Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
SHEIN shopping app goes rogue, grabs price and URL data from your clipboard
March 10
th
2023 at 19:58Β
SHEIN shopping app goes rogue, grabs price and URL data from your clipboard
By
Paul Ducklin
It's not exactly data theft, but it's worryingly close to "unintentional treachery" - apparently because it's great for marketing purposes
Related tags
β
Data
loss
Privacy
data
leakage
Mobile
SHEIN
March 10
th
2023 at 19:58
Naked Security
Feds warn about right Royal ransomware rampage that runs the gamut of TTPs
March 3
rd
2023 at 19:56Β
Feds warn about right Royal ransomware rampage that runs the gamut of TTPs
By
Paul Ducklin
Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?
Related tags
β
Data
loss
Ransomware
CISA
mitre
ransomware
Royal
TTPs
March 3
rd
2023 at 19:56
Naked Security
S3 Ep124: When so-called security apps go rogue [Audio + Text]
March 2
nd
2023 at 19:40Β
S3 Ep124: When so-called security apps go rogue [Audio + Text]
By
Paul Ducklin
Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!
s3-ep124-auth--1200
Related tags
β
Apple
Cryptography
Data
loss
Google
Law
&
order
Podcast
2FA
Cybercrime
extortion
hacking
LastPass
Naked
Security
Podcast
ransomware
March 2
nd
2023 at 19:40
Naked Security
LastPass: Keylogger on home PC led to cracked corporate password vault
February 28
th
2023 at 02:23Β
LastPass: Keylogger on home PC led to cracked corporate password vault
By
Paul Ducklin
Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn't say which one!) on a developer's home computer.
Related tags
β
Data
loss
breach
keylogger
LastPass
malware
February 28
th
2023 at 02:23
Naked Security
Beware rogue 2FA apps in App Store and Google Play β donβt get hacked!
February 27
th
2023 at 02:10Β
Beware rogue 2FA apps in App Store and Google Play β donβt get hacked!
By
Paul Ducklin
Even in Apple's and Google's "walled gardens", there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.)
Related tags
β
2-factor
Authentication
Cryptography
Data
loss
Malware
2FA
authenticator
authenticator
app
mysk_co
Tommy
Mysk
TOTP
February 27
th
2023 at 02:10
Naked Security
S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]
February 23
rd
2023 at 19:58Β
S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! Top-notch advice for cybersecurity, both at work and at home.
Related tags
β
Cryptocurrency
Data
loss
Podcast
Privacy
2FA
Coinbase
crypto
cryptocurrency
Cybercrime
GoDaddy
malware
Naked
Security
Podcast
Twitter
February 23
rd
2023 at 19:58
Naked Security
NPM JavaScript packages abused to create scambait links in bulk
February 22
nd
2023 at 20:59Β
NPM JavaScript packages abused to create scambait links in bulk
By
Paul Ducklin
Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?!
Related tags
β
Data
loss
Spam
clickbait
npm
rogue
packages
scamming
February 22
nd
2023 at 20:59
Naked Security
Coinbase breached by social engineers, employee data stolen
February 21
st
2023 at 17:58Β
Coinbase breached by social engineers, employee data stolen
By
Paul Ducklin
Another day, another "sophisticated" attack. This time, the company has handily included some useful advice along with its mea culpa...
Related tags
β
Cryptocurrency
Data
loss
breach
Coinbase
crypto
MDR
Social
Engineering
XDR
February 21
st
2023 at 17:58
Naked Security
GoDaddy admits: Crooks hit us with malware, poisoned customer websites
February 20
th
2023 at 01:36Β
GoDaddy admits: Crooks hit us with malware, poisoned customer websites
By
Paul Ducklin
New report admits that attackers were detected in the network about three months ago, and may have been attacking for about three years.
Related tags
β
Data
loss
Malware
breach
GoDaddy
malware
February 20
th
2023 at 01:36
Naked Security
Reddit admits it was hacked and data stolen, says βDonβt panicβ
February 10
th
2023 at 19:59Β
Reddit admits it was hacked and data stolen, says βDonβt panicβ
By
Paul Ducklin
Reddit is suggesting three tips as a follow-up to this breach. We agree with two of them but not with the third...
Related tags
β
Data
loss
breach
reddit
February 10
th
2023 at 19:59
Naked Security
Finnish psychotherapy extortion suspect arrested in France
February 6
th
2023 at 19:13Β
Finnish psychotherapy extortion suspect arrested in France
By
Naked Security writer
Company transcribed ultra-personal conversations, didn't secure them. Criminal stole them, then extorted thousands of vulnerable patients.
