Crimeware server used by NetWalker ransomware seized and shut down

By: Paul Ducklin — August 14^th 2023 at 14:06

The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back...

Naked Security

S3 Ep147: What if you type in your password during a meeting?

By: Paul Ducklin — August 10^th 2023 at 13:34

Latest episode - listen now! (Full transcript inside.)

Naked Security

S3 Ep141: What was Steve Jobs’s first job?

By: Paul Ducklin — June 29^th 2023 at 16:58

Latest episode - listen now! (Full transcript inside.)

Naked Security

UK hacker busted in Spain gets 5 years over Twitter hack and more

By: Naked Security writer — June 26^th 2023 at 15:35

Not just that infamous Twitter hack, but SIM-swapping, stalking and swatting too...

Naked Security

S3 Ep139: Are password rules like running through rain?

By: Paul Ducklin — June 15^th 2023 at 16:43

Latest episode - listen now! (Full transcript inside.)

Naked Security

Gozi banking malware “IT chief” finally jailed after more than 10 years

By: Paul Ducklin — June 13^th 2023 at 16:43

Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end...

Naked Security

History revisited: US DOJ unseals Mt. Gox cybercrime charges

By: Naked Security writer — June 12^th 2023 at 16:58

Though the mills of the Law grind slowly/Yet they grind exceeding small/Though with patience they stand waiting/With exactness grind they all...

Naked Security

S3 Ep137: 16th century crypto skullduggery

By: Paul Ducklin — June 1^st 2023 at 16:45

Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)

s3-ep137-feat-1200

Naked Security

S3 Ep136: Navigating a manic malware maelstrom

By: Paul Ducklin — May 25^th 2023 at 16:50

Latest episode - listen now. Full transcript inside...

Naked Security

Ransomware tales: The MitM attack that really had a Man in the Middle

By: Paul Ducklin — May 24^th 2023 at 17:59

Another traitorous sysadmin story, this one busted by system logs that gave his game away...

Naked Security

Phone scamming kingpin gets 13 years for running “iSpoof” service

By: Naked Security writer — May 22^nd 2023 at 16:58

Site marketing video promised total anonymity, but that was a lie. 170 arrested already. Potentially 1000s more to follow.

ispoof-1200

Naked Security

US offers $10m bounty for Russian ransomware suspect outed in indictment

By: Naked Security writer — May 17^th 2023 at 16:40

"Up to $10 million for information that leads to the arrest and/or conviction of this defendant."

Naked Security

Google wins court order to force ISPs to filter botnet traffic

By: Naked Security writer — April 28^th 2023 at 19:59

CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.

Naked Security

Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security

By: Paul Ducklin — April 18^th 2023 at 16:56

Did the sentence fit the crime? Read the backstory, and then have your say in our comments! (You may post anonymously.)

Naked Security

S3 Ep125: When security hardware has security holes [Audio + Text]

By: Paul Ducklin — March 9^th 2023 at 18:58

Lastest episode - listen now! (Full transcript inside.)

Naked Security

DoppelPaymer ransomware supsects arrested in Germany and Ukraine

By: Naked Security writer — March 6^th 2023 at 16:16

Devices seized, suspects interrogated and arrested, allegedly connected to devastating cyberattack on University Hospital in Düsseldorf.

Naked Security

Dutch police arrest three cyberextortion suspects who allegedly earned millions

By: Naked Security writer — February 27^th 2023 at 17:33

Ever paid hush money to crooks who broke into your network? Wondered how much you can trust them?

Naked Security

S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

By: Paul Ducklin — February 9^th 2023 at 19:41

Latest epsiode. Listen now!

Naked Security

S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

By: Paul Ducklin — January 19^th 2023 at 15:53

As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...

