Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
βSnakes in airplane modeβ β what if your phone says itβs offline but isnβt?
August 21
st
2023 at 17:45Β
βSnakes in airplane modeβ β what if your phone says itβs offline but isnβt?
By
Paul Ducklin
WYSIWYG is short for "what you see is what you get". Except when it isn't...
Related tags
β
Data
loss
Malware
Airplane
Mode
data
leakage
iPhone
WYSIWYG
August 21
st
2023 at 17:45
Naked Security
S3 Ep147: What if you type in your password during a meeting?
August 10
th
2023 at 13:34Β
S3 Ep147: What if you type in your password during a meeting?
By
Paul Ducklin
Latest episode - listen now! (Full transcript inside.)
Related tags
β
Cryptocurrency
Cryptography
Data
loss
Intel
Law
&
order
Podcast
bust
cryptocurrency
Cybercrime
data
leakage
hacking
Naked
Security
Podcast
surveillance
August 10
th
2023 at 13:34
Naked Security
Serious Security: Why learning to touch-type could protect you from audio snooping
August 8
th
2023 at 18:51Β
Serious Security: Why learning to touch-type could protect you from audio snooping
By
Paul Ducklin
Fast, quiet, smooth, consistent and low impact... why true hacker-grade touch-typing might keep you more secure.
Related tags
β
Data
loss
Privacy
audio
data
leakage
serious
security
surveillance
August 8
th
2023 at 18:51
Naked Security
S3 Ep146: Tell us about that breach! (If you want to.)
August 3
rd
2023 at 17:56Β
S3 Ep146: Tell us about that breach! (If you want to.)
By
Paul Ducklin
Serious security stories explained clearly in plain English - listen now. (Full transcript available.)
Related tags
β
Podcast
Uncategorized
BWAIN
data
leakage
Firefox
Naked
Security
Podcast
SEC
August 3
rd
2023 at 17:56
Naked Security
Serious Security: Rowhammer returns to gaslight your computer
July 10
th
2023 at 21:22Β
Serious Security: Rowhammer returns to gaslight your computer
By
Paul Ducklin
Gaslights produce a telltale flicker when nearby lamps are lit; DRAM values do something similar when nearby memory cells are accessed.
Related tags
β
Security
threats
Vulnerability
data
leakage
rowhammer
serious
security
July 10
th
2023 at 21:22
Naked Security
Serious Security: That KeePass βmaster password crackβ, and what we can learn from it
May 31
st
2023 at 19:39Β
Serious Security: That KeePass βmaster password crackβ, and what we can learn from it
By
Paul Ducklin
Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)
Related tags
β
Data
loss
CVE-2023-32784
KeePass
memory
management
ram
scraping
serious
security
May 31
st
2023 at 19:39
Naked Security
Windows 11 also vulnerable to βaCropalypseβ image data leakage
March 22
nd
2023 at 17:59Β
Windows 11 also vulnerable to βaCropalypseβ image data leakage
By
Paul Ducklin
Turns out that the Windows 11 Snipping Tool has the same "aCropalypse" data leakage bug as Pixel phones. Here's how to work around the problem...
Related tags
β
Data
loss
Microsoft
aCropalypse
CVE-2023-20136
data
leakage
Snipping
Tool
Windows
March 22
nd
2023 at 17:59
Naked Security
Google Pixel phones had a serious data leakage bug β hereβs what to do!
March 21
st
2023 at 17:58Β
Google Pixel phones had a serious data leakage bug β hereβs what to do!
By
Paul Ducklin
What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?
Related tags
β
Android
Data
loss
Google
aCropalypse
CVE-2023-20136
image
leak
Pixel
March 21
st
2023 at 17:58
Naked Security
SHEIN shopping app goes rogue, grabs price and URL data from your clipboard
March 10
th
2023 at 19:58Β
SHEIN shopping app goes rogue, grabs price and URL data from your clipboard
By
Paul Ducklin
It's not exactly data theft, but it's worryingly close to "unintentional treachery" - apparently because it's great for marketing purposes
Related tags
β
Data
loss
Privacy
data
leakage
Mobile
SHEIN
March 10
th
2023 at 19:58
Naked Security
NPM JavaScript packages abused to create scambait links in bulk
February 22
nd
2023 at 20:59Β
NPM JavaScript packages abused to create scambait links in bulk
By
Paul Ducklin
Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?!
Related tags
β
Data
loss
Spam
clickbait
npm
rogue
packages
scamming
February 22
nd
2023 at 20:59
Naked Security
OpenSSL fixes High Severity data-stealing bug β patch now!
February 8
th
2023 at 02:58Β
OpenSSL fixes High Severity data-stealing bug β patch now!
By
Paul Ducklin
7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...
Related tags
β
Cryptography
Vulnerability
memory
mismanagement
openssl
timing
attack
February 8
th
2023 at 02:58
Naked Security
Password-stealing βvulnerabilityβ reported in KeePass β bug or feature?
