Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
November 17
th
2022 at 17:52Β
S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
By
Paul Ducklin
Latest episode - listen now! Cybersecurity news plus loads of great advice...
Related tags
β
Law
&
order
Podcast
Vulnerability
Android
Apple
Cybercrime
Naked
Security
Podcast
November 17
th
2022 at 17:52
Naked Security
Firefox fixes fullscreen fakery flaw β get the update now!
November 16
th
2022 at 19:51Β
Firefox fixes fullscreen fakery flaw β get the update now!
By
Paul Ducklin
What's so bad about a web page going fullscreen without warning you first?
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
November 16
th
2022 at 19:51
Naked Security
Log4Shell-like code execution hole in popular Backstage dev tool
November 15
th
2022 at 17:49Β
Log4Shell-like code execution hole in popular Backstage dev tool
By
Paul Ducklin
Good old "string templating", also known as "string interpolation", in the spotlight again...
bs-1200
Related tags
β
Vulnerability
Backstage
CVE-2022-36067
November 15
th
2022 at 17:49
Naked Security
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
November 10
th
2022 at 17:26Β
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
By
Paul Ducklin
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Related tags
β
Cryptocurrency
Law
&
order
Microsoft
Podcast
Privacy
Vulnerability
bust
cryptocurrency
Exploit
Naked
Security
Podcast
Patch
Tuesday
Windows
November 10
th
2022 at 17:26
Naked Security
Emergency code execution patch from Apple β but not an 0-day
November 10
th
2022 at 01:49Β
Emergency code execution patch from Apple β but not an 0-day
By
Paul Ducklin
Not a zero-day, but important enough for a quick-fire patch to one system library...
Related tags
β
Apple
iOS
OS
X
Vulnerability
CVE-2022-40303
CVE-2022-40304
November 10
th
2022 at 01:49
Naked Security
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
November 9
th
2022 at 19:58Β
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
By
Paul Ducklin
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?
Related tags
β
Microsoft
Privacy
Vulnerability
day
exchange
Exploit
Patch
Tuesday
vulnerability
Zero
Day
November 9
th
2022 at 19:58
Naked Security
Silk Road drugs market hacker pleads guilty, faces 20 years inside
November 8
th
2022 at 19:58Β
Silk Road drugs market hacker pleads guilty, faces 20 years inside
By
Paul Ducklin
Jurisprudence isn't like arithmetic... two negatives never make a positive!
Related tags
β
Cryptocurrency
Law
&
order
Big
Bitcoin
Heist
bitcoin
bust
doj
Silk
Road
Zhong
November 8
th
2022 at 19:58
Naked Security
Twitter Blue Badge email scams β Donβt fall for them!
November 4
th
2022 at 17:59Β
Twitter Blue Badge email scams β Donβt fall for them!
By
Naked Security writer
That was the week that was...
Related tags
β
2-factor
Authentication
Phishing
Privacy
Spam
blue
badge
phishing
Twitter
verified
November 4
th
2022 at 17:59
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
November 3
rd
2022 at 17:51Β
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
By
Paul Ducklin
Listen now - latest episode - audio plus full transcript
Related tags
β
Apple
Data
loss
Google
Law
&
order
Malware
Podcast
Privacy
Vulnerability
bust
Cybercrime
cyberextortion
data
breach
heartbleed
Naked
Security
Podcast
openssl
Patches
November 3
rd
2022 at 17:51
Naked Security
The OpenSSL security update story β how can you tell what needs fixing?
November 3
rd
2022 at 00:44Β
The OpenSSL security update story β how can you tell what needs fixing?
By
Paul Ducklin
How to Hack! Finding OpenSSL library files and accurately identifying their version numbers...
ossl-code-1200
Related tags
β
Cryptography
Vulnerability
CVE-2022-3602
CVE-2022-378
openssl
November 3
rd
2022 at 00:44
Naked Security
OpenSSL patches are outΒ β CRITICAL bug downgraded to HIGH, but patch anyway!
November 1
st
2022 at 17:24Β
OpenSSL patches are outΒ β CRITICAL bug downgraded to HIGH, but patch anyway!
By
Paul Ducklin
That bated-breath OpenSSL update is out! It's no longer rated CRITICAL, but we advise you to patch ASAP anyway. Here's why...
Related tags
β
Cryptography
Vulnerability
CVE-2022-3602
CVE-2022-3786
openssl
vulneravility
November 1
st
2022 at 17:24
Naked Security
SHA-3 code execution bug patched in PHP β check your version!
