Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Dutch suspect locked up for alleged personal data megathefts
January 26
th
2023 at 22:02Β
Dutch suspect locked up for alleged personal data megathefts
By
Paul Ducklin
Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.
Related tags
β
Law
&
order
Austria
breach
data
theft
Money
Laundering
Netherlands
January 26
th
2023 at 22:02
Naked Security
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
January 26
th
2023 at 19:57Β
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
By
Paul Ducklin
Lastest episode - listen now! (Or read the transcript.)
Related tags
β
Apple
Data
loss
Google
Podcast
Vulnerability
DNS
GoTo
LastPass
vulnerability
Zero
Day
January 26
th
2023 at 19:57
Naked Security
GoTo admits: Customer cloud backups stolen together with decryption key
January 25
th
2023 at 01:37Β
GoTo admits: Customer cloud backups stolen together with decryption key
By
Paul Ducklin
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Related tags
β
Cryptography
Data
loss
breach
cloud
GoTo
hash
LastPass
January 25
th
2023 at 01:37
Naked Security
Apple patches are out β old iPhones get an old zero-day fix at last!
January 24
th
2023 at 01:24Β
Apple patches are out β old iPhones get an old zero-day fix at last!
By
Paul Ducklin
Don't delay, especially if you're still running an iOS 12 device... please do it today!
Related tags
β
Apple
Vulnerability
CVE-2022-42856
Exploit
ios
ios
12
iPadOS
macOS
Ventura
Zero
Day
January 24
th
2023 at 01:24
Naked Security
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
January 23
rd
2023 at 19:59Β
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
By
Paul Ducklin
It's a really cool and super-simple trick. The question is, "Will it help?"
Related tags
β
Vulnerability
DNS
hijack
Spoofing
January 23
rd
2023 at 19:59
Naked Security
T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ
January 20
th
2023 at 17:59Β
T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ
By
Paul Ducklin
Once more, it's time for Shakespeare's words: Once more unto the breach...
Related tags
β
Data
loss
Privacy
8-K
breach
phishing
SEC
T-Mobile
January 20
th
2023 at 17:59
Naked Security
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
January 19
th
2023 at 15:53Β
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
By
Paul Ducklin
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...
Related tags
β
Cryptocurrency
Podcast
bust
cracking
Cybercrime
data
breach
hacking
JWT
Naked
Security
Podcast
January 19
th
2023 at 15:53
Naked Security
Serious Security: Unravelling the LifeLock βhacked passwordsβ story
January 17
th
2023 at 17:59Β
Serious Security: Unravelling the LifeLock βhacked passwordsβ story
By
Paul Ducklin
Four straight-talking tips to improve your online security, whether you're a LifeLock customer or not.
Related tags
β
Cryptography
Privacy
LifeLock
Norton
NortonLifeLock
passwords
January 17
th
2023 at 17:59
Naked Security
Multi-million investment scammers busted in four-country Europol raid
January 16
th
2023 at 16:10Β
Multi-million investment scammers busted in four-country Europol raid
By
Paul Ducklin
216 questioned, 15 arrested, 4 fake call centres searched, millions seized...
Related tags
β
Cryptocurrency
Law
&
order
cryptocurrency
Europol
Scam
January 16
th
2023 at 16:10
Naked Security
S3 Ep117: The crypto crisis that wasnβt (and farewell forever to Win 7) [Audio + Text]
January 12
th
2023 at 17:59Β
S3 Ep117: The crypto crisis that wasnβt (and farewell forever to Win 7) [Audio + Text]
By
Paul Ducklin
Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)
Related tags
β
Cryptography
Law
&
order
Podcast
Vulnerability
bust
Naked
Security
Podcast
RSA
Scam
Windows
7
Windows
8.1
January 12
th
2023 at 17:59
Naked Security
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
January 11
th
2023 at 00:22Β
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
By
Paul Ducklin
Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...
