Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
S3 Ep120: When dud crypto simply wonβt let go [Audio + Text]
February 2
nd
2023 at 17:50Β
S3 Ep120: When dud crypto simply wonβt let go [Audio + Text]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Cryptography
Law
&
order
Podcast
Ransomware
collision
Hive
MD5
Naked
Security
Podcast
ransomware
Samba
vulnerability
February 2
nd
2023 at 17:50
Naked Security
GitHub code-signing certificates stolen (but will be revoked this week)
January 31
st
2023 at 11:35Β
GitHub code-signing certificates stolen (but will be revoked this week)
By
Paul Ducklin
There was a breach, so the bad news isn't great, but the good news isn't too bad...
Related tags
β
Data
loss
Microsoft
Vulnerability
certificate
breach
Code
signing
compromise
github
January 31
st
2023 at 11:35
Naked Security
Serious Security: The Samba logon bug caused by outdated crypto
January 30
th
2023 at 19:59Β
Serious Security: The Samba logon bug caused by outdated crypto
By
Paul Ducklin
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
Related tags
β
Cryptography
Vulnerability
CIFS
collision
CVE-2022-38023
mac
MD5
message
digest
Samba
SMB
January 30
th
2023 at 19:59
Naked Security
Apple patches are out β old iPhones get an old zero-day fix at last!
January 24
th
2023 at 01:24Β
Apple patches are out β old iPhones get an old zero-day fix at last!
By
Paul Ducklin
Don't delay, especially if you're still running an iOS 12 device... please do it today!
Related tags
β
Apple
Vulnerability
CVE-2022-42856
Exploit
ios
ios
12
iPadOS
macOS
Ventura
Zero
Day
January 24
th
2023 at 01:24
Naked Security
US passes the Quantum Computing Cybersecurity Preparedness Act β and why not?
December 29
th
2022 at 20:45Β
US passes the Quantum Computing Cybersecurity Preparedness Act β and why not?
By
Paul Ducklin
Cryptographic agility: the ability and the willingness to change quickly when needed.
sc-daa-1200
Related tags
β
Cryptography
Congress
Grover
PQC
quantum
quantum
computing
Shor
December 29
th
2022 at 20:45
Naked Security
Microsoft dishes the dirt on Appleβs βAchilles heelβ shortly after fixing similar Windows bug
December 20
th
2022 at 17:59Β
Microsoft dishes the dirt on Appleβs βAchilles heelβ shortly after fixing similar Windows bug
By
Paul Ducklin
It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.
Related tags
β
Apple
Microsoft
Vulnerability
Achilles
CVE-2022-42821
Gatekeeper
macOS
MOTW
vulnerability
December 20
th
2022 at 17:59
Naked Security
OneCoin scammer Sebastian Greenwood pleads guilty, βCryptoqueenβ still missing
December 19
th
2022 at 19:50Β
OneCoin scammer Sebastian Greenwood pleads guilty, βCryptoqueenβ still missing
By
Paul Ducklin
The Cryptoqueen herself is still missing, but her co-conspirator, who is said to have pocketed over $20m a month, has been convicted.
Related tags
β
Cryptocurrency
Law
&
order
cryotocurrency
cryptoqueen
doj
Greenwood
Ignatova
OneCoin
Ponzi
Scam
December 19
th
2022 at 19:50
Naked Security
Credit card skimming β the long and winding road of supply chain failure
December 8
th
2022 at 19:58Β
Credit card skimming β the long and winding road of supply chain failure
By
Paul Ducklin
Don't keep calling home to a JavaScript server that closed its doors eight years ago!
