Microsoft Won't Say If It Will Patch Critical Windows Vuln Under Exploit

Follina Exploited By State-Sponsored Hackers

SSNDOB Market domains seized, identity theft “brokerage” shut down

The online identity "brokerage" SSNDOB Market didn't want people to be in any doubt what it was selling.

NSA, FBI Warning: Hackers Are Using These Flaws To Target VPNs And Network Devices

Maiar Exchange Taken Offline After Hacker Steals $113m

Osmosis Blockchain Taken Offline After Hacker Steals $5m

New Tesla Hack Gives Thieves Their Own Personal Key

Symantec: More Malware Operators Moving In To Exploit Follina

Apple M1 Chip Contains Hardware Vulnerability That Bypasses Memory Defense

Murder suspect admits she tracked cheating partner with hidden AirTag

O! What a tangled web we weave, when first we practise to deceive.

Interpol busts 2000 suspects in phone scamming takedown

Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...

How Refactoring Code In Safari's WebKit Resurrected Zombie Security Bug

Hartzbleed: A New Side-Channel Attack

Office 365 Config Loophole Opens OneDrive, SharePoint Data To Ransomware Attack

1.5 Million Customers Impacted By Flagstar Bank Data Breach

Capital One identity theft hacker finally gets convicted

It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!

Mega Says It Can't Decrypt Your Files. New POC Exploit Shows Different

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

Latest epsiode - listen (or read) now!

NSA, CISA Say: Don't Block PowerShell, Here's What To Do Instead

Fancy Bear Uses Nuke Threat Lure To Exploit 1-Click Bug

CISA Warns Over Software Flaws In Industrial Control Systems

FTC warns of LGBTQ+ extortion scams – be aware before you share!

It's a simple jingle and it's solid advice: "If in doubt, don't give it out!"

Mitel VoIP Bug Exploited In Ransomware Attacks

Patchable And Preventable Security Issues Lead Causes Of Q1 Attacks

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!

Leaky Access Tokens Exposed Amazon Photos Of Users

Jenkins Warns Of Security Holes In These 25 Plugins

“Missing Cryptoqueen” hits the FBI’s Ten Most Wanted list

The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

Bust in Canada, now bust in the USA as well.

What To Do About Inherent Security Flaws In Critical Infrastructure?

Google: Half Of Zero-Day Exploits Linked To Poor Software Fixes

Hack Allows Drone Takeover Via ExpressLRS Protocol

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

Listen now! Or read if you prefer...

Hackers Say They Can Unlock And Start Honda Cars Remotely

Microsoft Pauses Once Touted Macro Security Change

Paying ransomware crooks won’t reduce your legal risk, warns regulator

"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?

Amazon Squashes Years-Old Authentication Bugs In AWS Kubernetes Service

Microsoft's July Patch Tuesday Fixes Actively Exploited Bug

X.org Servers Update Closes 2 Security Holes

New Spectre-Type Retbleed Vulnerability Drops. Will Attackers Use It?

S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]

Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

Windows Network File System Flaw Results In Arbitrary Code Execution As SYSTEM

Microsoft's Latest Security Patch Troubles Windows 11 Users

Servers Running Digium Phones VoIP Software Are Getting Backdoored

Industrial Control System Password Cracker May Be Bad, Actually

Last member of Gozi malware troika arrives in US for criminal trial

His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...

Critical Flaws In GPS Tracker Enable Life Threatening Hacks

Atlassian Reveals Critical Flaws In Almost Everything It Makes And Touches

Microsoft Again Reverses Course, Will Block Macros By Default

Hardcoded Password In Confluence Has Been Leaked On Twitter

T-Mobile to cough up $500 million over 2021 data breach

Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.

Time Between Vulnerability Disclosures To Exploits Is Shrinking

Inside The Energy Department's 10-Year Plan To Reshape Cybersecurity In The Sector

FileWave Fixes Bugs That Left 1,000+ Orgs Open To Ransomware

S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

Latest episode - listen now!

Threat Actors Pivot Around Microsoft's Macro-Blocking In Office

Post-Quantum Encryption Contender Is Taken Out By Single-Core PC And 1 Hour

GitHub blighted by “researcher” who created thousands of malicious projects

If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.

VMWare Urges Users To Patch Critical Authentication Bypass Bug

Huge Flaw Threatens US Emergency Alert System, DHS Researcher Warns