Related tags
β
Microsoft
Vulnerability
Exploit
malware.
spam.
vulnerability
Patch
Tuesday
January 11
th
2023 at 00:22
Naked Security
Popular JWT cloud security library patches βremoteβ code execution hole
January 10
th
2023 at 19:59Β
Popular JWT cloud security library patches βremoteβ code execution hole
By
Paul Ducklin
It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.
Related tags
β
Cryptography
Vulnerability
JSON
jsonwebtoken
JWT
rce
vulnerability
January 10
th
2023 at 19:59
Naked Security
CircleCI β code-building service suffers total credential compromise
January 9
th
2023 at 14:52Β
CircleCI β code-building service suffers total credential compromise
By
Paul Ducklin
They're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help you find them all.
Related tags
β
Data
loss
Vulnerability
breach
CircleCI
January 9
th
2023 at 14:52
Naked Security
RSA crypto cracked? Or perhaps not!
January 6
th
2023 at 19:59Β
RSA crypto cracked? Or perhaps not!
By
Paul Ducklin
Stand down from blue alert, it seems... but why not plan your cryptographic agility anyway?
Related tags
β
Cryptography
crypto
January 6
th
2023 at 19:59
Naked Security
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
January 5
th
2023 at 17:52Β
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
By
Paul Ducklin
Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now! (Full transcript inside.)
Related tags
β
Cryptography
Podcast
LastPass
Naked
Security
Podcast
PyTorch
January 5
th
2023 at 17:52
Naked Security
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
January 4
th
2023 at 19:50Β
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
By
Paul Ducklin
Lessons for us all: improve cryptography, fight cybercrime, own your supply chain... and don't steal my data and then pretend you're sorry.
Related tags
β
Data
loss
Malware
Podcast
Security
leadership
Vulnerability
Cryptography
Cybercrime
Linux
machine
learning
vulnerability
January 4
th
2023 at 19:50
Naked Security
Inside a scammersβ lair: Ukraine busts 40 in fake bank call-centre raid
January 3
rd
2023 at 17:03Β
Inside a scammersβ lair: Ukraine busts 40 in fake bank call-centre raid
By
Naked Security writer
When someone calls you up to warn you that your bank account is under attack - it's true, because THAT VERY PERSON is the one attacking you!
Related tags
β
Cryptocurrency
Data
loss
Law
&
order
Caller
ID
Cybercrime
fake
call
scamming
January 3
rd
2023 at 17:03
Naked Security
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
January 1
st
2023 at 21:36Β
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
By
Paul Ducklin
The bad news: the crooks have your SSH private keys. The good news: only users of the "nightly" build were affected.
Related tags
β
Machine
Learning
Malware
AI
Artificial
intelligence
data
stealing
Linux
machine
learning
malware
ML
PyTorch
triton
January 1
st
2023 at 21:36
Naked Security
Naked Security 33Β 1/3 β Cybersecurity predictions for 2023 and beyond
December 30
th
2022 at 19:59Β
Naked Security 33Β 1/3 β Cybersecurity predictions for 2023 and beyond
By
Paul Ducklin
The problem with anniversaries is that there's an almost infinite number of them every day...
hny-1200
Related tags
β
Security
leadership
Security
threats
cybersecurity
MDR
morris
worm
NYD
nye
vulnerability
December 30
th
2022 at 19:59
Naked Security
US passes the Quantum Computing Cybersecurity Preparedness Act β and why not?
December 29
th
2022 at 20:45Β
US passes the Quantum Computing Cybersecurity Preparedness Act β and why not?
By
Paul Ducklin
Cryptographic agility: the ability and the willingness to change quickly when needed.
sc-daa-1200
Related tags
β
Cryptography
Congress
Grover
PQC
quantum
quantum
computing
Shor
December 29
th
2022 at 20:45
Naked Security
The horror! The horror! NOTEPAD gets tabbed editing (very briefly)
December 29
th
2022 at 19:59Β
The horror! The horror! NOTEPAD gets tabbed editing (very briefly)
By
Paul Ducklin
Is there a special meaning of "don't" that means "go right ahead"?
