Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
May 24
th
2022 at 23:04Β
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Related tags
β
Malware
Vulnerability
exfiltration
PHP
python
secops
supply
chain
XDR
May 24
th
2022 at 23:04
Naked Security
Clearview AI face-matching service fined a lot less than expected
May 23
rd
2022 at 13:01Β
Clearview AI face-matching service fined a lot less than expected
By
Paul Ducklin
The fine has finally gone through... but it's less than 45% of what was originally proposed.
eleceye-1200
Related tags
β
Privacy
Clearview
Clearview
AI
fine
ico
May 23
rd
2022 at 13:01
Naked Security
RubyGems supply chain rip-and-replace bug fixed β check your logs!
May 9
th
2022 at 15:41Β
RubyGems supply chain rip-and-replace bug fixed β check your logs!
By
Paul Ducklin
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank".
ruby-1200
Related tags
β
Vulnerability
CVE-2022-29176
ruby
RubyGems
suppy
chain
vulnerability
May 9
th
2022 at 15:41
Naked Security
GitHub issues final report on supply-chain source code intrusions
April 29
th
2022 at 16:15Β
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Related tags
β
Data
loss
Microsoft
github
oauth
supply
chain
zero
trust
April 29
th
2022 at 16:15
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
April 19
th
2022 at 16:00Β
Beanstalk cryptocurrency heist: scammer votes himself all the money
By
Paul Ducklin
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
Related tags
β
Cryptocurrency
Vulnerability
Blockchain
cryptocoin
cryptocurrency
vulnerability
April 19
th
2022 at 16:00
Naked Security
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
March 3
rd
2022 at 14:04Β
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
By
Paul Ducklin
Latest episode - listen now (or read it, if that's your preference)...
Related tags
β
Apple
Instagram
Podcast
AirTag
browsers
Naked
Security
Podcast
phishing
March 3
rd
2022 at 14:04
Naked Security
Apple AirTag anti-stalking protection bypassed by researchers
February 23
rd
2022 at 17:59Β
Apple AirTag anti-stalking protection bypassed by researchers
By
Paul Ducklin
Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.
Related tags
β
Apple
Privacy
AirTag
cyberstalking
Find
My
stalking
February 23
rd
2022 at 17:59
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
February 4
th
2022 at 17:38Β
Wormhole cryptotrading company turns over $340,000,000 to criminals
By
Paul Ducklin
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
Related tags
β
Cryptocurrency
Blockchain
Jump
Crypto
smart
contract
Wormhole
February 4
th
2022 at 17:38
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
January 13
th
2022 at 15:26Β
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
By
Paul Ducklin
Latest episode -listen to it or read it now!
Related tags
β
Podcast
Vulnerability
Honda
Naked
Security
Podcast
npm
supply
chain
January 13
th
2022 at 15:26
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
January 11
th
2022 at 00:54Β
JavaScript developer destroys own projects in supply chain βlessonβ
By
Paul Ducklin
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
Related tags
β
colors.js
faker.js
JavaScript
npm
supply
chain
January 11
th
2022 at 00:54
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
December 16
th
2021 at 17:41Β
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By
Paul Ducklin
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
Related tags
β
Apple
Podcast
CVE-2021-44228
Exploit
iPhone
jailbreak
Log4Shell
macOS
Naked
Security
Podcast
December 16
th
2021 at 17:41
Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
December 2
nd
2021 at 20:50Β
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Law
&
order
Podcast
Privacy
Ada
Lovelace
AI
computer
ethics
Cybercrime
cybersecurity
facial
recognition
Naked
Security
Podcast
December 2
nd
2021 at 20:50
Naked Security
Clearview AI face-matching service set to be fined over $20m
November 30
th
2021 at 19:13Β
Clearview AI face-matching service set to be fined over $20m
By
Paul Ducklin
Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.
Related tags
β
Law
&
order
Privacy
Social
networks
Clearview
Clearview
AI
facial
recognition
ico
OAIC
surveillance
November 30
th
2021 at 19:13
Naked Security
Samba update patches plaintext password plundering problem
November 12
th
2021 at 19:59Β
Samba update patches plaintext password plundering problem
By
Paul Ducklin
When Microsoft itself says STOP USING X, where X is one of its own protocols... we think you should listen.
Related tags
β
Cryptography
legacy
plaintext
Samba
SMB1
November 12
th
2021 at 19:59
Naked Security
Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
November 9
th
2021 at 19:31Β
Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
By
Paul Ducklin
The crooks have shown that they're willing to learn and adapt their attacks, so we need to make sure we learn and adapt, too.
Related tags
β
Machine
Learning
Malware
Mobile
Security
leadership
Security
threats
AI
MTR
sophoslabs
Threat
Report
November 9
th
2021 at 19:31
Naked Security
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
October 25
th
2021 at 16:38Β
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
By
Paul Ducklin
Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.
Related tags
β
Malware
Podcast
Ransomware
Security
leadership
BeCyberSmart
Cybermonth
Chester
Wisniewki
Cybermonth
2021
sos-2021
supply
chain
October 25
th
2021 at 16:38
There are no more articles
β
Mark all as read