Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
OpenSSL issues a bugfix for the previous bugfix
June 24
th
2022 at 15:32Β
OpenSSL issues a bugfix for the previous bugfix
By
Paul Ducklin
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
Related tags
β
Cryptography
Vulnerability
command
injection
crypto
openssl
June 24
th
2022 at 15:32
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
May 24
th
2022 at 23:04Β
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Related tags
β
Malware
Vulnerability
exfiltration
PHP
python
secops
supply
chain
XDR
May 24
th
2022 at 23:04
Naked Security
Clearview AI face-matching service fined a lot less than expected
May 23
rd
2022 at 13:01Β
Clearview AI face-matching service fined a lot less than expected
By
Paul Ducklin
The fine has finally gone through... but it's less than 45% of what was originally proposed.
eleceye-1200
Related tags
β
Privacy
Clearview
Clearview
AI
fine
ico
May 23
rd
2022 at 13:01
Naked Security
Pwn2Own hacking schedule released β Windows and Linux are top targets
May 18
th
2022 at 13:04Β
Pwn2Own hacking schedule released β Windows and Linux are top targets
By
Paul Ducklin
What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?
Related tags
β
Vulnerability
hacking
Pwn2Own
research
secops
May 18
th
2022 at 13:04
Naked Security
Colonial Pipeline facing $1,000,000 fine for poor recovery plans
May 10
th
2022 at 16:59Β
Colonial Pipeline facing $1,000,000 fine for poor recovery plans
By
Paul Ducklin
How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here's some real-life advice...
Related tags
β
Ransomware
Colonial
Colonial
Pipeline
MTR
ransomware
May 10
th
2022 at 16:59
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
April 19
th
2022 at 16:00Β
Beanstalk cryptocurrency heist: scammer votes himself all the money
By
Paul Ducklin
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
Related tags
β
Cryptocurrency
Vulnerability
Blockchain
cryptocoin
cryptocurrency
vulnerability
April 19
th
2022 at 16:00
Naked Security
Yet another Chrome zero-day emergency update β patch now!
April 16
th
2022 at 00:33Β
Yet another Chrome zero-day emergency update β patch now!
By
Paul Ducklin
The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.
Related tags
β
Google
Google
Chrome
Microsoft
Edge
Vulnerability
"Edge"
browser
chrome
CVE-2022-1364
type
confusion
vulnerability
April 16
th
2022 at 00:33
Naked Security
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
April 14
th
2022 at 13:39Β
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
darkweb
Hydra
iot
Naked
Security
Podcast
PQC
quantum
computing
robot
takedown
April 14
th
2022 at 13:39
Naked Security
OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default
April 11
th
2022 at 16:58Β
OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default
By
Paul Ducklin
Useful quantum computers might not actually be possible. But what if they are? And what if they arrive, say, tomorrow?
cat-1200
Related tags
β
Cryptography
NTRU
Prime
openssh
quantum
computing
April 11
th
2022 at 16:58
Naked Security
Web vendor CafePress fined $500,000 for giving cybersecurity a low value
March 21
st
2022 at 16:55Β
Web vendor CafePress fined $500,000 for giving cybersecurity a low value
By
Paul Ducklin
Just because you're the victim of a cybercrime doesn't let you off your cybersecurity obligations
Related tags
β
GDPR
compliance
Privacy
compliance
fine
ftc
March 21
st
2022 at 16:55
Naked Security
Beware bogus Betas β cryptocoin scammers abuse Appleβs TestFlight system
March 16
th
2022 at 15:49Β
Beware bogus Betas β cryptocoin scammers abuse Appleβs TestFlight system
By
Paul Ducklin
"Install this moneymaking app" - this one is so special that it isn't available on Google Play or the App Store!
Related tags
β
Apple
Cryptocurrency
iOS
Malware
cryptocoin
scam
CryptoRom
fake
app
malware
scammer
TestFlight
March 16
th
2022 at 15:49
Naked Security
Happy #PiDay β even if you arenβt in North America!
March 14
th
2022 at 23:59Β
Happy #PiDay β even if you arenβt in North America!