Related tags
β
Microsoft
Uncategorized
Happy
New
Year
humor
humour
Notepad++
December 29
th
2022 at 19:59
Naked Security
S3 Ep115: True crime stories β A day in the life of a cybercrime fighter [Audio + Text]
December 29
th
2022 at 09:20Β
S3 Ep115: True crime stories β A day in the life of a cybercrime fighter [Audio + Text]
By
Paul Ducklin
Listen now - you'll be alarmed, amused and educated, all in equal measure. (Full transcript in article.)
Related tags
β
Data
loss
Malware
Podcast
Ransomware
Security
leadership
Cybercrime
hacking
MDR
Naked
Security
Podcast
Peter
Mackenzie
ransomware
December 29
th
2022 at 09:20
Naked Security
Twitter data of β+400 million unique usersβ up for sale β what to do?
December 28
th
2022 at 19:59Β
Twitter data of β+400 million unique usersβ up for sale β what to do?
By
Paul Ducklin
If the crooks have connected up your phone number and your Twitter handle... what could go wrong?
Related tags
β
Data
loss
breach
extortion
Twitter
December 28
th
2022 at 19:59
Naked Security
Critical β10-out-of-10β Linux kernel SMB hole β should you worry?
December 27
th
2022 at 19:35Β
Critical β10-out-of-10β Linux kernel SMB hole β should you worry?
By
Paul Ducklin
It's serious, it's critical, and you could call it severe... but in HHGttG terminology, it's probably "mostly harmless".
Related tags
β
Uncategorized
December 27
th
2022 at 19:35
Naked Security
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
December 23
rd
2022 at 19:58Β
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
By
Paul Ducklin
The crooks now know who you are, where you live, which computers are yours, where you go online... and they got those password vaults, too.
Related tags
β
Data
loss
Privacy
breach
LastPass
December 23
rd
2022 at 19:58
Naked Security
S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text]
December 22
nd
2022 at 19:56Β
S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text]
By
Paul Ducklin
Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.
Related tags
β
Malware
Podcast
Security
leadership
Cybercrime
fraser
howard
malware
Security
SOS
Week
sophoslabs
SOS
Week
threat
prevention
December 22
nd
2022 at 19:56
Naked Security
βSuspicious loginβ scammers up their game β take care at Christmas
December 21
st
2022 at 17:59Β
βSuspicious loginβ scammers up their game β take care at Christmas
By
Paul Ducklin
A picture is worth 1024 words - we clicked through so you don't have to.
Related tags
β
Phishing
Privacy
fake
logon
Instagram
phishing
Scam
December 21
st
2022 at 17:59
Naked Security
Microsoft dishes the dirt on Appleβs βAchilles heelβ shortly after fixing similar Windows bug
December 20
th
2022 at 17:59Β
Microsoft dishes the dirt on Appleβs βAchilles heelβ shortly after fixing similar Windows bug
By
Paul Ducklin
It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.
Related tags
β
Apple
Microsoft
Vulnerability
Achilles
CVE-2022-42821
Gatekeeper
macOS
MOTW
vulnerability
December 20
th
2022 at 17:59
Naked Security
OneCoin scammer Sebastian Greenwood pleads guilty, βCryptoqueenβ still missing
December 19
th
2022 at 19:50Β
OneCoin scammer Sebastian Greenwood pleads guilty, βCryptoqueenβ still missing
By
Paul Ducklin
The Cryptoqueen herself is still missing, but her co-conspirator, who is said to have pocketed over $20m a month, has been convicted.
Related tags
β
Cryptocurrency
Law
&
order
cryotocurrency
cryptoqueen
doj
Greenwood
Ignatova
OneCoin
Ponzi
Scam
December 19
th
2022 at 19:50
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
December 15
th
2022 at 17:10Β
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By
Paul Ducklin
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Related tags
β
Apple
Data
loss
Malware
Microsoft
Podcast
Privacy
Vulnerability
day
Ben-Gurion
University
ios
Naked
Security
Podcast
skimming
supply
chain
vulnerability
Zero
Day
December 15
th
2022 at 17:10
Naked Security
Apple patches everything, finally reveals mystery of iOS 16.1.2
December 14
th
2022 at 02:11Β
Apple patches everything, finally reveals mystery of iOS 16.1.2
By
Paul Ducklin
There's an update for everything this time, not just for iOS.
