Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
Momβs Meals issues βNotice of Data Eventβ: What to know and what to do
August 29
th
2023 at 16:51Β
Momβs Meals issues βNotice of Data Eventβ: What to know and what to do
By
Paul Ducklin
It took six months for notifications to start, and we still don't know exactly what went down... but here's our advice on what to do.
Related tags
β
Data
loss
Ransomware
data
breach
MDR
Mom's
Meals
PurFoods
ransomre
ransomware
August 29
th
2023 at 16:51
Naked Security
SEC demands four-day disclosure limit for cybersecurity breaches
July 31
st
2023 at 18:57Β
SEC demands four-day disclosure limit for cybersecurity breaches
By
Paul Ducklin
When is a ransomware attack a reportable matter? And how long have you got to decide?
Related tags
β
Data
loss
Opinion
data
breach
ransomware
regulation
SEC
July 31
st
2023 at 18:57
Naked Security
S3 Ep131: Can you really have fun with FORTRAN?
April 20
th
2023 at 17:55Β
S3 Ep131: Can you really have fun with FORTRAN?
By
Paul Ducklin
Loop-the-loop in this week's episode. Entertaining, educational and all in plain English. Transcript inside.
Related tags
β
Apple
Google
Law
&
order
Podcast
2FA
data
breach
juicejacking
Naked
Security
Podcast
rogue
apps
April 20
th
2023 at 17:55
Naked Security
Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security
April 18
th
2023 at 16:56Β
Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security
By
Paul Ducklin
Did the sentence fit the crime? Read the backstory, and then have your say in our comments! (You may post anonymously.)
Related tags
β
Data
loss
Law
&
order
bust
data
breach
extortion
Finland
GDPR
April 18
th
2023 at 16:56
Naked Security
Attention gamers! Motherboard maker MSI admits to breach, issues βrogue firmwareβ alert
April 11
th
2023 at 18:58Β
Attention gamers! Motherboard maker MSI admits to breach, issues βrogue firmwareβ alert
By
Paul Ducklin
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.
Related tags
β
Malware
Ransomware
blackmail
data
breach
extortion
MSI
private
key
ransomware
supply
chain
April 11
th
2023 at 18:58
Naked Security
Bitcoin ATM customers hacked by video upload that was actually an app
March 20
th
2023 at 19:50Β
Bitcoin ATM customers hacked by video upload that was actually an app
By
Paul Ducklin
As the misquote goes, "Once is misfortune..." This is the second time, and you know what Lady Bracknell had to say about that...
Related tags
β
Cryptocurrency
Data
loss
Privacy
atm
breach
cryptocurrency
Cybercrime
General
Bytes
March 20
th
2023 at 19:50
Naked Security
LastPass: Keylogger on home PC led to cracked corporate password vault
February 28
th
2023 at 02:23Β
LastPass: Keylogger on home PC led to cracked corporate password vault
By
Paul Ducklin
Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn't say which one!) on a developer's home computer.
Related tags
β
Data
loss
breach
keylogger
LastPass
malware
February 28
th
2023 at 02:23
Naked Security
Dutch police arrest three cyberextortion suspects who allegedly earned millions
February 27
th
2023 at 19:33Β
Dutch police arrest three cyberextortion suspects who allegedly earned millions
By
Naked Security writer
Ever paid hush money to crooks who broke into your network? Wondered how much you can trust them?
Related tags
β
Cryptocurrency
Law
&
order
Ransomware
bust
data
breach
ransomware
February 27
th
2023 at 19:33
Naked Security
Coinbase breached by social engineers, employee data stolen
February 21
st
2023 at 17:58Β
Coinbase breached by social engineers, employee data stolen
By
Paul Ducklin
Another day, another "sophisticated" attack. This time, the company has handily included some useful advice along with its mea culpa...
Related tags
β
Cryptocurrency
Data
loss
breach
Coinbase
crypto
MDR
Social
Engineering
XDR
February 21
st
2023 at 17:58
Naked Security
GoDaddy admits: Crooks hit us with malware, poisoned customer websites
February 20
th
2023 at 01:36Β
GoDaddy admits: Crooks hit us with malware, poisoned customer websites
By
Paul Ducklin
New report admits that attackers were detected in the network about three months ago, and may have been attacking for about three years.
Related tags
β
Data
loss
Malware
breach
GoDaddy
malware
February 20
th
2023 at 01:36
Naked Security
Reddit admits it was hacked and data stolen, says βDonβt panicβ
February 10
th
2023 at 19:59Β
Reddit admits it was hacked and data stolen, says βDonβt panicβ
By
Paul Ducklin
Reddit is suggesting three tips as a follow-up to this breach. We agree with two of them but not with the third...
Related tags
β
Data
loss
breach
reddit
February 10
th
2023 at 19:59
Naked Security
Finnish psychotherapy extortion suspect arrested in France
February 6
th
2023 at 19:13Β
Finnish psychotherapy extortion suspect arrested in France
By
Naked Security writer
Company transcribed ultra-personal conversations, didn't secure them. Criminal stole them, then extorted thousands of vulnerable patients.