Related tags
β
Data
loss
Law
&
order
data
breach
extortion
Vastaamo
February 6
th
2023 at 19:13
Naked Security
Password-stealing βvulnerabilityβ reported in KeePass β bug or feature?
February 1
st
2023 at 19:58Β
Password-stealing βvulnerabilityβ reported in KeePass β bug or feature?
By
Paul Ducklin
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Related tags
β
Cryptography
Data
loss
Vulnerability
CVE-2023-24055
data
leakage
KeePass
trigger
February 1
st
2023 at 19:58
Naked Security
GitHub code-signing certificates stolen (but will be revoked this week)
January 31
st
2023 at 11:35Β
GitHub code-signing certificates stolen (but will be revoked this week)
By
Paul Ducklin
There was a breach, so the bad news isn't great, but the good news isn't too bad...
Related tags
β
Data
loss
Microsoft
Vulnerability
certificate
breach
Code
signing
compromise
github
January 31
st
2023 at 11:35
Naked Security
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
January 26
th
2023 at 19:57Β
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
By
Paul Ducklin
Lastest episode - listen now! (Or read the transcript.)
Related tags
β
Apple
Data
loss
Google
Podcast
Vulnerability
DNS
GoTo
LastPass
vulnerability
Zero
Day
January 26
th
2023 at 19:57
Naked Security
GoTo admits: Customer cloud backups stolen together with decryption key
January 25
th
2023 at 01:37Β
GoTo admits: Customer cloud backups stolen together with decryption key
By
Paul Ducklin
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Related tags
β
Cryptography
Data
loss
breach
cloud
GoTo
hash
LastPass
January 25
th
2023 at 01:37
Naked Security
T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ
January 20
th
2023 at 17:59Β
T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ
By
Paul Ducklin
Once more, it's time for Shakespeare's words: Once more unto the breach...
Related tags
β
Data
loss
Privacy
8-K
breach
phishing
SEC
T-Mobile
January 20
th
2023 at 17:59
Naked Security
CircleCI β code-building service suffers total credential compromise
January 9
th
2023 at 14:52Β
CircleCI β code-building service suffers total credential compromise
By
Paul Ducklin
They're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help you find them all.
Related tags
β
Data
loss
Vulnerability
breach
CircleCI
January 9
th
2023 at 14:52
Naked Security
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
January 4
th
2023 at 19:50Β
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
By
Paul Ducklin
Lessons for us all: improve cryptography, fight cybercrime, own your supply chain... and don't steal my data and then pretend you're sorry.
Related tags
β
Data
loss
Malware
Podcast
Security
leadership
Vulnerability
Cryptography
Cybercrime
Linux
machine
learning
vulnerability
January 4
th
2023 at 19:50
Naked Security
Inside a scammersβ lair: Ukraine busts 40 in fake bank call-centre raid
January 3
rd
2023 at 17:03Β
Inside a scammersβ lair: Ukraine busts 40 in fake bank call-centre raid
By
Naked Security writer
When someone calls you up to warn you that your bank account is under attack - it's true, because THAT VERY PERSON is the one attacking you!
Related tags
β
Cryptocurrency
Data
loss
Law
&
order
Caller
ID
Cybercrime
fake
call
scamming
January 3
rd
2023 at 17:03
Naked Security
S3 Ep115: True crime stories β A day in the life of a cybercrime fighter [Audio + Text]
December 29
th
2022 at 09:20Β
S3 Ep115: True crime stories β A day in the life of a cybercrime fighter [Audio + Text]
By
Paul Ducklin
Listen now - you'll be alarmed, amused and educated, all in equal measure. (Full transcript in article.)
Related tags
β
Data
loss
Malware
Podcast
Ransomware
Security
leadership
Cybercrime
hacking
MDR
Naked
Security
Podcast
Peter
Mackenzie
ransomware
December 29
th
2022 at 09:20
Naked Security
Twitter data of β+400 million unique usersβ up for sale β what to do?
December 28
th
2022 at 19:59Β
Twitter data of β+400 million unique usersβ up for sale β what to do?
By
Paul Ducklin
If the crooks have connected up your phone number and your Twitter handle... what could go wrong?
