Researchers claim they can bypass Wi-Fi encryption (briefly, at least)

By: Paul Ducklin — April 3^rd 2023 at 16:59

They can't read much of your data, but even a few stray network packets could tell them something they're not supposed to know.

Naked Security

Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

By: Paul Ducklin — February 6^th 2023 at 17:53

Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary about the "war on crypto" as we talk to him about his new book...

Naked Security

Serious Security: Unravelling the LifeLock “hacked passwords” story

By: Paul Ducklin — January 17^th 2023 at 17:59

Four straight-talking tips to improve your online security, whether you're a LifeLock customer or not.

Naked Security

The horror! The horror! NOTEPAD gets tabbed editing (very briefly)

By: Paul Ducklin — December 29^th 2022 at 17:59

Is there a special meaning of "don't" that means "go right ahead"?

Naked Security

How to hack an unpatched Exchange server with rogue PowerShell code

By: Paul Ducklin — November 22^nd 2022 at 17:54

Review your servers, your patches and your authentication policies - there's a proof-of-concept out

Naked Security

Zoom for Mac patches sneaky “spy-on-me” bug – update now!

By: Paul Ducklin — October 18^th 2022 at 15:58

Hey! That back door isn't supposed to be there at all, let alone propped open...

Naked Security

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

By: Paul Ducklin — October 6^th 2022 at 14:43

Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

Naked Security

Scammers and rogue callers – can anything ever stop them?

By: Paul Ducklin — October 4^th 2022 at 00:06

Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?

Naked Security

S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text]

By: Paul Ducklin — October 1^st 2022 at 14:05

Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...

Naked Security

Cryptocoin “token swapper” Nomad loses $200 million in coding blunder

By: Paul Ducklin — August 2^nd 2022 at 16:12

Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.

Naked Security

Who’s watching your webcam? The Screencastify Chrome extension story…

By: Paul Ducklin — May 26^th 2022 at 12:41

When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.

Naked Security

US cryptocurrency coder gets 5 years for North Korea sanctions busting

By: Naked Security writer — April 13^th 2022 at 15:52

Cryptocurrency expert didn't take "No" for an answer when the US authorities said he couldn't pursue cryptocoin opps in North Korea.

Naked Security

The cool retro phone with a REAL DIAL… plus plenty of IoT problems

By: Paul Ducklin — December 23^rd 2021 at 17:58

You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.

Naked Security

GoDaddy admits to password breach: check your Managed WordPress site!

By: Paul Ducklin — November 23^rd 2021 at 00:35

GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.