Related tags
β
Data
loss
Law
&
order
data
breach
extortion
Vastaamo
February 6
th
2023 at 19:13
Naked Security
GitHub code-signing certificates stolen (but will be revoked this week)
January 31
st
2023 at 11:35Β
GitHub code-signing certificates stolen (but will be revoked this week)
By
Paul Ducklin
There was a breach, so the bad news isn't great, but the good news isn't too bad...
Related tags
β
Data
loss
Microsoft
Vulnerability
certificate
breach
Code
signing
compromise
github
January 31
st
2023 at 11:35
Naked Security
Dutch suspect locked up for alleged personal data megathefts
January 26
th
2023 at 22:02Β
Dutch suspect locked up for alleged personal data megathefts
By
Paul Ducklin
Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.
Related tags
β
Law
&
order
Austria
breach
data
theft
Money
Laundering
Netherlands
January 26
th
2023 at 22:02
Naked Security
GoTo admits: Customer cloud backups stolen together with decryption key
January 25
th
2023 at 01:37Β
GoTo admits: Customer cloud backups stolen together with decryption key
By
Paul Ducklin
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Related tags
β
Cryptography
Data
loss
breach
cloud
GoTo
hash
LastPass
January 25
th
2023 at 01:37
Naked Security
T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ
January 20
th
2023 at 17:59Β
T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ
By
Paul Ducklin
Once more, it's time for Shakespeare's words: Once more unto the breach...
Related tags
β
Data
loss
Privacy
8-K
breach
phishing
SEC
T-Mobile
January 20
th
2023 at 17:59
Naked Security
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
January 19
th
2023 at 15:53Β
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
By
Paul Ducklin
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...
Related tags
β
Cryptocurrency
Podcast
bust
cracking
Cybercrime
data
breach
hacking
JWT
Naked
Security
Podcast
January 19
th
2023 at 15:53
Naked Security
CircleCI β code-building service suffers total credential compromise
January 9
th
2023 at 14:52Β
CircleCI β code-building service suffers total credential compromise
By
Paul Ducklin
They're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help you find them all.
Related tags
β
Data
loss
Vulnerability
breach
CircleCI
January 9
th
2023 at 14:52
Naked Security
Twitter data of β+400 million unique usersβ up for sale β what to do?
December 28
th
2022 at 19:59Β
Twitter data of β+400 million unique usersβ up for sale β what to do?
By
Paul Ducklin
If the crooks have connected up your phone number and your Twitter handle... what could go wrong?
Related tags
β
Data
loss
breach
extortion
Twitter
December 28
th
2022 at 19:59
Naked Security
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
December 23
rd
2022 at 19:58Β
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
By
Paul Ducklin
The crooks now know who you are, where you live, which computers are yours, where you go online... and they got those password vaults, too.
Related tags
β
Data
loss
Privacy
breach
LastPass
December 23
rd
2022 at 19:58
Naked Security
LastPass admits to customer data breach caused by previous breach
December 2
nd
2022 at 01:10Β
LastPass admits to customer data breach caused by previous breach
By
Paul Ducklin
Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.
Related tags
β
Data
loss
Privacy
data
breach
LastPass
December 2
nd
2022 at 01:10
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
November 3
rd
2022 at 17:51Β
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
By
Paul Ducklin
Listen now - latest episode - audio plus full transcript
Related tags
β
Apple
Data
loss
Google
Law
&
order
Malware
Podcast
Privacy
Vulnerability
bust
Cybercrime
cyberextortion
data
breach
heartbleed
Naked
Security
Podcast
openssl
Patches
November 3
rd
2022 at 17:51
Naked Security
Online ticketing company βSeeβ pwned for 2.5 years by attackers
October 26
th
2022 at 19:58Β
Online ticketing company βSeeβ pwned for 2.5 years by attackers
By
Paul Ducklin
Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.
