Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Chrome and Edge zero-day: βThis exploit is in the wildβ, so check your versions now
June 6
th
2023 at 18:28Β
Chrome and Edge zero-day: βThis exploit is in the wildβ, so check your versions now
By
Paul Ducklin
Chrome and Edge 0-days patched.
Related tags
β
Google
Google
Chrome
Microsoft
Microsoft
Edge
Vulnerability
"Edge"
chrome
CVE-2023-3079
type
confusion
vulnerability
Zero
Day
June 6
th
2023 at 18:28
Naked Security
Whodunnit? Cybercrook gets 6 years for ransoming his own employer
May 12
th
2023 at 16:15Β
Whodunnit? Cybercrook gets 6 years for ransoming his own employer
By
Naked Security writer
Not just an active adversary, but a two-faced one, too.
Related tags
β
Data
loss
Law
&
order
doj
FBI
MDR
ransomware
zero
trust
May 12
th
2023 at 16:15
Naked Security
Apple delivers first-ever Rapid Security Response βcyberattackβ patch β leaves some users confused
May 1
st
2023 at 20:46Β
Apple delivers first-ever Rapid Security Response βcyberattackβ patch β leaves some users confused
By
Paul Ducklin
Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...
Related tags
β
Uncategorized
Apple
Patch
Rapid
Security
Response
Zero
Day
May 1
st
2023 at 20:46
Naked Security
Double zero-day in Chrome and Edge β check your versions now!
April 24
th
2023 at 19:59Β
Double zero-day in Chrome and Edge β check your versions now!
By
Paul Ducklin
Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?
Related tags
β
Google
Google
Chrome
Microsoft
Microsoft
Edge
Vulnerability
"Edge"
chrome
Chromium
Patch
Zero
Day
April 24
th
2023 at 19:59
Naked Security
S3 Ep130: Open the garage bay doors, HAL [Audio + Text]
April 13
th
2023 at 16:54Β
S3 Ep130: Open the garage bay doors, HAL [Audio + Text]
By
Paul Ducklin
I'm sorry, Dave. I'm afraid I can't... errr, no, hang on a minute, I can do that easily! Worldwide! Right now!
Related tags
β
Apple
IoT
Microsoft
Podcast
Vulnerability
Cybercrime
exoploit
hacking
iot
Naked
Security
Podcast
Zero
Day
April 13
th
2023 at 16:54
Naked Security
Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot
April 12
th
2023 at 18:57Β
Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot
By
Paul Ducklin
Is Secure Boot without the Secure just "Boot"?
Related tags
β
Microsoft
Vulnerability
bootkit
Exploit
Patch
Tuesday
Secure
Boot
Zero
Day
April 12
th
2023 at 18:57
Naked Security
Apple issues emergency patches for spyware-style 0-day exploits β update now!
April 8
th
2023 at 01:20Β
Apple issues emergency patches for spyware-style 0-day exploits β update now!
By
Paul Ducklin
A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International.
Related tags
β
Apple
Apple
Safari
Vulnerability
day
Amnesty
International
Exploit
ios
iPhone
mac
Zero
Day
April 8
th
2023 at 01:20
Naked Security
Apple patches everything, including a zero-day fix for iOS 15 users
March 28
th
2023 at 00:23Β
Apple patches everything, including a zero-day fix for iOS 15 users
By
Paul Ducklin
Got an older iPhone that can't run iOS 16? You've got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too.
Related tags
β
Apple
Vulnerability
day
Exploit
ios
iPad
iPadOS
iPhone
macOS
vulnerability
Zero
Day
March 28
th
2023 at 00:23
Naked Security
Microsoft fixes two 0-days on Patch Tuesday β update now!
March 15
th
2023 at 00:06Β
Microsoft fixes two 0-days on Patch Tuesday β update now!
By
Paul Ducklin
An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.
Related tags
β
Microsoft
Vulnerability
Windows
day
Exploit
MOTW
NTLM
v2
Outlook
Patch
Tuesday
SmartScreen
vulnerability
Zero
Day
March 15
th
2023 at 00:06
Naked Security
S3 Ep122: Stop calling every breach βsophisticatedβ! [Audio + Text]
February 16
th
2023 at 17:46Β
S3 Ep122: Stop calling every breach βsophisticatedβ! [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Full transcript inside.)