Related tags
β
Apple
Vulnerability
CVE-2022-42856
December 14
th
2022 at 02:11
Naked Security
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
December 14
th
2022 at 01:13Β
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
By
Paul Ducklin
Tales of derring-do in the cyberunderground! (And some zero-days.)
Related tags
β
Microsoft
Vulnerability
driver
signing
Exploit
Patch
Tuesday
vulnerability
December 14
th
2022 at 01:13
Naked Security
COVID-bit: the wireless spyware trick with an unfortunate name
December 13
th
2022 at 19:58Β
COVID-bit: the wireless spyware trick with an unfortunate name
By
Paul Ducklin
It's not the switching that's the problem, it's the switching of the switching!
ind-1200
Related tags
β
Data
loss
Privacy
airgap
Ben-Gurion
University
exfiltration
December 13
th
2022 at 19:58
Naked Security
Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties
December 12
th
2022 at 19:58Β
Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties
By
Paul Ducklin
That's a mean average of $15,710 per bug... and 63 fewer bugs out there for crooks and rogues to find.
Related tags
β
Security
events
Vulnerability
Exploit
hacking
Pwn2Own
vulnerability
December 12
th
2022 at 19:58
Naked Security
S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]
December 9
th
2022 at 16:46Β
S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]
By
Paul Ducklin
Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.
Related tags
β
Apple
Google
Law
&
order
Malware
Microsoft
Podcast
Privacy
Vulnerability
"Edge"
chrome
Cybercrime
Exploit
hacking
ios
Naked
Security
Podcast
December 9
th
2022 at 16:46
Naked Security
Credit card skimming β the long and winding road of supply chain failure
December 8
th
2022 at 19:58Β
Credit card skimming β the long and winding road of supply chain failure
By
Paul Ducklin
Don't keep calling home to a JavaScript server that closed its doors eight years ago!
Related tags
β
Data
loss
Malware
Privacy
Cockpit
e-commerce
HTML
injection
skimming
December 8
th
2022 at 19:58
Naked Security
SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m
December 6
th
2022 at 17:56Β
SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m
By
Naked Security writer
Guilty party got 18 months, also has to pay back $20m he probably hasn't got, which could land him in more hot water.
Related tags
β
Cryptocurrency
Law
&
order
2FA
Cybercrime
password
sim
swap
December 6
th
2022 at 17:56
Naked Security
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
December 5
th
2022 at 20:58Β
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
By
Paul Ducklin
Ninth more unto the breach, dear friends, ninth more.
Related tags
β
Google
Google
Chrome
Microsoft
Vulnerability
"Edge"
chrome
Chromium
CVE-2022-4262
Zero
Day
December 5
th
2022 at 20:58
Naked Security
Ping of death! FreeBSD fixes crashtastic bug in network tool
December 5
th
2022 at 19:59Β
Ping of death! FreeBSD fixes crashtastic bug in network tool
By
Paul Ducklin
It's a venerable program, and this version had a venerable bug in it.
Related tags
β
Vulnerability
buffer
overflow
freebsd
ICMP
ping
December 5
th
2022 at 19:59
Naked Security
Apple pushes out iOS security update thatβs more tight-lipped than ever
December 2
nd
2022 at 21:02Β
Apple pushes out iOS security update thatβs more tight-lipped than ever
By
Paul Ducklin
We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...
Related tags
β
Apple
iOS
ios
iPhone
security
patch
December 2
nd
2022 at 21:02
Naked Security
LastPass admits to customer data breach caused by previous breach
December 2
nd
2022 at 01:10Β
LastPass admits to customer data breach caused by previous breach
By
Paul Ducklin
Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.