Related tags
β
Data
loss
breach
extortion
Twitter
December 28
th
2022 at 19:59
Naked Security
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
December 23
rd
2022 at 19:58Β
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
By
Paul Ducklin
The crooks now know who you are, where you live, which computers are yours, where you go online... and they got those password vaults, too.
Related tags
β
Data
loss
Privacy
breach
LastPass
December 23
rd
2022 at 19:58
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
December 15
th
2022 at 17:10Β
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By
Paul Ducklin
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Related tags
β
Apple
Data
loss
Malware
Microsoft
Podcast
Privacy
Vulnerability
day
Ben-Gurion
University
ios
Naked
Security
Podcast
skimming
supply
chain
vulnerability
Zero
Day
December 15
th
2022 at 17:10
Naked Security
COVID-bit: the wireless spyware trick with an unfortunate name
December 13
th
2022 at 19:58Β
COVID-bit: the wireless spyware trick with an unfortunate name
By
Paul Ducklin
It's not the switching that's the problem, it's the switching of the switching!
ind-1200
Related tags
β
Data
loss
Privacy
airgap
Ben-Gurion
University
exfiltration
December 13
th
2022 at 19:58
Naked Security
Credit card skimming β the long and winding road of supply chain failure
December 8
th
2022 at 19:58Β
Credit card skimming β the long and winding road of supply chain failure
By
Paul Ducklin
Don't keep calling home to a JavaScript server that closed its doors eight years ago!
Related tags
β
Data
loss
Malware
Privacy
Cockpit
e-commerce
HTML
injection
skimming
December 8
th
2022 at 19:58
Naked Security
LastPass admits to customer data breach caused by previous breach
December 2
nd
2022 at 01:10Β
LastPass admits to customer data breach caused by previous breach
By
Paul Ducklin
Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.
Related tags
β
Data
loss
Privacy
data
breach
LastPass
December 2
nd
2022 at 01:10
Naked Security
Black Friday and retail season β watch out for PayPal βmoney requestβ scams
November 17
th
2022 at 12:45Β
Black Friday and retail season β watch out for PayPal βmoney requestβ scams
By
Paul Ducklin
Don't let a keen eye for bargains lead you into risky online behaviour...
Related tags
β
Data
loss
Privacy
Black
Friday
PayPal
Scam
November 17
th
2022 at 12:45
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
November 3
rd
2022 at 17:51Β
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
By
Paul Ducklin
Listen now - latest episode - audio plus full transcript
Related tags
β
Apple
Data
loss
Google
Law
&
order
Malware
Podcast
Privacy
Vulnerability
bust
Cybercrime
cyberextortion
data
breach
heartbleed
Naked
Security
Podcast
openssl
Patches
November 3
rd
2022 at 17:51
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
October 27
th
2022 at 16:59Β
S3 Ep106: Facial recognition without consent β should it be banned?
By
Paul Ducklin
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Related tags
β
Cryptography
Data
loss
GDPR
compliance
Law
&
order
Podcast
Privacy
Ransomware
Clearview
Clearview
AI
Deadbolt
Naked
Security
Podcast
randomness
October 27
th
2022 at 16:59
Naked Security
Online ticketing company βSeeβ pwned for 2.5 years by attackers
October 26
th
2022 at 19:58Β
Online ticketing company βSeeβ pwned for 2.5 years by attackers
By
Paul Ducklin
Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.
Related tags
β
Data
loss
data
breach
See
Tickets
Web
Malware
October 26
th
2022 at 19:58
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
October 20
th
2022 at 18:54Β
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By
Paul Ducklin
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
Related tags
β
Cryptography
Data
loss
Microsoft
Podcast
Privacy
data
breach
Naked
Security
Podcast
Office
Patch
Tuesday
zoom
October 20
th
2022 at 18:54
Naked Security
Fashion brand SHEIN fined $1.9m for lying about data breach
October 17
th
2022 at 18:50Β
Fashion brand SHEIN fined $1.9m for lying about data breach
By
Naked Security writer
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Related tags
β
Data
loss
GDPR
compliance
cover-up
data
breach
New
York
ROMWE
SHEIN
Zoetop
October 17
th
2022 at 18:50
Naked Security
Former Uber CSO convicted of covering up megabreach back in 2016
October 6
th
2022 at 01:04Β
Former Uber CSO convicted of covering up megabreach back in 2016
By
Naked Security writer
Obstructed FTC proceedings, and concealed a crime, said the jury.