Related tags
β
Podcast
Apple
Cybercrime
Exploit
hacking
Microsoft
Naked
Security
Podcast
Patch
Tuesday
reddit
vulnerability
Zero
Day
February 16
th
2023 at 17:46
Naked Security
Apple fixes zero-day spyware implant bug β patch now!
February 14
th
2023 at 19:08Β
Apple fixes zero-day spyware implant bug β patch now!
By
Paul Ducklin
Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!
Related tags
β
Apple
Apple
Safari
Vulnerability
VE-2023-23529
Zero
Day
February 14
th
2023 at 19:08
Naked Security
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
January 26
th
2023 at 19:57Β
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
By
Paul Ducklin
Lastest episode - listen now! (Or read the transcript.)
Related tags
β
Apple
Data
loss
Google
Podcast
Vulnerability
DNS
GoTo
LastPass
vulnerability
Zero
Day
January 26
th
2023 at 19:57
Naked Security
Apple patches are out β old iPhones get an old zero-day fix at last!
January 24
th
2023 at 01:24Β
Apple patches are out β old iPhones get an old zero-day fix at last!
By
Paul Ducklin
Don't delay, especially if you're still running an iOS 12 device... please do it today!
Related tags
β
Apple
Vulnerability
CVE-2022-42856
Exploit
ios
ios
12
iPadOS
macOS
Ventura
Zero
Day
January 24
th
2023 at 01:24
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
December 15
th
2022 at 17:10Β
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By
Paul Ducklin
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Related tags
β
Apple
Data
loss
Malware
Microsoft
Podcast
Privacy
Vulnerability
day
Ben-Gurion
University
ios
Naked
Security
Podcast
skimming
supply
chain
vulnerability
Zero
Day
December 15
th
2022 at 17:10
Naked Security
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
December 5
th
2022 at 20:58Β
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
By
Paul Ducklin
Ninth more unto the breach, dear friends, ninth more.
Related tags
β
Google
Google
Chrome
Microsoft
Vulnerability
"Edge"
chrome
Chromium
CVE-2022-4262
Zero
Day
December 5
th
2022 at 20:58
Naked Security
Chrome fixes 8th zero-day of 2022 β check your version now (Edge too!)
November 28
th
2022 at 19:42Β
Chrome fixes 8th zero-day of 2022 β check your version now (Edge too!)
By
Paul Ducklin
There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!
Related tags
β
Google
Google
Chrome
Microsoft
Edge
Vulnerability
"Edge"
chrome
Zero
Day
November 28
th
2022 at 19:42
Naked Security
How to hack an unpatched Exchange server with rogue PowerShell code
November 22
nd
2022 at 19:54Β
How to hack an unpatched Exchange server with rogue PowerShell code
By
Paul Ducklin
Review your servers, your patches and your authentication policies - there's a proof-of-concept out
Related tags
β
Microsoft
Uncategorized
Vulnerability
day
:ProxyNotShell
CVE-2022-41040
CVE-2022-41082
Zero
Day
November 22
nd
2022 at 19:54
Naked Security
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
November 9
th
2022 at 19:58Β
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
By
Paul Ducklin
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?
Related tags
β
Microsoft
Privacy
Vulnerability
day
exchange
Exploit
Patch
Tuesday
vulnerability
Zero
Day
November 9
th
2022 at 19:58
Naked Security
Chrome issues urgent zero-day fix β update now!
October 29
th
2022 at 15:08Β
Chrome issues urgent zero-day fix β update now!
By
Paul Ducklin
We've said it before/And we'll say it again/It's not *if* you should patch/It's a matter of *when*. (Hint: now!)
Related tags
β
Google
Google
Chrome
Vulnerability
"Edge"
day
chrome
Chromium
CVE-2022-3723
Exploit
Zero
Day
October 29
th
2022 at 15:08
Naked Security
Updates to Appleβs zero-day update story β iPhone and iPad users read this!
October 28
th
2022 at 18:04Β
Updates to Appleβs zero-day update story β iPhone and iPad users read this!
By
Paul Ducklin
Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day for iOS 15...
Related tags
β
Apple
Vulnerability
CVE-2022-42827
iPad
iPhone
spyware
Zero
Day
October 28
th
2022 at 18:04
Naked Security
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
October 1
st
2022 at 14:05Β
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
By
Paul Ducklin
Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...