Naked Security

S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]

By: Paul Ducklin — January 12^th 2023 at 17:59

Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)

Naked Security

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

By: Paul Ducklin — November 10^th 2022 at 17:26

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

Naked Security

Silk Road drugs market hacker pleads guilty, faces 20 years inside

By: Paul Ducklin — November 8^th 2022 at 17:58

Jurisprudence isn't like arithmetic... two negatives never make a positive!

Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By: Paul Ducklin — November 3^rd 2022 at 17:51

Listen now - latest episode - audio plus full transcript

Naked Security

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

By: Paul Ducklin — October 6^th 2022 at 14:43

Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

Naked Security

NetWalker ransomware affiliate sentenced to 20 years by Florida court

By: Naked Security writer — October 5^th 2022 at 16:55

Judge tells the accused that if he hadn't pleaded guilty, "I would have given you life."

Naked Security

BEC fraudster and romance scammer sent to prison for 25 years

By: Paul Ducklin — October 4^th 2022 at 19:12

Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth.

rs-1200

Naked Security

Last member of Gozi malware troika arrives in US for criminal trial

By: Paul Ducklin — July 20^th 2022 at 14:56

His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...

Naked Security

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

By: Paul Ducklin — July 7^th 2022 at 14:46

Listen now! Or read if you prefer...

Naked Security

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

By: Paul Ducklin — July 4^th 2022 at 14:09

Bust in Canada, now bust in the USA as well.

Naked Security

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

By: Paul Ducklin — June 23^rd 2022 at 11:08

Latest epsiode - listen (or read) now!

Naked Security

Interpol busts 2000 suspects in phone scamming takedown

By: Paul Ducklin — June 20^th 2022 at 18:10

Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...

Naked Security

SSNDOB Market domains seized, identity theft “brokerage” shut down

By: Paul Ducklin — June 8^th 2022 at 14:53

The online identity "brokerage" SSNDOB Market didn't want people to be in any doubt what it was selling.

Naked Security

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

By: Paul Ducklin — May 19^th 2022 at 13:56

Latest episode - listen now!

Naked Security

He sold cracked passwords for a living – now he’s serving 4 years in prison

By: Paul Ducklin — May 13^th 2022 at 15:31

Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...

Naked Security

US cryptocurrency coder gets 5 years for North Korea sanctions busting

By: Naked Security writer — April 13^th 2022 at 15:52

Cryptocurrency expert didn't take "No" for an answer when the US authorities said he couldn't pursue cryptocoin opps in North Korea.

Naked Security

Serious Security: Darkweb drugs market Hydra taken offline by German police

By: Paul Ducklin — April 6^th 2022 at 16:22

Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English...

Naked Security

LAPSUS$ hacks continue despite two hacker suspects in court

By: Paul Ducklin — April 4^th 2022 at 21:36

Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?

Naked Security

UK police arrest 7 hacking suspects – have they bust the LAPSUS$ gang?

By: Naked Security writer — March 25^th 2022 at 01:48

Seven alleged hackers have been arrested in the UK. But who are they, and which hacking crew are they from?

Naked Security

Alleged Kaseya ransomware attacker arrives in Texas for trial

By: Naked Security writer — March 11^th 2022 at 14:59

The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...

Naked Security

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

By: Paul Ducklin — February 17^th 2022 at 17:12

Latest episode - listen and learn!

Naked Security

S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]

By: Paul Ducklin — February 10^th 2022 at 01:15

Latest episode - listen now!

Naked Security

Self-styled “Crocodile of Wall Street” arrested with husband over Bitcoin megaheist

By: Naked Security writer — February 9^th 2022 at 14:44

The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion!

Naked Security

Alleged carder gang mastermind and three acolytes under arrest in Russia

By: Naked Security writer — January 24^th 2022 at 14:14

The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames.

Naked Security

Kaseya ransomware suspect nabbed in Poland, $6m seized from absent colleague

By: Naked Security writer — November 8^th 2021 at 22:37

Suspects nabbed, millions seized, in ransomware busts across the globe.