Related tags
β
Data
loss
Malware
Privacy
Cockpit
e-commerce
HTML
injection
skimming
December 8
th
2022 at 19:58
Naked Security
βGucci Masterβ business email scammer Hushpuppi gets 11 years
November 14
th
2022 at 19:24Β
βGucci Masterβ business email scammer Hushpuppi gets 11 years
By
Naked Security writer
Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...
puppi-car-1200
Related tags
β
BEC
Law
&
order
Abbas
business
email
compromise
Hushpuppi
November 14
th
2022 at 19:24
Naked Security
Silk Road drugs market hacker pleads guilty, faces 20 years inside
November 8
th
2022 at 19:58Β
Silk Road drugs market hacker pleads guilty, faces 20 years inside
By
Paul Ducklin
Jurisprudence isn't like arithmetic... two negatives never make a positive!
Related tags
β
Cryptocurrency
Law
&
order
Big
Bitcoin
Heist
bitcoin
bust
doj
Silk
Road
Zhong
November 8
th
2022 at 19:58
Naked Security
Psychotherapy extortion suspect: arrest warrant issued
October 31
st
2022 at 19:59Β
Psychotherapy extortion suspect: arrest warrant issued
By
Paul Ducklin
Wanted! Not only the extortionist who abused the data, but also the CEO who let it happen.
Related tags
β
Law
&
order
cover-up
extortion
Finland
Vastaamo
October 31
st
2022 at 19:59
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
October 27
th
2022 at 16:59Β
S3 Ep106: Facial recognition without consent β should it be banned?
By
Paul Ducklin
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Related tags
β
Cryptography
Data
loss
GDPR
compliance
Law
&
order
Podcast
Privacy
Ransomware
Clearview
Clearview
AI
Deadbolt
Naked
Security
Podcast
randomness
October 27
th
2022 at 16:59
Naked Security
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
October 26
th
2022 at 00:50Β
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
By
Paul Ducklin
"We told you to stop but you ignored us," said the French regulator, "so now we're coming after you again."
Related tags
β
Law
&
order
Privacy
Clearview
Clearview
AI
data
collectoin
facial
recognition
October 26
th
2022 at 00:50
Naked Security
Serious Security: How randomly (or not) can you shuffle cards?
October 24
th
2022 at 18:57Β
Serious Security: How randomly (or not) can you shuffle cards?
By
Paul Ducklin
What if you could guess the next card correctly twice as often as you should?
card-fan-1200
Related tags
β
Cryptography
Diaconis
randomness
schneier
shuffle
October 24
th
2022 at 18:57
Naked Security
When cops hack back: Dutch police fleece DEADBOLT criminals (legally!)
October 21
st
2022 at 18:25Β
When cops hack back: Dutch police fleece DEADBOLT criminals (legally!)
By
Paul Ducklin
Crooks: Show us the money! Cops: How about you show us the decryption keys first?
Related tags
β
Cryptocurrency
Law
&
order
counter-hack
cryptocurrency
Deadbolt
dutch
police
ransomware
October 21
st
2022 at 18:25
Naked Security
Dangerous hole in Apache Commons Text β like Log4Shell all over again
October 18
th
2022 at 17:26Β
Dangerous hole in Apache Commons Text β like Log4Shell all over again
By
Paul Ducklin
Third time unlucky. Time to put your patching boots on again...
act-1200
Related tags
β
Vulnerability
Apache
Apache
Commons
Text
CVE-2022-42889
Log4j
Log4Shell
string
interpolation
October 18
th
2022 at 17:26
Naked Security
Fashion brand SHEIN fined $1.9m for lying about data breach
October 17
th
2022 at 18:50Β
Fashion brand SHEIN fined $1.9m for lying about data breach
By
Naked Security writer
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Related tags
β
Data
loss
GDPR
compliance
cover-up
data
breach
New
York
ROMWE
SHEIN
Zoetop
October 17
th
2022 at 18:50
Naked Security
Move over Patch Tuesday β itβs Ada Lovelace Day!
October 11
th
2022 at 15:22Β
Move over Patch Tuesday β itβs Ada Lovelace Day!
By
Paul Ducklin
Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine.