Related tags
β
Microsoft
Podcast
Vulnerability
:ProxyNotShell
chester
wisniewski
CVE-2022-41040
CVE-2022-41042
exchange
Zero
Day
October 1
st
2022 at 14:05
Naked Security
URGENT! Microsoft Exchange double zero-day β βlike ProxyShell, only differentβ
September 30
th
2022 at 18:25Β
URGENT! Microsoft Exchange double zero-day β βlike ProxyShell, only differentβ
By
Paul Ducklin
Double-play 0-day in Exchange - what you need to know, and what you can do
Related tags
β
Microsoft
Vulnerability
CVE-2022-41040
CVE-2022-41082
exchange
vulnerability
Zero
Day
September 30
th
2022 at 18:25
Naked Security
LastPass source code breach β incident response report released
September 19
th
2022 at 18:59Β
LastPass source code breach β incident response report released
By
Paul Ducklin
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
Related tags
β
Data
loss
data
breach
incident
response
LastPass
password
password
manager
zero
trust
September 19
th
2022 at 18:59
Naked Security
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
September 15
th
2022 at 18:50Β
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...
s3-ep100-js-1200
Related tags
β
Podcast
Cybercrime
Deadbolt
Naked
Security
Podcast
ransomware
Zero
Day
September 15
th
2022 at 18:50
Naked Security
Chrome and Edge fix zero-day security hole β update now!
September 5
th
2022 at 15:12Β
Chrome and Edge fix zero-day security hole β update now!
By
Paul Ducklin
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
Related tags
β
Google
Google
Chrome
Vulnerability
chrome
CVE-2022-3075
Exploit
Patch
Zero
Day
September 5
th
2022 at 15:12
Naked Security
URGENT! Apple slips out zero-day update for older iPhones and iPads
August 31
st
2022 at 18:42Β
URGENT! Apple slips out zero-day update for older iPhones and iPads
By
Paul Ducklin
Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.
Related tags
β
Apple
iOS
CVE-2022-32893
ios
spyware
webkit
Zero
Day
August 31
st
2022 at 18:42
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
August 25
th
2022 at 15:37Β
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! (Or read the transcript if you prefer the text version.)
Related tags
β
Apple
Cryptocurrency
Google
Microsoft
Podcast
Vulnerability
"Edge"
chrome
crypto
cryptocurrency
denial
of
service
DOS
iPhone
Naked
Security
Podcast
R&B
Zero
Day
August 25
th
2022 at 15:37
Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
July 28
th
2022 at 15:47Β
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Apple
Data
loss
Law
&
order
Mozilla
Podcast
Privacy
Vulnerability
Safari
T-Mobile
vulnerability
Zero
Day
July 28
th
2022 at 15:47
Naked Security
Google patches βin-the-wildβ Chrome zero-day β update now!
July 5
th
2022 at 15:55Β
Google patches βin-the-wildβ Chrome zero-day β update now!
By
Paul Ducklin
Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...
Related tags
β
Google
Google
Chrome
Vulnerability
day
chrome
CVE-2022-2294
vulnerability
zer-day
Zero
Day
July 5
th
2022 at 15:55
Naked Security
S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
June 9
th
2022 at 13:07Β
S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
By
Paul Ducklin
Latest episode - listen (or read) now!
Related tags
β
Podcast
Active
Adversary
MDR
MTR
Naked
Security
Podcast
vulnerability
Zero
Day
June 9
th
2022 at 13:07
Naked Security
Atlassian announces 0-day hole in Confluence Server β update now!
June 3
rd
2022 at 18:59Β
Atlassian announces 0-day hole in Confluence Server β update now!
By
Paul Ducklin
Zero-day announced - here's what you need to know
Related tags
β
Vulnerability
atlassian
CVE-2022-26134
Zero
Day
June 3
rd
2022 at 18:59
Naked Security
Mysterious βFollinaβ zero-day hole in Office β hereβs what to do!
May 30
th
2022 at 23:01Β
Mysterious βFollinaβ zero-day hole in Office β hereβs what to do!
By
Paul Ducklin
News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!
Related tags
β
Microsoft
Security
threats
Vulnerability
CVE-2022-30190
Follina
ms-msdt
MSDT
Office
Zero
Day
May 30
th
2022 at 23:01
Naked Security
Apple patches zero-day kernel hole and much more β update now!