Related tags
β
Data
loss
GDPR
compliance
Privacy
Sullivan
Uber
October 6
th
2022 at 01:04
Naked Security
Optus breach β Aussie telco told it will have to pay to replace IDs
September 28
th
2022 at 13:55Β
Optus breach β Aussie telco told it will have to pay to replace IDs
By
Paul Ducklin
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
Related tags
β
Data
loss
Privacy
data
breach
Optus
September 28
th
2022 at 13:55
Naked Security
Morgan Stanley fined millions for selling off devices full of customer PII
September 23
rd
2022 at 18:07Β
Morgan Stanley fined millions for selling off devices full of customer PII
By
Paul Ducklin
Critical data on old disks always seems inaccessible if you really need it. But when you DON''T want it back, guess what happens...
Related tags
β
Data
loss
GDPR
compliance
data
desctruction
data
loss
Encryption
Morgan
Stanley
September 23
rd
2022 at 18:07
Naked Security
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
September 22
nd
2022 at 18:42Β
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
Related tags
β
Data
loss
Podcast
2FA
data
breach
LastPass
MFA
Naked
Security
Podcast
Uber
September 22
nd
2022 at 18:42
Naked Security
LastPass source code breach β incident response report released
September 19
th
2022 at 18:59Β
LastPass source code breach β incident response report released
By
Paul Ducklin
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
Related tags
β
Data
loss
data
breach
incident
response
LastPass
password
password
manager
zero
trust
September 19
th
2022 at 18:59
Naked Security
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
September 17
th
2022 at 20:57Β
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
By
Paul Ducklin
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."
Related tags
β
Data
loss
Podcast
Security
leadership
September 17
th
2022 at 20:57
Naked Security
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
September 16
th
2022 at 18:43Β
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
By
Paul Ducklin
Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?"
Related tags
β
Data
loss
Privacy
data
breach
hacking
Uber
September 16
th
2022 at 18:43
Naked Security
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
September 13
th
2022 at 20:52Β
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
By
Paul Ducklin
Simple but super-sneaky - use a picture of a browser, and convince people it's real...
pipe-light-not-1200
Related tags
β
Data
loss
Phishing
BitB
MitB
MITM
phishing
Scam
September 13
th
2022 at 20:52
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
September 1
st
2022 at 16:55Β
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Podcast
airgap
bugs
chrome
data
loss
JavaScript
LastPass
vulnerability
September 1
st
2022 at 16:55
Naked Security
LastPass source code breach β do we still recommend password managers?
August 29
th
2022 at 16:59Β
LastPass source code breach β do we still recommend password managers?
By
Paul Ducklin
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Related tags
β
Data
loss
breach
LastPass
password
manager
August 29
th
2022 at 16:59
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
Related tags
β
Data
loss
Vulnerability
airgap
Ben
Gurion
Ben-Gurion
University
data
leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
August 11
th
2022 at 14:34Β
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer.)
Related tags
β
Cryptography
Data
loss
Law
&
order
Malware
Microsoft
Podcast
Privacy
Cybercrime
github
hacking
malware
Naked
Security
Podcast
quantum
computing
August 11
th
2022 at 14:34
Naked Security
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
August 10
th
2022 at 16:59Β
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
By
Paul Ducklin
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
Related tags
β
Cryptography
Data
loss
Vulnerability
APIC
CVE-2022-21233
EPIC
SGX
ΓPIC
Leak
August 10
th
2022 at 16:59
Naked Security
Slack admits to leaking hashed passwords for five years
August 8
th
2022 at 15:14Β
Slack admits to leaking hashed passwords for five years
By
Paul Ducklin
"When those invitations went out... somehow, your password hash went out with them."
Related tags
β
Cryptography
Data
loss
brute
force
crack
dictionary
attack
hashing
password
salt
Slack
August 8
th
2022 at 15:14
Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
July 28
th
2022 at 15:47Β
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Apple
Data
loss
Law
&
order
Mozilla
Podcast
Privacy
Vulnerability
Safari
T-Mobile
vulnerability
Zero
Day
July 28
th
2022 at 15:47
Naked Security
T-Mobile to cough up $500 million over 2021 data breach
July 25
th
2022 at 16:20Β
T-Mobile to cough up $500 million over 2021 data breach
By
Paul Ducklin
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.
Related tags
β
Data
loss
Law
&
order
Privacy
data
breach
T-Mobile
July 25
th
2022 at 16:20
Naked Security
Office macro security: on-again-off-again feature now BACK ON AGAIN!