By
Paul Ducklin
There is a cybersecurity angle here - but you will need to read right to the end to find it :-)
Related tags
β
computation
mathematics
March 14
th
2022 at 23:59
Naked Security
Cryptocoin ATMs ruled illegal β βShut down at onceβ, says regulator
March 14
th
2022 at 17:51Β
Cryptocoin ATMs ruled illegal β βShut down at onceβ, says regulator
By
Paul Ducklin
If you live in the UK and hadn't yet heard of cryptocoin ATMs... it's too late now!
Related tags
β
Cryptocurrency
cryptcoins
Money
Laundering
scams
March 14
th
2022 at 17:51
Naked Security
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
February 17
th
2022 at 17:12Β
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
By
Paul Ducklin
Latest episode - listen and learn!
Related tags
β
Podcast
Adobe
Apple
bitcoin
bust
cryptocoins
cryptocurrency
Google
Naked
Security
Podcast
February 17
th
2022 at 17:12
Naked Security
Apple zero-day drama for Macs, iPhones and iPads β patch now!
February 11
th
2022 at 14:25Β
Apple zero-day drama for Macs, iPhones and iPads β patch now!
By
Paul Ducklin
Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now...
apple-1200
Related tags
β
Apple
iOS
OS
X
Vulnerability
CVE-2022-22620
iPad
iPhone
macOS
vulnerability
February 11
th
2022 at 14:25
Naked Security
Self-styled βCrocodile of Wall Streetβ arrested with husband over Bitcoin megaheist
February 9
th
2022 at 14:44Β
Self-styled βCrocodile of Wall Streetβ arrested with husband over Bitcoin megaheist
By
Naked Security writer
The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion!
Related tags
β
Cryptocurrency
Cryptography
Law
&
order
Big
Bitcoin
Heist
bitcoin
BTC
bust
cryptocurrency
doj
quantum
cryptography
February 9
th
2022 at 14:44
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
February 4
th
2022 at 17:38Β
Wormhole cryptotrading company turns over $340,000,000 to criminals
By
Paul Ducklin
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
Related tags
β
Cryptocurrency
Blockchain
Jump
Crypto
smart
contract
Wormhole
February 4
th
2022 at 17:38
Naked Security
Coronavirus SMS scam offers home PCR testing devices β donβt fall for it!
January 28
th
2022 at 23:58Β
Coronavirus SMS scam offers home PCR testing devices β donβt fall for it!
By
Paul Ducklin
Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...
Related tags
β
Phishing
Security
threats
coronavirus
COVID-19
NHS
Scam
SMS
January 28
th
2022 at 23:58
Naked Security
Apple fixes Safari data leak (and patches a zero-day!) β update now
January 27
th
2022 at 21:09Β
Apple fixes Safari data leak (and patches a zero-day!) β update now
By
Paul Ducklin
That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.
apple-1200
Related tags
β
Apple
iOS
OS
X
Privacy
Vulnerability
Exploit
ios
iPhone
macOS
Patch
rce
January 27
th
2022 at 21:09
Naked Security
Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft
January 21
st
2022 at 16:25Β
Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft
By
Paul Ducklin
The company has put out a brief security report that summarises the 'what', but not yet the 'how' or 'why'.
Related tags
β
Cryptocurrency
Vulnerability
2FA
Crypto.com
cryptocurrency
January 21
st
2022 at 16:25
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
January 11
th
2022 at 00:54Β
JavaScript developer destroys own projects in supply chain βlessonβ
By
Paul Ducklin
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
Related tags
β
colors.js
faker.js
JavaScript
npm
supply
chain
January 11
th
2022 at 00:54
Naked Security
Plundered bitcoins recovered by FBI β all 3,879-and-one-sixth of them!
December 22
nd
2021 at 17:57Β
Plundered bitcoins recovered by FBI β all 3,879-and-one-sixth of them!
By
Paul Ducklin
Phew! An audacious crime... that didn't work out.