Related tags
β
Data
loss
data
breach
See
Tickets
Web
Malware
October 26
th
2022 at 19:58
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
October 20
th
2022 at 18:54Β
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By
Paul Ducklin
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
Related tags
β
Cryptography
Data
loss
Microsoft
Podcast
Privacy
data
breach
Naked
Security
Podcast
Office
Patch
Tuesday
zoom
October 20
th
2022 at 18:54
Naked Security
Fashion brand SHEIN fined $1.9m for lying about data breach
October 17
th
2022 at 18:50Β
Fashion brand SHEIN fined $1.9m for lying about data breach
By
Naked Security writer
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Related tags
β
Data
loss
GDPR
compliance
cover-up
data
breach
New
York
ROMWE
SHEIN
Zoetop
October 17
th
2022 at 18:50
Naked Security
S3 Ep102: How to avoid a data breach [Audio + Transcript]
September 29
th
2022 at 18:45Β
S3 Ep102: How to avoid a data breach [Audio + Transcript]
By
Paul Ducklin
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
Related tags
β
Podcast
data
breach
GTA6
Naked
Security
Podcast
Uber
WhatsApp
forwarding
September 29
th
2022 at 18:45
Naked Security
Optus breach β Aussie telco told it will have to pay to replace IDs
September 28
th
2022 at 13:55Β
Optus breach β Aussie telco told it will have to pay to replace IDs
By
Paul Ducklin
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
Related tags
β
Data
loss
Privacy
data
breach
Optus
September 28
th
2022 at 13:55
Naked Security
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
September 22
nd
2022 at 18:42Β
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
By
Paul Ducklin
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
Related tags
β
Data
loss
Podcast
2FA
data
breach
LastPass
MFA
Naked
Security
Podcast
Uber
September 22
nd
2022 at 18:42
Naked Security
LastPass source code breach β incident response report released
September 19
th
2022 at 18:59Β
LastPass source code breach β incident response report released
By
Paul Ducklin
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
Related tags
β
Data
loss
data
breach
incident
response
LastPass
password
password
manager
zero
trust
September 19
th
2022 at 18:59
Naked Security
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
September 16
th
2022 at 18:43Β
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
By
Paul Ducklin
Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?"
Related tags
β
Data
loss
Privacy
data
breach
hacking
Uber
September 16
th
2022 at 18:43
Naked Security
LastPass source code breach β do we still recommend password managers?
August 29
th
2022 at 16:59Β
LastPass source code breach β do we still recommend password managers?
By
Paul Ducklin
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Related tags
β
Data
loss
breach
LastPass
password
manager
August 29
th
2022 at 16:59
Naked Security
T-Mobile to cough up $500 million over 2021 data breach
July 25
th
2022 at 16:20Β
T-Mobile to cough up $500 million over 2021 data breach
By
Paul Ducklin
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.
Related tags
β
Data
loss
Law
&
order
Privacy
data
breach
T-Mobile
July 25
th
2022 at 16:20
Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
June 23
rd
2022 at 11:08Β
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
By
Paul Ducklin
Latest epsiode - listen (or read) now!
Related tags
β
Amazon
Cryptocurrency
Data
loss
Law
&
order
Malware
Podcast
Privacy
bust
data
breach
hacking
Interpol
Naked
Security
Podcast
phone
scams
scammers
June 23
rd
2022 at 11:08
Naked Security
Capital One identity theft hacker finally gets convicted
June 21
st
2022 at 15:24Β
Capital One identity theft hacker finally gets convicted
By
Paul Ducklin
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
Related tags
β
Data
loss
Law
&
order
Malware
capital
one
cryptojacking
data
breach
doj
SSN
June 21
st
2022 at 15:24
Naked Security
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
April 7
th
2022 at 12:24Β
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
By
Paul Ducklin
Latest episode - listen now! Cybersecurity news and advice in plain English.
Related tags
β
Android
Apple
Firefox
Google
iOS
Law
&
order
Mozilla
OS
X
Podcast
Privacy
Vulnerability
Cybercrime
data
breach
lapsus
Naked
Security
Podcast
Patches
vulnerability
April 7
th
2022 at 12:24
Naked Security
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
March 24
th
2022 at 13:49Β
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
By
Paul Ducklin
Latest episode - listen now!
Related tags
β
Cryptography
Data
loss
Malware
Podcast
Vulnerability
CafePress
data
breach
ftc
lapsus
Naked
Security
Podcast
March 24
th
2022 at 13:49
Naked Security
Adafruit suffers GitHub data breach β donβt let this happen to you
March 7
th
2022 at 12:47Β
Adafruit suffers GitHub data breach β donβt let this happen to you
By
Paul Ducklin
Training data stashed in GitHub by mistake... unfortunately, it was *real* data
Related tags
β
Data
loss
adafruit
data
breach
ex-employee
github
March 7
th
2022 at 12:47
Naked Security
Ransomware with a difference: βDerestrict your software, or else!β
March 2
nd
2022 at 16:33Β
Ransomware with a difference: βDerestrict your software, or else!β
By
Paul Ducklin
"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.
Related tags
β
Security
threats
data
breach
extortion
hacking
lapsus
NVIDIA
ransomware
March 2
nd
2022 at 16:33
Naked Security
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
November 25
th
2021 at 12:38Β
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
By
Paul Ducklin
Latest episode - listen now! Solid cybersecurity advice in plain English.
Related tags
β
Podcast
cookies
data
breach
exchange
Exploit
GoDaddy
Naked
Security
Podcast
passwords
vulnerability
November 25
th
2021 at 12:38
Naked Security
GoDaddy admits to password breach: check your Managed WordPress site!
November 23
rd
2021 at 00:35Β
GoDaddy admits to password breach: check your Managed WordPress site!
By
Paul Ducklin
GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.
Related tags
β
Data
loss
Vulnerability
breach
Breach
Notification
GoDaddy
Managed
WordPress
passwords
SEC
November 23
rd
2021 at 00:35
There are no more articles
β
Mark all as read