Related tags
β
Data
loss
Privacy
data
breach
LastPass
December 2
nd
2022 at 01:10
Naked Security
The CHRISTMA EXEC network worm β 35 years and counting!
December 1
st
2022 at 20:35Β
The CHRISTMA EXEC network worm β 35 years and counting!
By
Paul Ducklin
"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...
xmas-1200-35-wide
Related tags
β
Malware
3270
Christma
CMS
IBM
Virus
worm
December 1
st
2022 at 20:35
Naked Security
S3 Ep111: The business risk of a sleazy βnudity unfilterβ [Audio + Text]
December 1
st
2022 at 19:58Β
S3 Ep111: The business risk of a sleazy βnudity unfilterβ [Audio + Text]
By
Paul Ducklin
Latest episode - listen now (or read if you prefer)...
Related tags
β
Cryptocurrency
Law
&
order
Malware
Podcast
Privacy
CryptoRom
Cybercrime
iSpoof
Naked
Security
Podcast
porn
scam
TikTok
December 1
st
2022 at 19:58
Naked Security
Serious Security: MD5 considered harmful β to the tune of $600,000
November 30
th
2022 at 17:58Β
Serious Security: MD5 considered harmful β to the tune of $600,000
By
Paul Ducklin
It's not just the hashing, by the way. It's the salting and the stretching, too!
Related tags
β
Cryptography
Law
&
order
CNIL
EDF
hashing
MD5
PBKDF2
November 30
th
2022 at 17:58
Naked Security
TikTok βInvisible Challengeβ porn malware puts us all at risk
November 29
th
2022 at 19:58Β
TikTok βInvisible Challengeβ porn malware puts us all at risk
By
Paul Ducklin
An injury to one is an injury to all. Especially if the other people are part of your social network.
Related tags
β
Malware
Privacy
Social
networks
github
malware
supply
chain
Tik
Tok
TikTok
November 29
th
2022 at 19:58
Naked Security
Chrome fixes 8th zero-day of 2022 β check your version now (Edge too!)
November 28
th
2022 at 19:42Β
Chrome fixes 8th zero-day of 2022 β check your version now (Edge too!)
By
Paul Ducklin
There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!
Related tags
β
Google
Google
Chrome
Microsoft
Edge
Vulnerability
"Edge"
chrome
Zero
Day
November 28
th
2022 at 19:42
Naked Security
Voice-scamming site βiSpoofβ seized, 100s arrested in massive crackdown
November 25
th
2022 at 19:17Β
Voice-scamming site βiSpoofβ seized, 100s arrested in massive crackdown
By
Naked Security writer
Those numbers or names that pop up when a call comes up? They're OK as a hint of who's calling, but THEY PROVE NOTHING
Related tags
β
Law
&
order
Phishing
Privacy
Europol
FBI
iSpoof
Metropolitan
Police
vishing
vishing-as-a-service
November 25
th
2022 at 19:17
Naked Security
S3 Ep110: Spotlight on cyberthreats β an expert speaks [Audio + Text]
November 24
th
2022 at 16:52Β
S3 Ep110: Spotlight on cyberthreats β an expert speaks [Audio + Text]
By
Paul Ducklin
Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us
Related tags
β
Law
&
order
Podcast
Security
leadership
Security
threats
cyberthreats
John
Shier
MDR
Shier
Threat
Report
XDR
November 24
th
2022 at 16:52
Naked Security
Multimillion dollar CryptoRom scam sites seized, suspects arrested in US
November 23
rd
2022 at 19:58Β
Multimillion dollar CryptoRom scam sites seized, suspects arrested in US
By
Paul Ducklin
Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers...