Related tags
β
Cryptocurrency
Law
&
order
bitcoin
cyberheist
doj
Japan
December 22
nd
2021 at 17:57
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
December 16
th
2021 at 17:41Β
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By
Paul Ducklin
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
Related tags
β
Apple
Podcast
CVE-2021-44228
Exploit
iPhone
jailbreak
Log4Shell
macOS
Naked
Security
Podcast
December 16
th
2021 at 17:41
Naked Security
Apple security updates are out β and not a Log4Shell mention in sight
December 14
th
2021 at 12:55Β
Apple security updates are out β and not a Log4Shell mention in sight
By
Paul Ducklin
Get 'em while they're hot!
Related tags
β
Apple
iPad
iPhone
macOS
Patch
vulnerability
December 14
th
2021 at 12:55
Naked Security
Cryptocurrency startup fails to subtract before adding, loses $31m
December 6
th
2021 at 19:50Β
Cryptocurrency startup fails to subtract before adding, loses $31m
By
Paul Ducklin
Think of a number, any number. Take away 42. Add 42 back in. Then pretend you didn't take away 42. How much is left?
Related tags
β
Cryptocurrency
cryptocoin
cryptocurrency
race
condition
December 6
th
2021 at 19:50
Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
December 2
nd
2021 at 20:50Β
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Law
&
order
Podcast
Privacy
Ada
Lovelace
AI
computer
ethics
Cybercrime
cybersecurity
facial
recognition
Naked
Security
Podcast
December 2
nd
2021 at 20:50
Naked Security
Clearview AI face-matching service set to be fined over $20m
November 30
th
2021 at 19:13Β
Clearview AI face-matching service set to be fined over $20m
By
Paul Ducklin
Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.
Related tags
β
Law
&
order
Privacy
Social
networks
Clearview
Clearview
AI
facial
recognition
ico
OAIC
surveillance
November 30
th
2021 at 19:13
Naked Security
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
November 25
th
2021 at 12:38Β
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
By
Paul Ducklin
Latest episode - listen now! Solid cybersecurity advice in plain English.
Related tags
β
Podcast
cookies
data
breach
exchange
Exploit
GoDaddy
Naked
Security
Podcast
passwords
vulnerability
November 25
th
2021 at 12:38
Naked Security
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
November 18
th
2021 at 22:20Β
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
By
Paul Ducklin
Be aware before you share! That's a good rule for developers and techies, just as much as it is for social media addicts.
Related tags
β
Data
loss
cookies
data
leakage
Firefox
November 18
th
2021 at 22:20
Naked Security
S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust [Podcast]
November 11
th
2021 at 17:41Β
S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust [Podcast]
By
Paul Ducklin
Latest epsiode - listen now!
Related tags
β
Facebook
Firefox
Law
&
order
Podcast
Ransomware
Cybercrime
facial
recognition
Naked
Security
Podcast
ransomware
November 11
th
2021 at 17:41
Naked Security
Facebook to throw out face recognition, delete all template data
November 3
rd
2021 at 19:31Β
Facebook to throw out face recognition, delete all template data
By
Paul Ducklin
Publicity stunt? Or privacy progress?
Related tags
β
Facebook
Privacy
facial
recognition
Meta
opt-in
November 3
rd
2021 at 19:31
Naked Security
βTo the moon!β Cryptocurrency hamster Mr Goxx trades online 24/7
October 20
th
2021 at 18:07Β
βTo the moon!β Cryptocurrency hamster Mr Goxx trades online 24/7
By
Paul Ducklin
Here's a happy cryptocurrency story for once, with not a cybercrook in sight.
Related tags
β
Cryptocurrency
cryptocoin
cryptocurrency
cute
nocturnal
rodent
ico
Karpeles
Mr
Goxx
mt
gox
Poly
Networks
October 20
th
2021 at 18:07
Naked Security
LANtenna hack spies on your data from across the room! (Sort of)
October 15
th
2021 at 18:58Β
LANtenna hack spies on your data from across the room! (Sort of)
By
Paul Ducklin
Are your network cables acting as undercover wireless transmitters? What can you do if they are?
Related tags
β
Ben
Gurion
covert
channel
LANtenna
steganography
October 15
th
2021 at 18:58
There are no more articles
β
Mark all as read