: Naked Security writer — February 27^th 2023 at 17:33

Ever paid hush money to crooks who broke into your network? Wondered how much you can trust them?

Naked Security

Finnish psychotherapy extortion suspect arrested in France

By: Naked Security writer — February 6^th 2023 at 16:13

Company transcribed ultra-personal conversations, didn't secure them. Criminal stole them, then extorted thousands of vulnerable patients.

Naked Security

S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

By: Paul Ducklin — January 19^th 2023 at 15:53

As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...

Naked Security

LastPass admits to customer data breach caused by previous breach

By: Paul Ducklin — December 2^nd 2022 at 01:10

Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.

Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By: Paul Ducklin — November 3^rd 2022 at 17:51

Listen now - latest episode - audio plus full transcript

Naked Security

Online ticketing company “See” pwned for 2.5 years by attackers

By: Paul Ducklin — October 26^th 2022 at 16:58

Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.

Naked Security

S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw” [Audio + Text]

By: Paul Ducklin — October 20^th 2022 at 16:54

The coolest video game ever! And lots of solid cybersecurity advice - listen now!

pic-1200

Naked Security

Fashion brand SHEIN fined $1.9m for lying about data breach

By: Naked Security writer — October 17^th 2022 at 16:50

Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?

Naked Security

S3 Ep102: How to avoid a data breach [Audio + Transcript]

By: Paul Ducklin — September 29^th 2022 at 18:45

Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...

Naked Security

Optus breach – Aussie telco told it will have to pay to replace IDs

By: Paul Ducklin — September 28^th 2022 at 13:55

Licence compromised? Passport number burned? Need a new one? Who's going to pay?

Naked Security

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]

By: Paul Ducklin — September 22^nd 2022 at 16:42

Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...

Naked Security

LastPass source code breach – incident response report released

By: Paul Ducklin — September 19^th 2022 at 16:59

Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.

Naked Security

UBER HAS BEEN HACKED, boasts hacker – how to stop it happening to you

By: Paul Ducklin — September 16^th 2022 at 15:43

Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?"

Naked Security

T-Mobile to cough up $500 million over 2021 data breach

By: Paul Ducklin — July 25^th 2022 at 16:20

Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.

Naked Security

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

By: Paul Ducklin — June 23^rd 2022 at 11:08

Latest epsiode - listen (or read) now!

Naked Security

Capital One identity theft hacker finally gets convicted

By: Paul Ducklin — June 21^st 2022 at 15:24

It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!

Naked Security

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

By: Paul Ducklin — April 7^th 2022 at 12:24

Latest episode - listen now! Cybersecurity news and advice in plain English.

Naked Security

S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]

By: Paul Ducklin — March 24^th 2022 at 13:49

Latest episode - listen now!

Naked Security

Adafruit suffers GitHub data breach – don’t let this happen to you

By: Paul Ducklin — March 7^th 2022 at 12:47

Training data stashed in GitHub by mistake... unfortunately, it was *real* data

Naked Security

Ransomware with a difference: “Derestrict your software, or else!”

By: Paul Ducklin — March 2^nd 2022 at 16:33

"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.

Naked Security

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

By: Paul Ducklin — November 25^th 2021 at 12:38

Latest episode - listen now! Solid cybersecurity advice in plain English.