November 1
st
2022 at 14:09Β
SHA-3 code execution bug patched in PHP β check your version!
By
Paul Ducklin
As everyone waits for news of a bug in OpenSSL, here's a reminder that other cryptographic code in your life may also need patching!
Related tags
β
Cryptography
Vulnerability
cryptograhpy
CVE-2022-37454
PHP
sha-3
November 1
st
2022 at 14:09
Naked Security
Chrome issues urgent zero-day fix β update now!
October 29
th
2022 at 15:08Β
Chrome issues urgent zero-day fix β update now!
By
Paul Ducklin
We've said it before/And we'll say it again/It's not *if* you should patch/It's a matter of *when*. (Hint: now!)
Related tags
β
Google
Google
Chrome
Vulnerability
"Edge"
day
chrome
Chromium
CVE-2022-3723
Exploit
Zero
Day
October 29
th
2022 at 15:08
Naked Security
Updates to Appleβs zero-day update story β iPhone and iPad users read this!
October 28
th
2022 at 18:04Β
Updates to Appleβs zero-day update story β iPhone and iPad users read this!
By
Paul Ducklin
Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day for iOS 15...
Related tags
β
Apple
Vulnerability
CVE-2022-42827
iPad
iPhone
spyware
Zero
Day
October 28
th
2022 at 18:04
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
October 27
th
2022 at 16:59Β
S3 Ep106: Facial recognition without consent β should it be banned?
By
Paul Ducklin
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Related tags
β
Cryptography
Data
loss
GDPR
compliance
Law
&
order
Podcast
Privacy
Ransomware
Clearview
Clearview
AI
Deadbolt
Naked
Security
Podcast
randomness
October 27
th
2022 at 16:59
Naked Security
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
October 26
th
2022 at 00:50Β
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
By
Paul Ducklin
"We told you to stop but you ignored us," said the French regulator, "so now we're coming after you again."
Related tags
β
Law
&
order
Privacy
Clearview
Clearview
AI
data
collectoin
facial
recognition
October 26
th
2022 at 00:50
Naked Security
Apple megaupdate: Ventura out, iOS and iPad kernel zero-day β act now!
October 25
th
2022 at 18:03Β
Apple megaupdate: Ventura out, iOS and iPad kernel zero-day β act now!
By
Paul Ducklin
Ventura hits the market with 112 patches, Catalina's gone missing, and iPhones and iPads get a critical kernel-level zero-day patch...
Related tags
β
Apple
iOS
OS
X
Vulnerability
day
CVE-2022-42827
Exploit
ios
iPad
iPhone
mac
vulnerability
zer-day
October 25
th
2022 at 18:03
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
October 20
th
2022 at 18:54Β
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By
Paul Ducklin
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
Related tags
β
Cryptography
Data
loss
Microsoft
Podcast
Privacy
data
breach
Naked
Security
Podcast
Office
Patch
Tuesday
zoom
October 20
th
2022 at 18:54
Naked Security
Zoom for Mac patches sneaky βspy-on-meβ bug β update now!
October 18
th
2022 at 18:01Β
Zoom for Mac patches sneaky βspy-on-meβ bug β update now!
By
Paul Ducklin
Hey! That back door isn't supposed to be there at all, let alone propped open...
Related tags
β
Uncategorized
CVE-2022-28762
snooping
spyware
vulnerabiloity
zoom
October 18
th
2022 at 18:01
Naked Security
Dangerous hole in Apache Commons Text β like Log4Shell all over again
October 18
th
2022 at 17:26Β
Dangerous hole in Apache Commons Text β like Log4Shell all over again
By
Paul Ducklin
Third time unlucky. Time to put your patching boots on again...
act-1200
Related tags
β
Vulnerability
Apache
Apache
Commons
Text
CVE-2022-42889
Log4j
Log4Shell
string
interpolation
October 18
th
2022 at 17:26
Naked Security
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
October 13
th
2022 at 16:37Β
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
By
Paul Ducklin
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...
Related tags
β
Apple
iOS
Podcast
Ransomware
ada
Ada
Lovelace
iPhone
Naked
Security
Podcast
Netwalker
ransomware
Sullivan
Uber
WhatsApp
October 13
th
2022 at 16:37
Naked Security
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
October 12
th
2022 at 16:58Β
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
By
Paul Ducklin
There's a zero-day patch, but it's not for the zero-day you thought.