May 17
th
2022 at 09:30Β
Apple patches zero-day kernel hole and much more β update now!
By
Paul Ducklin
You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.
Related tags
β
Apple
iOS
OS
X
Vulnerability
day
Patch
vulnerability
Zero
Day
May 17
th
2022 at 09:30
Naked Security
GitHub issues final report on supply-chain source code intrusions
April 29
th
2022 at 16:15Β
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Related tags
β
Data
loss
Microsoft
github
oauth
supply
chain
zero
trust
April 29
th
2022 at 16:15
Naked Security
Apple pushes out two emergency 0-day updates β get βem now!
March 31
st
2022 at 23:38Β
Apple pushes out two emergency 0-day updates β get βem now!
By
Paul Ducklin
More Apple zero-days - mobile devices, laptops and desktops affected. Update now!
apple-1200
Related tags
β
Apple
Vulnerability
iPad
iPhone
mac
vulnerability
Zero
Day
March 31
st
2022 at 23:38
Naked Security
Google Chrome patches mysterious new zero-day bug β update now
March 28
th
2022 at 14:18Β
Google Chrome patches mysterious new zero-day bug β update now
By
Paul Ducklin
CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!
Related tags
β
Google
Google
Chrome
chrome
Chromium
CVE-2022-1096
Exploit
Zero
Day
March 28
th
2022 at 14:18
Naked Security
Firefox patches two actively exploited 0-day holes: update now!
March 5
th
2022 at 19:06Β
Firefox patches two actively exploited 0-day holes: update now!
By
Paul Ducklin
Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!
Related tags
β
Mozilla
Vulnerability
Exploit
Firefox
o-day
Zero
Day
March 5
th
2022 at 19:06
Naked Security
Google announces zero-day in Chrome browser β update now!
February 15
th
2022 at 19:17Β
Google announces zero-day in Chrome browser β update now!
By
Paul Ducklin
Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week"
Related tags
β
Google
Google
Chrome
Microsoft
Edge
Vulnerability
chrome
Chromium
CVE-2022-0609
Zero
Day
February 15
th
2022 at 19:17
Naked Security
Adobe fixes zero-day exploit in e-commerce code: update now!
February 14
th
2022 at 22:38Β
Adobe fixes zero-day exploit in e-commerce code: update now!
By
Paul Ducklin
There's a remote code execution hole in Adobe e-commerce products - and cybercrooks are already exploiting it.
Related tags
β
Adobe
Vulnerability
CVE-2022-24086
Exploit
vulnerability
Zero
Day
February 14
th
2022 at 22:38
Naked Security
S3 Ep68: Bugs, scams, privacy β¦and fonts?! [Podcast + Transcript]
February 3
rd
2022 at 16:20Β
S3 Ep68: Bugs, scams, privacy β¦and fonts?! [Podcast + Transcript]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Podcast
Privacy
Apple
fonts
Naked
Security
Podcast
Safari
scams
Zero
Day
February 3
rd
2022 at 16:20
Naked Security
Check your patches β public exploit now out for critical Exchange bug
November 23
rd
2021 at 14:36Β
Check your patches β public exploit now out for critical Exchange bug
By
Paul Ducklin
It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.
Related tags
β
Microsoft
Vulnerability
CVE-2021-42321
exchange
Patch
Patch
Tuesday
Zero
Day
November 23
rd
2021 at 14:36
Naked Security
Apple ships Monterey with security updates, fixes 0-day in Watch and TV products, updates iDevices
October 27
th
2021 at 22:16Β
Apple ships Monterey with security updates, fixes 0-day in Watch and TV products, updates iDevices
By
Paul Ducklin
A slew of security bulletins from Apple HQ, including 37 bugs listed as fixed in the initial public release of macOS Monterey.
Related tags
β
Apple
Podcast
ios
iPadOS
Zero
Day
October 27
th
2021 at 22:16
Naked Security
S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]
October 14
th
2021 at 18:33Β
S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Apple
iOS
Phishing
Podcast
Vulnerability
day
iPhone
Naked
Security
Podcast
vulnerability
Zero
Day
October 14
th
2021 at 18:33
There are no more articles
β
Mark all as read