Performance and security clash yet again in “Collide+Power” attack

It's a real vulnerability, but the data leakage rate can be as low as... let's just say that an IMAX-quality copy of the new "Oppenheimer" movie could take you 4 billion years to exfiltrate.

Apple silently pulls its latest zero-day update – what now?

Previously, we said "do it today", but now we're forced back on: "Do not delay; do it as soon as Apple and your device will let you."

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

FBI and FCC warn about “Juicejacking” – but just how useful is their advice?

USB charging stations - can you trust them? What are the real risks, and how can you keep your data safe on the road?

Google Pixel phones had a serious data leakage bug – here’s what to do!

What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?

Dangerous Android phone 0-day bugs revealed – patch or work around them now!

Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.

Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raid

When someone calls you up to warn you that your bank account is under attack - it's true, because THAT VERY PERSON is the one attacking you!

S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]

Latest episode - listen now! Cybersecurity news plus loads of great advice...

Black Friday and retail season – watch out for PayPal “money request” scams

Don't let a keen eye for bargains lead you into risky online behaviour...

Dangerous SIM-swap lockscreen bypass – update Android now!

A bit like leaving the front door keys under the doormat...

WhatsApp goes after Chinese password scammers via US court

If you can't beat 'em, sue 'em!

LastPass source code breach – incident response report released

Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.

7 cybersecurity tips for your summer vacation!

Here you go - seven thoughtful cybersecurity tips to help you travel safely...

SSNDOB Market domains seized, identity theft “brokerage” shut down

The online identity "brokerage" SSNDOB Market didn't want people to be in any doubt what it was selling.

Android monthly updates are out – critical bugs found in critical places!

Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

Latest episode - listen now! Cybersecurity news and advice in plain English.

Google’s monthly Android updates patch numerous “get root” holes

Get the update now... if it's available for your phone. Here's how to check.

S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]

Latest episode - listen now!

S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]

Latest episode - listen now!

“Dirty Pipe” Linux kernel bug lets anyone write to any file

Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.

Ransomware with a difference: “Derestrict your software, or else!”

"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.

Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!

Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...

SFW! The Top N Cyber­security Stories of 2021 (for small positive integer values of N)

Happy Holidays! Our Top N stories, all totally SFW!

Log4Shell: The Movie… a short, safe visual tour for work and home

Be happy that your sysadmins are taking one (three, actually!) for the team right now... here's why!

US government securities watchdog spoofed by investment scammers – don’t fall for it!

Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.

Black Friday and Cyber Monday – here’s what you REALLY need to do!

The world fills up with cybersecurity tips every year when Black Friday comes round. But what about the rest of the year?

Europol announces “targeting” of 12 suspects in ransomware attacks

More anti-ransomware activity by law enforcement, this time in Switzerland and Ukraine.

REvil ransomware gang allegedly forced offline by law enforcement counterattacks

One down. Lots more to go. Here's what to do...