cryptorom-1200
Related tags
β
BEC
Law
&
order
Malware
Social
networks
CryptoRom
ios
romance
scam
TestFlight
November 23
rd
2022 at 19:58
Naked Security
How to hack an unpatched Exchange server with rogue PowerShell code
November 22
nd
2022 at 19:54Β
How to hack an unpatched Exchange server with rogue PowerShell code
By
Paul Ducklin
Review your servers, your patches and your authentication policies - there's a proof-of-concept out
Related tags
β
Microsoft
Uncategorized
Vulnerability
day
:ProxyNotShell
CVE-2022-41040
CVE-2022-41082
Zero
Day
November 22
nd
2022 at 19:54
Naked Security
How social media scammers buy time to steal your 2FA codes
November 21
st
2022 at 17:02Β
How social media scammers buy time to steal your 2FA codes
By
Paul Ducklin
The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fake
ffs-2fa-1200
Related tags
β
Facebook
Phishing
Privacy
lockout
phishing
Scam
November 21
st
2022 at 17:02
Naked Security
S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
November 17
th
2022 at 17:52Β
S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
By
Paul Ducklin
Latest episode - listen now! Cybersecurity news plus loads of great advice...
Related tags
β
Law
&
order
Podcast
Vulnerability
Android
Apple
Cybercrime
Naked
Security
Podcast
November 17
th
2022 at 17:52
Naked Security
Black Friday and retail season β watch out for PayPal βmoney requestβ scams
November 17
th
2022 at 12:45Β
Black Friday and retail season β watch out for PayPal βmoney requestβ scams
By
Paul Ducklin
Don't let a keen eye for bargains lead you into risky online behaviour...
Related tags
β
Data
loss
Privacy
Black
Friday
PayPal
Scam
November 17
th
2022 at 12:45
Naked Security
Firefox fixes fullscreen fakery flaw β get the update now!
November 16
th
2022 at 19:51Β
Firefox fixes fullscreen fakery flaw β get the update now!
By
Paul Ducklin
What's so bad about a web page going fullscreen without warning you first?
Related tags
β
Firefox
Mozilla
Vulnerability
Patch
vulnerability
November 16
th
2022 at 19:51
Naked Security
Log4Shell-like code execution hole in popular Backstage dev tool
November 15
th
2022 at 17:49Β
Log4Shell-like code execution hole in popular Backstage dev tool
By
Paul Ducklin
Good old "string templating", also known as "string interpolation", in the spotlight again...
bs-1200
Related tags
β
Vulnerability
Backstage
CVE-2022-36067
November 15
th
2022 at 17:49
Naked Security
βGucci Masterβ business email scammer Hushpuppi gets 11 years
November 14
th
2022 at 19:24Β
βGucci Masterβ business email scammer Hushpuppi gets 11 years
By
Naked Security writer
Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...
puppi-car-1200
Related tags
β
BEC
Law
&
order
Abbas
business
email
compromise
Hushpuppi
November 14
th
2022 at 19:24
Naked Security
Dangerous SIM-swap lockscreen bypass β update Android now!
November 11
th
2022 at 19:59Β
Dangerous SIM-swap lockscreen bypass β update Android now!
By
Paul Ducklin
A bit like leaving the front door keys under the doormat...
Related tags
β
Android
Google
CVE-2022-20465
hacking
lockscreen
pypass
SIM
November 11
th
2022 at 19:59
Naked Security
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
November 10
th
2022 at 17:26Β
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
By
Paul Ducklin
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Related tags
β
Cryptocurrency
Law
&
order
Microsoft
Podcast
Privacy
Vulnerability
bust
cryptocurrency
Exploit
Naked
Security
Podcast
Patch
Tuesday
Windows
November 10
th
2022 at 17:26
Naked Security
Emergency code execution patch from Apple β but not an 0-day
November 10
th
2022 at 01:49Β
Emergency code execution patch from Apple β but not an 0-day
By
Paul Ducklin
Not a zero-day, but important enough for a quick-fire patch to one system library...
Related tags
β
Apple
iOS
OS
X
Vulnerability
CVE-2022-40303
CVE-2022-40304
November 10
th
2022 at 01:49
Naked Security
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
November 9
th
2022 at 19:58Β
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
By
Paul Ducklin
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?
Related tags
β
Microsoft
Privacy
Vulnerability
day
exchange
Exploit
Patch
Tuesday
vulnerability
Zero
Day
November 9
th
2022 at 19:58
Load more articles