July 23
rd
2022 at 01:10Β
Office macro security: on-again-off-again feature now BACK ON AGAIN!
By
Paul Ducklin
20 years to turn it on, then 20 weeks to turn it off, then just 2 weeks to turn it back on again. That's progress!
Related tags
β
Data
loss
Malware
Microsoft
Privacy
macros
Office
VBA
July 23
rd
2022 at 01:10
Naked Security
Facebook 2FA phish arrives just 28 minutes after scam domain created
July 1
st
2022 at 20:01Β
Facebook 2FA phish arrives just 28 minutes after scam domain created
By
Paul Ducklin
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
Related tags
β
Data
loss
Facebook
Phishing
Privacy
2FA
phishing
Scam
July 1
st
2022 at 20:01
Naked Security
Harmony blockchain loses nearly $100M due to hacked private keys
June 27
th
2022 at 18:14Β
Harmony blockchain loses nearly $100M due to hacked private keys
By
Paul Ducklin
The crooks needed at least two private keys, each stored in two parts... but they got them anyway.
Related tags
β
Cryptocurrency
Data
loss
crypto
ether
hack
Harmony
June 27
th
2022 at 18:14
Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
June 23
rd
2022 at 11:08Β
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
By
Paul Ducklin
Latest epsiode - listen (or read) now!
Related tags
β
Amazon
Cryptocurrency
Data
loss
Law
&
order
Malware
Podcast
Privacy
bust
data
breach
hacking
Interpol
Naked
Security
Podcast
phone
scams
scammers
June 23
rd
2022 at 11:08
Naked Security
Capital One identity theft hacker finally gets convicted
June 21
st
2022 at 15:24Β
Capital One identity theft hacker finally gets convicted
By
Paul Ducklin
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
Related tags
β
Data
loss
Law
&
order
Malware
capital
one
cryptojacking
data
breach
doj
SSN
June 21
st
2022 at 15:24
Naked Security
GitHub issues final report on supply-chain source code intrusions
April 29
th
2022 at 16:15Β
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Related tags
β
Data
loss
Microsoft
github
oauth
supply
chain
zero
trust
April 29
th
2022 at 16:15
Naked Security
LAPSUS$ hacks continue despite two hacker suspects in court
April 4
th
2022 at 21:36Β
LAPSUS$ hacks continue despite two hacker suspects in court
By
Paul Ducklin
Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?
Related tags
β
Data
loss
Law
&
order
Privacy
bust
cyberextortion
hacking
lapsus
ransomware
April 4
th
2022 at 21:36
Naked Security
World Backup Day: 5 data recovery tips for everyone!
March 30
th
2022 at 15:10Β
World Backup Day: 5 data recovery tips for everyone!
By
Paul Ducklin
The only backup you will ever regret is the one you didn't make
Related tags
β
Data
loss
backup
ransomware
world
backup
day
March 30
th
2022 at 15:10
Naked Security
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
March 24
th
2022 at 13:49Β
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Cryptography
Data
loss
Malware
Podcast
Vulnerability
CafePress
data
breach
ftc
lapsus
Naked
Security
Podcast
March 24
th
2022 at 13:49
Naked Security
Adafruit suffers GitHub data breach β donβt let this happen to you
March 7
th
2022 at 12:47Β
Adafruit suffers GitHub data breach β donβt let this happen to you
By
Paul Ducklin
Training data stashed in GitHub by mistake... unfortunately, it was *real* data
Related tags
β
Data
loss
adafruit
data
breach
ex-employee
github
March 7
th
2022 at 12:47
Naked Security
Linux kernel patches βperformance can be harmfulβ bug in video driver
February 1
st
2022 at 19:59Β
Linux kernel patches βperformance can be harmfulβ bug in video driver
By
Paul Ducklin
This bug is fiendishly hard to exploit - but if you patch, it won't be there to exploit at all.
Related tags
β
Data
loss
Vulnerability
CVE-2022-0330
drm/i915
Linux
February 1
st
2022 at 19:59
Naked Security
Serious Security: Apple Safari leaks private data via database API β what you need to know
January 18
th
2022 at 19:23Β
Serious Security: Apple Safari leaks private data via database API β what you need to know
By
Paul Ducklin
There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing
Related tags
β
Apple
Data
loss
Privacy
data
leakage
Safari
webkit
January 18
th
2022 at 19:23
Load more articles