Related tags
β
Machine
Learning
ada
Ada
Lovelace
Day
Alan
Turing
babbage
computer
science
Lady
Lovelace
October 11
th
2022 at 15:22
Naked Security
Former Uber CSO convicted of covering up megabreach back in 2016
October 6
th
2022 at 01:04Β
Former Uber CSO convicted of covering up megabreach back in 2016
By
Naked Security writer
Obstructed FTC proceedings, and concealed a crime, said the jury.
Related tags
β
Data
loss
GDPR
compliance
Privacy
Sullivan
Uber
October 6
th
2022 at 01:04
Naked Security
Scammers and rogue callers β can anything ever stop them?
October 4
th
2022 at 00:06Β
Scammers and rogue callers β can anything ever stop them?
By
Paul Ducklin
Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?
Related tags
β
Law
&
order
cold
callers
do
not
call
scam
calls
TPS
October 4
th
2022 at 00:06
Naked Security
Morgan Stanley fined millions for selling off devices full of customer PII
September 23
rd
2022 at 18:07Β
Morgan Stanley fined millions for selling off devices full of customer PII
By
Paul Ducklin
Critical data on old disks always seems inaccessible if you really need it. But when you DON''T want it back, guess what happens...
Related tags
β
Data
loss
GDPR
compliance
data
desctruction
data
loss
Encryption
Morgan
Stanley
September 23
rd
2022 at 18:07
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
Related tags
β
Data
loss
Vulnerability
airgap
Ben
Gurion
Ben-Gurion
University
data
leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
August 18
th
2022 at 18:38Β
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
By
Paul Ducklin
Latest episode - listen now (or read if you prefer!)
Related tags
β
Cryptography
Intel
Law
&
order
Malware
Podcast
Privacy
AEPIC
Conti
healthcare
Naked
Security
Podcast
ransomware
zoom
August 18
th
2022 at 18:38
Naked Security
Apple patches double zero-day in browser and kernel β update now!
August 17
th
2022 at 23:33Β
Apple patches double zero-day in browser and kernel β update now!
By
Paul Ducklin
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
Related tags
β
Apple
iOS
Malware
OS
X
Vulnerability
CVE-2022-32893
CVE-2022-32894
ios
iPadOS
jailbreak
macOS
spyware
August 17
th
2022 at 23:33
Naked Security
US offers reward βup to $10 millionβ for information about the Conti gang
August 16
th
2022 at 16:57Β
US offers reward βup to $10 millionβ for information about the Conti gang
By
Naked Security writer
Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)
Related tags
β
Law
&
order
Ransomware
Conti
ransomware
RfJ
usa
August 16
th
2022 at 16:57
Naked Security
Zoom for Mac patches critical bug β update now!
August 15
th
2022 at 18:26Β
Zoom for Mac patches critical bug β update now!
By
Paul Ducklin
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...
Related tags
β
OS
X
Vulnerability
CVE-2022-28756
macOS
Wardle
zoom
August 15
th
2022 at 18:26
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
August 11
th
2022 at 14:34Β
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer.)
Related tags
β
Cryptography
Data
loss
Law
&
order
Malware
Microsoft
Podcast
Privacy
Cybercrime
github
hacking
malware
Naked
Security
Podcast
quantum
computing
August 11
th
2022 at 14:34
Naked Security
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
August 3
rd
2022 at 18:55Β
Post-quantum cryptography β new algorithm βgone in 60 minutesβ
By
Paul Ducklin
And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.
Related tags
β
Cryptography
nist
PQC
quantum
quantum
computing
SIKE
August 3
rd
2022 at 18:55
Naked Security
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
August 2
nd
2022 at 16:12Β
Cryptocoin βtoken swapperβ Nomad loses $200 million in coding blunder
By
Paul Ducklin
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.
Related tags
β
Cryptocurrency
Cryptography
Vulnerability
cryptocoin
cryptocurrency
DeFi
Nomad
August 2
nd
2022 at 16:12
Naked Security
Apple patches β0-dayβ browser bug fixed 2 weeks ago in Chrome, Edge
July 21
st
2022 at 12:38Β
Apple patches β0-dayβ browser bug fixed 2 weeks ago in Chrome, Edge
By
Paul Ducklin
One vendor's zero-day is another vendor's routine patch...