Related tags
β
Microsoft
Vulnerability
Windows
day
Exploit
Patch
Tuesday
vulnerability
October 12
th
2022 at 16:58
Naked Security
Mystery iPhone update patches against iOS 16 mail crash-attack
October 11
th
2022 at 00:28Β
Mystery iPhone update patches against iOS 16 mail crash-attack
By
Paul Ducklin
The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages...
Related tags
β
Apple
iOS
Vulnerability
crash-of-death
CVE-2022-22658
ios
October 11
th
2022 at 00:28
Naked Security
S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]
October 6
th
2022 at 14:43Β
S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]
By
Paul Ducklin
Latest episode - listen and learn now (or read and revise, if the written word is your thing)...
Related tags
β
Law
&
order
Microsoft
Podcast
:ProxyNotShell
BEC
bust
exchange
Exploit
Naked
Security
Podcast
robocalls
romance
scam
vulnerability
October 6
th
2022 at 14:43
Naked Security
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
October 1
st
2022 at 14:05Β
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
By
Paul Ducklin
Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...
Related tags
β
Microsoft
Podcast
Vulnerability
:ProxyNotShell
chester
wisniewski
CVE-2022-41040
CVE-2022-41042
exchange
Zero
Day
October 1
st
2022 at 14:05
Naked Security
URGENT! Microsoft Exchange double zero-day β βlike ProxyShell, only differentβ
September 30
th
2022 at 18:25Β
URGENT! Microsoft Exchange double zero-day β βlike ProxyShell, only differentβ
By
Paul Ducklin
Double-play 0-day in Exchange - what you need to know, and what you can do
Related tags
β
Microsoft
Vulnerability
CVE-2022-41040
CVE-2022-41082
exchange
vulnerability
Zero
Day
September 30
th
2022 at 18:25
Naked Security
S3 Ep102: How to avoid a data breach [Audio + Transcript]
September 29
th
2022 at 18:45Β
S3 Ep102: How to avoid a data breach [Audio + Transcript]
By
Paul Ducklin
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
Related tags
β
Podcast
data
breach
GTA6
Naked
Security
Podcast
Uber
WhatsApp
forwarding
September 29
th
2022 at 18:45
Naked Security
WhatsApp βzero-day exploitβ news scare β what you need to know
September 27
th
2022 at 18:51Β
WhatsApp βzero-day exploitβ news scare β what you need to know
By
Paul Ducklin
Is WhatsApp currently under active attack by cybercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
Related tags
β
Vulnerability
Exploit
vulnerability
WhatsApp
September 27
th
2022 at 18:51
Naked Security
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
September 22
nd
2022 at 18:42Β
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
Related tags
β
Data
loss
Podcast
2FA
data
breach
LastPass
MFA
Naked
Security
Podcast
Uber
September 22
nd
2022 at 18:42
Naked Security
Interested in cybersecurity? Join us for Security SOS Week 2022!
September 21
st
2022 at 14:24Β
Interested in cybersecurity? Join us for Security SOS Week 2022!
By
Paul Ducklin
Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.
Related tags
β
Security
events
Security
leadership
Event
malware
SOS
Week
September 21
st
2022 at 14:24
Naked Security
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
September 17
th
2022 at 20:57Β
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
By
Paul Ducklin
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."
Related tags
β
Data
loss
Podcast
Security
leadership
September 17
th
2022 at 20:57
Naked Security
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
September 15
th
2022 at 18:50Β
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...
s3-ep100-js-1200
Related tags
β
Podcast
Cybercrime
Deadbolt
Naked
Security
Podcast
ransomware
Zero
Day
September 15
th
2022 at 18:50
Naked Security
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
September 13
th
2022 at 20:52Β
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
By
Paul Ducklin
Simple but super-sneaky - use a picture of a browser, and convince people it's real...
pipe-light-not-1200
Related tags
β
Data
loss
Phishing
BitB
MitB
MITM
phishing
Scam
September 13
th
2022 at 20:52
Naked Security
Apple patches zero-day holes β even in the brand new iOS 16
September 12
th
2022 at 21:25Β
Apple patches zero-day holes β even in the brand new iOS 16
By
Paul Ducklin
Five updates, one upgrade, plus two zero-days. Patch your Macs, iPhones and iPads as soon as you can (again)...
apple-plus-16-1200
Related tags
β
Apple
iOS
OS
X
Vulnerability
September 12
th
2022 at 21:25
Naked Security
How to deal with dates and times without any timezone tantrumsβ¦
September 9
th
2022 at 18:59Β
How to deal with dates and times without any timezone tantrumsβ¦
By
Paul Ducklin
Heartfelt encouragement to embrace RFC 3339 - find out why!
