Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
December 14
th
2022 at 01:13Β
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
By
Paul Ducklin
Tales of derring-do in the cyberunderground! (And some zero-days.)
Related tags
β
Microsoft
Vulnerability
driver
signing
Exploit
Patch
Tuesday
vulnerability
December 14
th
2022 at 01:13
Naked Security
Apple pushes out iOS security update thatβs more tight-lipped than ever
December 2
nd
2022 at 21:02Β
Apple pushes out iOS security update thatβs more tight-lipped than ever
By
Paul Ducklin
We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...
Related tags
β
Apple
iOS
ios
iPhone
security
patch
December 2
nd
2022 at 21:02
Naked Security
Firefox fixes fullscreen fakery flaw β get the update now!
November 16
th
2022 at 19:51Β
Firefox fixes fullscreen fakery flaw β get the update now!
By
Paul Ducklin
What's so bad about a web page going fullscreen without warning you first?
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
November 16
th
2022 at 19:51
Naked Security
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
November 10
th
2022 at 17:26Β
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
By
Paul Ducklin
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Related tags
β
Cryptocurrency
Law
&
order
Microsoft
Podcast
Privacy
Vulnerability
bust
cryptocurrency
Exploit
Naked
Security
Podcast
Patch
Tuesday
Windows
November 10
th
2022 at 17:26
Naked Security
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
November 9
th
2022 at 19:58Β
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
By
Paul Ducklin
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?
Related tags
β
Microsoft
Privacy
Vulnerability
day
exchange
Exploit
Patch
Tuesday
vulnerability
Zero
Day
November 9
th
2022 at 19:58
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
November 3
rd
2022 at 17:51Β
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
By
Paul Ducklin
Listen now - latest episode - audio plus full transcript
Related tags
β
Apple
Data
loss
Google
Law
&
order
Malware
Podcast
Privacy
Vulnerability
bust
Cybercrime
cyberextortion
data
breach
heartbleed
Naked
Security
Podcast
openssl
Patches
November 3
rd
2022 at 17:51
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
October 20
th
2022 at 18:54Β
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By
Paul Ducklin
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
Related tags
β
Cryptography
Data
loss
Microsoft
Podcast
Privacy
data
breach
Naked
Security
Podcast
Office
Patch
Tuesday
zoom
October 20
th
2022 at 18:54
Naked Security
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
October 12
th
2022 at 16:58Β
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
By
Paul Ducklin
There's a zero-day patch, but it's not for the zero-day you thought.
Related tags
β
Microsoft
Vulnerability
Windows
day
Exploit
Patch
Tuesday
vulnerability
October 12
th
2022 at 16:58
Naked Security
Chrome and Edge fix zero-day security hole β update now!
September 5
th
2022 at 15:12Β
Chrome and Edge fix zero-day security hole β update now!
By
Paul Ducklin
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
Related tags
β
Google
Google
Chrome
Vulnerability
chrome
CVE-2022-3075
Exploit
Patch
Zero
Day
September 5
th
2022 at 15:12
Naked Security
Firefox 104 is out β no critical bugs, but update anyway
August 26
th
2022 at 16:27Β
Firefox 104 is out β no critical bugs, but update anyway
By
Paul Ducklin
Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
August 26
th
2022 at 16:27
Naked Security
Firefox 102 fixes address bar spoofing security hole (and helps with Follina!)
June 29
th
2022 at 16:11Β
Firefox 102 fixes address bar spoofing security hole (and helps with Follina!)
By
Paul Ducklin
Firefox squashes a bug that helped phishers, and brings its own helping hand to Microsoft's "Follina" saga.
Related tags
β
Firefox
Mozilla
Vulnerability
Follina
Patch
vulnerability
June 29
th
2022 at 16:11
Naked Security
Follina gets fixed β but itβs not listed in the Patch Tuesday patches!
June 15
th
2022 at 01:20Β
Follina gets fixed β but itβs not listed in the Patch Tuesday patches!
By
Paul Ducklin
We tried it out to make sure, so you don't have to.
Related tags
β
Microsoft
Vulnerability
CVE-2022-30190
Follina
Patch
Tuesday
June 15
th
2022 at 01:20
Naked Security
Firefox 101 is out, this time with no 0-day scares (but update anyway!)
June 1
st
2022 at 14:31Β
Firefox 101 is out, this time with no 0-day scares (but update anyway!)
By
Paul Ducklin
After an intriguing month of Firefox releases, here's one with a bit less drama, probably to the collective relief of Mozilla's coders.
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
June 1
st
2022 at 14:31
Naked Security
S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
May 27
th
2022 at 11:17Β
S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Podcast
Privacy
Vulnerability
Clearview
Mozilla
Naked
Security
Podcast
Patching
VMware
May 27
th
2022 at 11:17
Naked Security
Microsoft patches the Patch Tuesday patch that broke authentication
May 20
th
2022 at 22:35Β
Microsoft patches the Patch Tuesday patch that broke authentication
By
Paul Ducklin
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
Related tags
β
Microsoft
Vulnerability
Windows
authentication
out-of-band
patch-to-patch
Woindows
May 20
th
2022 at 22:35
Naked Security
Apple patches zero-day kernel hole and much more β update now!
May 17
th
2022 at 09:30Β
Apple patches zero-day kernel hole and much more β update now!
By
Paul Ducklin
You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.