Related tags
β
Apple
Vulnerability
iPad
iPhone
mac
macOS
vulnerability
July 21
st
2022 at 12:38
Naked Security
Paying ransomware crooks wonβt reduce your legal risk, warns regulator
July 12
th
2022 at 18:24Β
Paying ransomware crooks wonβt reduce your legal risk, warns regulator
By
Paul Ducklin
"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?
Related tags
β
GDPR
compliance
Law
&
order
Ransomware
Uncategorized
cyberextortion
GCHQ
ico
NCSC
ransomware
July 12
th
2022 at 18:24
Naked Security
Apache βCommons Configurationβ patches Log4Shell-style bug β what you need to know
July 8
th
2022 at 00:59Β
Apache βCommons Configurationβ patches Log4Shell-style bug β what you need to know
By
Paul Ducklin
It's a bit like Log4J, but for configuration files, not for logging.
Related tags
β
Vulnerability
Apache
Commons
CVE-2022-33980
July 8
th
2022 at 00:59
Naked Security
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
July 7
th
2022 at 18:46Β
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
By
Paul Ducklin
Listen now! Or read if you prefer...
Related tags
β
Cryptocurrency
Google
Google
Chrome
Law
&
order
Podcast
Vulnerability
2FA
busts
cryptocurrency
Naked
Security
Podcast
OneCoin
July 7
th
2022 at 18:46
Naked Security
Canadian cybercriminal pleads guilty to βNetWalkerβ attacks in US
July 4
th
2022 at 14:09Β
Canadian cybercriminal pleads guilty to βNetWalkerβ attacks in US
By
Paul Ducklin
Bust in Canada, now bust in the USA as well.
Related tags
β
Cryptocurrency
Law
&
order
Ransomware
bitcoin
bust
Netwalker
ransomware
revil
July 4
th
2022 at 14:09
Naked Security
βMissing Cryptoqueenβ hits the FBIβs Ten Most Wanted list
July 1
st
2022 at 16:49Β
βMissing Cryptoqueenβ hits the FBIβs Ten Most Wanted list
By
Paul Ducklin
The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.
Related tags
β
Cryptocurrency
Law
&
order
crypto
cryptocoin
cryptoqueen
Ignatova
Scam
July 1
st
2022 at 16:49
Naked Security
OpenSSL issues a bugfix for the previous bugfix
June 24
th
2022 at 15:32Β
OpenSSL issues a bugfix for the previous bugfix
By
Paul Ducklin
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
Related tags
β
Cryptography
Vulnerability
command
injection
crypto
openssl
June 24
th
2022 at 15:32
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
May 24
th
2022 at 23:04Β
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Related tags
β
Malware
Vulnerability
exfiltration
PHP
python
secops
supply
chain
XDR
May 24
th
2022 at 23:04
Naked Security
Clearview AI face-matching service fined a lot less than expected
May 23
rd
2022 at 13:01Β
Clearview AI face-matching service fined a lot less than expected
By
Paul Ducklin
The fine has finally gone through... but it's less than 45% of what was originally proposed.
eleceye-1200
Related tags
β
Privacy
Clearview
Clearview
AI
fine
ico
May 23
rd
2022 at 13:01
Naked Security
Pwn2Own hacking schedule released β Windows and Linux are top targets
May 18
th
2022 at 13:04Β
Pwn2Own hacking schedule released β Windows and Linux are top targets
By
Paul Ducklin
What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?
Related tags
β
Vulnerability
hacking
Pwn2Own
research
secops
May 18
th
2022 at 13:04
Naked Security
Colonial Pipeline facing $1,000,000 fine for poor recovery plans
May 10
th
2022 at 16:59Β
Colonial Pipeline facing $1,000,000 fine for poor recovery plans
By
Paul Ducklin
How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here's some real-life advice...