Related tags
β
Security
leadership
rfc
3339
timezone
September 9
th
2022 at 18:59
Naked Security
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
September 8
th
2022 at 13:21Β
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
Related tags
β
Podcast
Eckersley
Lets
Encrypt
Naked
Security
Podcast
Peter
Tik
Tok
September 8
th
2022 at 13:21
Naked Security
Chrome and Edge fix zero-day security hole β update now!
September 5
th
2022 at 15:12Β
Chrome and Edge fix zero-day security hole β update now!
By
Paul Ducklin
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
Related tags
β
Google
Google
Chrome
Vulnerability
chrome
CVE-2022-3075
Exploit
Patch
Zero
Day
September 5
th
2022 at 15:12
Naked Security
Peter Eckersley, co-creator of Letβs Encrypt, dies at just 43
September 4
th
2022 at 00:50Β
Peter Eckersley, co-creator of Letβs Encrypt, dies at just 43
By
Paul Ducklin
This site, like millions of others, has a certificate from Let's Encrypt. Farewell, Peter Eckersley, PhD, who helped make it all possible.
Related tags
β
eff
Lets
Encrypt
obituary
Peter
Eckersley
September 4
th
2022 at 00:50
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
September 1
st
2022 at 16:55Β
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Podcast
airgap
bugs
chrome
data
loss
JavaScript
LastPass
vulnerability
September 1
st
2022 at 16:55
Naked Security
URGENT! Apple slips out zero-day update for older iPhones and iPads
August 31
st
2022 at 18:42Β
URGENT! Apple slips out zero-day update for older iPhones and iPads
By
Paul Ducklin
Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.
Related tags
β
Apple
iOS
CVE-2022-32893
ios
spyware
webkit
Zero
Day
August 31
st
2022 at 18:42
Naked Security
Chrome patches 24 security holes, enables βSanitizerβ safety system
August 31
st
2022 at 11:48Β
Chrome patches 24 security holes, enables βSanitizerβ safety system
By
Paul Ducklin
24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.
Related tags
β
Google
Google
Chrome
Vulnerability
buffer
overflow
chrome
Sanitizer
use-after-free
vulnerability
XSS
August 31
st
2022 at 11:48
Naked Security
JavaScript bugs aplenty in Node.js ecosystem β found automatically
August 30
th
2022 at 16:59Β
JavaScript bugs aplenty in Node.js ecosystem β found automatically
By
Paul Ducklin
How to get the better of bugs in all the possible packages in your supply chain?
Related tags
β
Vulnerability
bug-hunting
cve
JavaScript
vulnerability
August 30
th
2022 at 16:59
Naked Security
Firefox 104 is out β no critical bugs, but update anyway
August 26
th
2022 at 16:27Β
Firefox 104 is out β no critical bugs, but update anyway
By
Paul Ducklin
Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
August 26
th
2022 at 16:27
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
August 25
th
2022 at 15:37Β
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer the text version.)
Related tags
β
Apple
Cryptocurrency
Google
Microsoft
Podcast
Vulnerability
"Edge"
chrome
crypto
cryptocurrency
denial
of
service
DOS
iPhone
Naked
Security
Podcast
R&B
Zero
Day
August 25
th
2022 at 15:37
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
Related tags
β
Data
loss
Vulnerability
airgap
Ben
Gurion
Ben-Gurion
University
data
leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
Bitcoin ATMs leeched by attackers who created fake admin accounts
August 23
rd
2022 at 18:35Β
Bitcoin ATMs leeched by attackers who created fake admin accounts
By
Paul Ducklin
The criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes.
Related tags
β
Cryptocurrency
Vulnerability
atm
BTC
crypto
cryptocurrency
General
Bytes
phantom
withdrawal
vulnerability
August 23
rd
2022 at 18:35
Naked Security
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
August 22
nd
2022 at 16:03Β
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
By
Paul Ducklin
We haven't validated this vuln ourselves... but the source of the story is impeccable. (Impeccably dressed, at least.)