Related tags
β
Apple
iOS
OS
X
Vulnerability
day
Patch
vulnerability
Zero
Day
May 17
th
2022 at 09:30
Naked Security
Android monthly updates are out β critical bugs found in critical places!
May 4
th
2022 at 15:54Β
Android monthly updates are out β critical bugs found in critical places!
By
Paul Ducklin
Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...
Related tags
β
Android
Google
Vulnerability
critical
Patch
update
vulnerability
May 4
th
2022 at 15:54
Naked Security
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
April 7
th
2022 at 12:24Β
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
By
Paul Ducklin
Latest episode - listen now! Cybersecurity news and advice in plain English.
Related tags
β
Android
Apple
Firefox
Google
iOS
Law
&
order
Mozilla
OS
X
Podcast
Privacy
Vulnerability
Cybercrime
data
breach
lapsus
Naked
Security
Podcast
Patches
vulnerability
April 7
th
2022 at 12:24
Naked Security
Firefox 99 is out β no major bugs, but update anyway!
April 5
th
2022 at 16:21Β
Firefox 99 is out β no major bugs, but update anyway!
By
Paul Ducklin
Firefox's four-weekly updates just dropped - here's what you need to know.
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
April 5
th
2022 at 16:21
Naked Security
Googleβs monthly Android updates patch numerous βget rootβ holes
April 5
th
2022 at 14:44Β
Googleβs monthly Android updates patch numerous βget rootβ holes
By
Paul Ducklin
Get the update now... if it's available for your phone. Here's how to check.
android-1200
Related tags
β
Android
Google
Vulnerability
Android
10
EoP
Patch
vulnerability
April 5
th
2022 at 14:44
Naked Security
Apple patches 87 security holes β from iPhones and Macs to Windows
March 15
th
2022 at 16:36Β
Apple patches 87 security holes β from iPhones and Macs to Windows
By
Paul Ducklin
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.
apple-1200
Related tags
β
Apple
iOS
OS
X
Privacy
Vulnerability
Windows
cve
Exploit
Patch
rce
March 15
th
2022 at 16:36
Naked Security
Apple fixes Safari data leak (and patches a zero-day!) β update now
January 27
th
2022 at 21:09Β
Apple fixes Safari data leak (and patches a zero-day!) β update now
By
Paul Ducklin
That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.
apple-1200
Related tags
β
Apple
iOS
OS
X
Privacy
Vulnerability
Exploit
ios
iPhone
macOS
Patch
rce
January 27
th
2022 at 21:09
Naked Security
Wormable Windows HTTP hole β what you need to know
January 12
th
2022 at 16:24Β
Wormable Windows HTTP hole β what you need to know
By
Paul Ducklin
One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".
Related tags
β
Microsoft
Vulnerability
CVE-2022-21907
http
HTTP.sys
IIS
Patch
Tuesday
worm
January 12
th
2022 at 16:24
Naked Security
FTC threatens βlegal actionβ over unpatched Log4j and other vulns
January 5
th
2022 at 19:37Β
FTC threatens βlegal actionβ over unpatched Log4j and other vulns
By
Paul Ducklin
Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!
Related tags
β
Data
loss
Law
&
order
Privacy
Vulnerability
Equifax
ftc
Log4j
Log4Shell
Patching
January 5
th
2022 at 19:37
Naked Security
Log4Shell vulnerability Number Four: βMuch ado about somethingβ
December 29
th
2021 at 19:12Β
Log4Shell vulnerability Number Four: βMuch ado about somethingβ
By
Paul Ducklin
It's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one.
Related tags
β
Vulnerability
Apache
CVE-2021-44228
CVE-2021-44832
Java
Log4j
Log4Shell
Patch
vulnerability
December 29
th
2021 at 19:12
Naked Security
Serious Security: OpenSSL fixes βerror conflationβ bugs β how mixing up mistakes can lead to trouble
December 17
th
2021 at 17:57Β
Serious Security: OpenSSL fixes βerror conflationβ bugs β how mixing up mistakes can lead to trouble
By
Paul Ducklin
Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!
Related tags
β
Cryptography
CVE-2021-4044
openssl
Patching
vulnerability
December 17
th
2021 at 17:57
Naked Security
Apple security updates are out β and not a Log4Shell mention in sight
December 14
th
2021 at 12:55Β
Apple security updates are out β and not a Log4Shell mention in sight
By
Paul Ducklin
Get 'em while they're hot!
Related tags
β
Apple
iPad
iPhone
macOS
Patch
vulnerability
December 14
th
2021 at 12:55
Naked Security
Check your patches β public exploit now out for critical Exchange bug
November 23
rd
2021 at 14:36Β
Check your patches β public exploit now out for critical Exchange bug
By
Paul Ducklin
It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.
Related tags
β
Microsoft
Vulnerability
CVE-2021-42321
exchange
Patch
Patch
Tuesday
Zero
Day
November 23
rd
2021 at 14:36
Naked Security
Patch Tuesday updates the Win 7 updater⦠for at most 1 more year of updates
November 10
th
2021 at 19:45Β
Patch Tuesday updates the Win 7 updater⦠for at most 1 more year of updates
By
Paul Ducklin
The clock stopped long ago on Windows 7, except for those who paid for overtime. But there won't be any double overtime!
Related tags
β
Microsoft
Vulnerability
Patch
Tuesday
security
holes
Windows
November 10
th
2021 at 19:45
There are no more articles
β
Mark all as read