There are new available articles, click to refresh the page.

Before yesterdayNaked Security

Naked Security
S3 Ep137: 16th century crypto skullduggery
June 1^st 2023 at 16:45

S3 Ep137: 16th century crypto skullduggery

By Paul Ducklin

Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)

s3-ep137-feat-1200

Related tags
June 1^st 2023 at 16:45

Naked Security
Serious Security: Verification is vital – examining an OAUTH login bug
May 30^th 2023 at 16:59

Serious Security: Verification is vital – examining an OAUTH login bug

By Paul Ducklin

What good is a popup asking for your approval if an attacker can bypass it simply by suppressing it?

Related tags
May 30^th 2023 at 16:59

Naked Security
Serious Security: OAuth 2 and why Microsoft is finally forcing you into it
October 10^th 2022 at 18:02

Serious Security: OAuth 2 and why Microsoft is finally forcing you into it

By Paul Ducklin

Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.

Related tags
October 10^th 2022 at 18:02

Naked Security
GitHub issues final report on supply-chain source code intrusions
April 29^th 2022 at 16:15

GitHub issues final report on supply-chain source code intrusions

By Paul Ducklin

Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.

Related tags
- ❌
- Data
- loss
- Microsoft
- github
- oauth
- supply
- chain
- zero
- trust
April 29^th 2022 at 16:15