Related tags
β
Ransomware
Colonial
Colonial
Pipeline
MTR
ransomware
May 10
th
2022 at 16:59
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
April 19
th
2022 at 16:00Β
Beanstalk cryptocurrency heist: scammer votes himself all the money
By
Paul Ducklin
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
Related tags
β
Cryptocurrency
Vulnerability
Blockchain
cryptocoin
cryptocurrency
vulnerability
April 19
th
2022 at 16:00
Naked Security
Yet another Chrome zero-day emergency update β patch now!
April 16
th
2022 at 00:33Β
Yet another Chrome zero-day emergency update β patch now!
By
Paul Ducklin
The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.
Related tags
β
Google
Google
Chrome
Microsoft
Edge
Vulnerability
"Edge"
browser
chrome
CVE-2022-1364
type
confusion
vulnerability
April 16
th
2022 at 00:33
Naked Security
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
April 14
th
2022 at 13:39Β
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Cryptocurrency
Cryptography
Podcast
Vulnerability
darkweb
Hydra
iot
Naked
Security
Podcast
PQC
quantum
computing
robot
takedown
April 14
th
2022 at 13:39
Naked Security
OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default
April 11
th
2022 at 16:58Β
OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default
By
Paul Ducklin
Useful quantum computers might not actually be possible. But what if they are? And what if they arrive, say, tomorrow?
cat-1200
Related tags
β
Cryptography
NTRU
Prime
openssh
quantum
computing
April 11
th
2022 at 16:58
Naked Security
Web vendor CafePress fined $500,000 for giving cybersecurity a low value
March 21
st
2022 at 16:55Β
Web vendor CafePress fined $500,000 for giving cybersecurity a low value
By
Paul Ducklin
Just because you're the victim of a cybercrime doesn't let you off your cybersecurity obligations
Related tags
β
GDPR
compliance
Privacy
compliance
fine
ftc
March 21
st
2022 at 16:55
Naked Security
Beware bogus Betas β cryptocoin scammers abuse Appleβs TestFlight system
March 16
th
2022 at 15:49Β
Beware bogus Betas β cryptocoin scammers abuse Appleβs TestFlight system
By
Paul Ducklin
"Install this moneymaking app" - this one is so special that it isn't available on Google Play or the App Store!
Related tags
β
Apple
Cryptocurrency
iOS
Malware
cryptocoin
scam
CryptoRom
fake
app
malware
scammer
TestFlight
March 16
th
2022 at 15:49
Naked Security
Happy #PiDay β even if you arenβt in North America!
March 14
th
2022 at 23:59Β
Happy #PiDay β even if you arenβt in North America!
By
Paul Ducklin
There is a cybersecurity angle here - but you will need to read right to the end to find it :-)
Related tags
β
computation
mathematics
March 14
th
2022 at 23:59
Naked Security
Cryptocoin ATMs ruled illegal β βShut down at onceβ, says regulator
March 14
th
2022 at 17:51Β
Cryptocoin ATMs ruled illegal β βShut down at onceβ, says regulator
By
Paul Ducklin
If you live in the UK and hadn't yet heard of cryptocoin ATMs... it's too late now!
Related tags
β
Cryptocurrency
cryptcoins
Money
Laundering
scams
March 14
th
2022 at 17:51
Naked Security
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
February 17
th
2022 at 17:12Β
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
By
Paul Ducklin
Latest episode - listen and learn!
Related tags
β
Podcast
Adobe
Apple
bitcoin
bust
cryptocoins
cryptocurrency
Google
Naked
Security
Podcast
February 17
th
2022 at 17:12
Naked Security
Apple zero-day drama for Macs, iPhones and iPads β patch now!
February 11
th
2022 at 14:25Β
Apple zero-day drama for Macs, iPhones and iPads β patch now!