February 1
st
2023 at 19:58Β
Password-stealing βvulnerabilityβ reported in KeePass β bug or feature?
By
Paul Ducklin
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Related tags
β
Cryptography
Data
loss
Vulnerability
CVE-2023-24055
data
leakage
KeePass
trigger
February 1
st
2023 at 19:58
Naked Security
Serious Security: The Samba logon bug caused by outdated crypto
January 30
th
2023 at 19:59Β
Serious Security: The Samba logon bug caused by outdated crypto
By
Paul Ducklin
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
Related tags
β
Cryptography
Vulnerability
CIFS
collision
CVE-2022-38023
mac
MD5
message
digest
Samba
SMB
January 30
th
2023 at 19:59
Naked Security
Log4Shell-like code execution hole in popular Backstage dev tool
November 15
th
2022 at 17:49Β
Log4Shell-like code execution hole in popular Backstage dev tool
By
Paul Ducklin
Good old "string templating", also known as "string interpolation", in the spotlight again...
bs-1200
Related tags
β
Vulnerability
Backstage
CVE-2022-36067
November 15
th
2022 at 17:49
Naked Security
Public URL scanning tools β when security leads to insecurity
November 7
th
2022 at 19:59Β
Public URL scanning tools β when security leads to insecurity
By
Paul Ducklin
Never make your users cry/By how you use an API
Related tags
β
Privacy
API
BrΔunlein
data
leakage
urlscan
November 7
th
2022 at 19:59
Naked Security
Move over Patch Tuesday β itβs Ada Lovelace Day!
October 11
th
2022 at 15:22Β
Move over Patch Tuesday β itβs Ada Lovelace Day!
By
Paul Ducklin
Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine.
Related tags
β
Machine
Learning
ada
Ada
Lovelace
Day
Alan
Turing
babbage
computer
science
Lady
Lovelace
October 11
th
2022 at 15:22
Naked Security
LastPass source code breach β incident response report released
September 19
th
2022 at 18:59Β
LastPass source code breach β incident response report released
By
Paul Ducklin
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
Related tags
β
Data
loss
data
breach
incident
response
LastPass
password
password
manager
zero
trust
September 19
th
2022 at 18:59
Naked Security
LastPass source code breach β do we still recommend password managers?
August 29
th
2022 at 16:59Β
LastPass source code breach β do we still recommend password managers?
By
Paul Ducklin
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Related tags
β
Data
loss
breach
LastPass
password
manager
August 29
th
2022 at 16:59
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
August 24
th
2022 at 18:59Β
Breaching airgap security: using your phoneβs gyroscope as a microphone
By
Paul Ducklin
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
Related tags
β
Data
loss
Vulnerability
airgap
Ben
Gurion
Ben-Gurion
University
data
leakage
GAIROSCOPE
August 24
th
2022 at 18:59
Naked Security
Phishing goes KISS: Donβt let plain and simple messages catch you out!
April 25
th
2022 at 16:58Β
Phishing goes KISS: Donβt let plain and simple messages catch you out!
By
Paul Ducklin
Sometimes we receive phishing tricks that we grudgingly have to admit are better than average, just because they're uncomplicated.
Related tags
β
Phishing
password
password
manager
phishing
Scam
April 25
th
2022 at 16:58
Naked Security
Serious Security: Apple Safari leaks private data via database API β what you need to know
January 18
th
2022 at 19:23Β
Serious Security: Apple Safari leaks private data via database API β what you need to know
By
Paul Ducklin
There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing
Related tags
β
Apple
Data
loss
Privacy
data
leakage
Safari
webkit
January 18
th
2022 at 19:23
Naked Security
The cool retro phone with a REAL DIAL⦠plus plenty of IoT problems
December 23
rd
2021 at 17:58Β
The cool retro phone with a REAL DIAL⦠plus plenty of IoT problems
By
Paul Ducklin
You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.
Related tags
β
IoT
Security
threats
bugs
Buletooth
Chatter
Phone
data
leakage
iot
snooping
December 23
rd
2021 at 17:58
Naked Security
GoDaddy admits to password breach: check your Managed WordPress site!
November 23
rd
2021 at 00:35Β
GoDaddy admits to password breach: check your Managed WordPress site!
By
Paul Ducklin
GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.
Related tags
β
Data
loss
Vulnerability
breach
Breach
Notification
GoDaddy
Managed
WordPress
passwords
SEC
November 23
rd
2021 at 00:35
Naked Security
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
November 18
th
2021 at 22:20Β
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
By
Paul Ducklin
Be aware before you share! That's a good rule for developers and techies, just as much as it is for social media addicts.
Related tags
β
Data
loss
cookies
data
leakage
Firefox
November 18
th
2021 at 22:20
There are no more articles
β
Mark all as read