Related tags
β
Vulnerability
chen
CVE-2022-38392
Janet
Jackson
music
Raymond
Chen
resonance
August 22
nd
2022 at 16:03
Naked Security
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
August 18
th
2022 at 18:38Β
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
By
Paul Ducklin
Latest episode - listen now (or read if you prefer!)
Related tags
β
Cryptography
Intel
Law
&
order
Malware
Podcast
Privacy
AEPIC
Conti
healthcare
Naked
Security
Podcast
ransomware
zoom
August 18
th
2022 at 18:38
Naked Security
Apple patches double zero-day in browser and kernel β update now!
August 17
th
2022 at 23:33Β
Apple patches double zero-day in browser and kernel β update now!
By
Paul Ducklin
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
Related tags
β
Apple
iOS
Malware
OS
X
Vulnerability
CVE-2022-32893
CVE-2022-32894
ios
iPadOS
jailbreak
macOS
spyware
August 17
th
2022 at 23:33
Naked Security
Chrome browser gets 11 security fixes with 1 zero-day β update now!
August 17
th
2022 at 13:16Β
Chrome browser gets 11 security fixes with 1 zero-day β update now!
By
Paul Ducklin
Don't delay - patch today.
Related tags
β
Google
Google
Chrome
Vulnerability
August 17
th
2022 at 13:16
Naked Security
Zoom for Mac patches critical bug β update now!
August 15
th
2022 at 18:26Β
Zoom for Mac patches critical bug β update now!
By
Paul Ducklin
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...
Related tags
β
OS
X
Vulnerability
CVE-2022-28756
macOS
Wardle
zoom
August 15
th
2022 at 18:26
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
August 11
th
2022 at 14:34Β
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer.)
Related tags
β
Cryptography
Data
loss
Law
&
order
Malware
Microsoft
Podcast
Privacy
Cybercrime
github
hacking
malware
Naked
Security
Podcast
quantum
computing
August 11
th
2022 at 14:34
Naked Security
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
August 10
th
2022 at 16:59Β
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
By
Paul Ducklin
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
Related tags
β
Cryptography
Data
loss
Vulnerability
APIC
CVE-2022-21233
EPIC
SGX
ΓPIC
Leak
August 10
th
2022 at 16:59
Naked Security
Traffic Light Protocol for cybersecurity responders gets a revamp
August 5
th
2022 at 18:57Β
Traffic Light Protocol for cybersecurity responders gets a revamp
By
Paul Ducklin
Traffic lights make a handy global metaphor for denoting the sensitivity of cybersecurity threat data - three colours that everyone knows.
Related tags
β
Security
leadership
cybersecurity
MDR
MTR
research
TLP
August 5
th
2022 at 18:57
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
August 4
th
2022 at 17:52Β
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read if that's what you prefer.)
Related tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
cryptocurrency
cryptogram
Cybercrime
Naked
Security
Podcast
August 4
th
2022 at 17:52
Naked Security
GitHub blighted by βresearcherβ who created thousands of malicious projects
August 3
rd
2022 at 23:06Β
GitHub blighted by βresearcherβ who created thousands of malicious projects
By
Paul Ducklin
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
Related tags
β
Law
&
order
github
malware
supply
chain
August 3
rd
2022 at 23:06
Naked Security
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
August 2
nd
2022 at 16:12Β
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
By
Paul Ducklin
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.
Related tags
β
Cryptocurrency
Cryptography
Vulnerability
cryptocoin
cryptocurrency
DeFi
Nomad
August 2
nd
2022 at 16:12
Naked Security
GnuTLS patches memory mismanagement bug β update now!
August 1
st
2022 at 16:55Β
GnuTLS patches memory mismanagement bug β update now!
By
Paul Ducklin
GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...
Related tags
β
Cryptography
Vulnerability
CVE-2022-2509
double-free
gnutls
heartbleed
August 1
st
2022 at 16:55
Naked Security
How to celebrate SysAdmin Day!
July 29
th
2022 at 15:37Β
How to celebrate SysAdmin Day!
By
Paul Ducklin
I've just popped in to wish you all/The best SysAdmin Day!
Related tags
β
Security
leadership
SysAdminDay
SAAD
sysadmin
day
July 29
th
2022 at 15:37
Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
July 28
th
2022 at 15:47Β
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Apple
Data
loss
Law
&
order
Mozilla
Podcast
Privacy
Vulnerability
Safari
T-Mobile
vulnerability
Zero
Day
July 28
th
2022 at 15:47
Load more articles