By
Paul Ducklin
Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now...
apple-1200
Related tags
β
Apple
iOS
OS
X
Vulnerability
CVE-2022-22620
iPad
iPhone
macOS
vulnerability
February 11
th
2022 at 14:25
Naked Security
Self-styled βCrocodile of Wall Streetβ arrested with husband over Bitcoin megaheist
February 9
th
2022 at 14:44Β
Self-styled βCrocodile of Wall Streetβ arrested with husband over Bitcoin megaheist
By
Naked Security writer
The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion!
Related tags
β
Cryptocurrency
Cryptography
Law
&
order
Big
Bitcoin
Heist
bitcoin
BTC
bust
cryptocurrency
doj
quantum
cryptography
February 9
th
2022 at 14:44
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
February 4
th
2022 at 17:38Β
Wormhole cryptotrading company turns over $340,000,000 to criminals
By
Paul Ducklin
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
Related tags
β
Cryptocurrency
Blockchain
Jump
Crypto
smart
contract
Wormhole
February 4
th
2022 at 17:38
Naked Security
Coronavirus SMS scam offers home PCR testing devices β donβt fall for it!
January 28
th
2022 at 23:58Β
Coronavirus SMS scam offers home PCR testing devices β donβt fall for it!
By
Paul Ducklin
Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...
Related tags
β
Phishing
Security
threats
coronavirus
COVID-19
NHS
Scam
SMS
January 28
th
2022 at 23:58
Naked Security
Apple fixes Safari data leak (and patches a zero-day!) β update now
January 27
th
2022 at 21:09Β
Apple fixes Safari data leak (and patches a zero-day!) β update now
By
Paul Ducklin
That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.
apple-1200
Related tags
β
Apple
iOS
OS
X
Privacy
Vulnerability
Exploit
ios
iPhone
macOS
Patch
rce
January 27
th
2022 at 21:09
Naked Security
Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft
January 21
st
2022 at 16:25Β
Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft
By
Paul Ducklin
The company has put out a brief security report that summarises the 'what', but not yet the 'how' or 'why'.
Related tags
β
Cryptocurrency
Vulnerability
2FA
Crypto.com
cryptocurrency
January 21
st
2022 at 16:25
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
January 11
th
2022 at 00:54Β
JavaScript developer destroys own projects in supply chain βlessonβ
By
Paul Ducklin
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
Related tags
β
colors.js
faker.js
JavaScript
npm
supply
chain
January 11
th
2022 at 00:54
Naked Security
Plundered bitcoins recovered by FBI β all 3,879-and-one-sixth of them!
December 22
nd
2021 at 17:57Β
Plundered bitcoins recovered by FBI β all 3,879-and-one-sixth of them!
By
Paul Ducklin
Phew! An audacious crime... that didn't work out.
Related tags
β
Cryptocurrency
Law
&
order
bitcoin
cyberheist
doj
Japan
December 22
nd
2021 at 17:57
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
December 16
th
2021 at 17:41Β
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By
Paul Ducklin
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
Related tags
β
Apple
Podcast
CVE-2021-44228
Exploit
iPhone
jailbreak
Log4Shell
macOS
Naked
Security
Podcast
December 16
th
2021 at 17:41
Naked Security
Apple security updates are out β and not a Log4Shell mention in sight
December 14
th
2021 at 12:55Β
Apple security updates are out β and not a Log4Shell mention in sight
By
Paul Ducklin
Get 'em while they're hot!
Related tags
β
Apple
iPad
iPhone
macOS
Patch
vulnerability
December 14
th
2021 at 12:55
Naked Security
Cryptocurrency startup fails to subtract before adding, loses $31m
December 6
th
2021 at 19:50Β
Cryptocurrency startup fails to subtract before adding, loses $31m
By
Paul Ducklin
Think of a number, any number. Take away 42. Add 42 back in. Then pretend you didn't take away 42. How much is left?
Related tags
β
Cryptocurrency
cryptocoin
cryptocurrency
race
condition
December 6
th
2021 at 19:50
Load more articles