Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
Naked Security
Naked Security
S3 Ep136: Navigating a manic malware maelstrom
May 25
th
2023 at 16:50Β
S3 Ep136: Navigating a manic malware maelstrom
By
Paul Ducklin
Latest episode - listen now. Full transcript inside...
Related tags
β
Denial
of
Service
Law
&
order
Malware
Podcast
bust
Cybercrime
hacking
Naked
Security
Podcast
PyPI
supply
chain
Uncategorized
May 25
th
2023 at 16:50
Naked Security
PyPI open-source code repository deals with manic malware maelstrom
May 23
rd
2023 at 18:45Β
PyPI open-source code repository deals with manic malware maelstrom
By
Paul Ducklin
Controlled outage used to keep malware marauders from gumming up the works. Learn what you can do to help in future...
Related tags
β
Malware
malware
PyPI
python
supply
chain
May 23
rd
2023 at 18:45
Naked Security
PHP Packagist supply chain poisoned by hacker βlooking for a jobβ
May 5
th
2023 at 16:59Β
PHP Packagist supply chain poisoned by hacker βlooking for a jobβ
By
Paul Ducklin
I pwned you! Gizza job! You know it makes sense!
Related tags
β
Vulnerability
Packagist
PHP
supply
chain
May 5
th
2023 at 16:59
Naked Security
Attention gamers! Motherboard maker MSI admits to breach, issues βrogue firmwareβ alert
April 11
th
2023 at 18:58Β
Attention gamers! Motherboard maker MSI admits to breach, issues βrogue firmwareβ alert
By
Paul Ducklin
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.
Related tags
β
Malware
Ransomware
blackmail
data
breach
extortion
MSI
private
key
ransomware
supply
chain
April 11
th
2023 at 18:58
Naked Security
S3 Ep129: When spyware arrives from someone you trust
April 6
th
2023 at 14:57Β
S3 Ep129: When spyware arrives from someone you trust
By
Paul Ducklin
Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days... listen now!
Related tags
β
Data
loss
Malware
Podcast
Privacy
3CX
Naked
Security
Podcast
supply
chain
Wi-fi
world
backup
day
April 6
th
2023 at 14:57
Naked Security
Supply chain blunder puts 3CX telephone app users at risk
March 30
th
2023 at 20:36Β
Supply chain blunder puts 3CX telephone app users at risk
By
Paul Ducklin
Booby-trapped app, apparently signed and shipped by 3CX itself after its source code repository was broken into.
Related tags
β
Malware
3CX
Electron
git
malware
suuply
chain
March 30
th
2023 at 20:36
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
December 15
th
2022 at 17:10Β
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By
Paul Ducklin
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Related tags
β
Apple
Data
loss
Malware
Microsoft
Podcast
Privacy
Vulnerability
day
Ben-Gurion
University
ios
Naked
Security
Podcast
skimming
supply
chain
vulnerability
Zero
Day
December 15
th
2022 at 17:10
Naked Security
TikTok βInvisible Challengeβ porn malware puts us all at risk
November 29
th
2022 at 19:58Β
TikTok βInvisible Challengeβ porn malware puts us all at risk
By
Paul Ducklin
An injury to one is an injury to all. Especially if the other people are part of your social network.
Related tags
β
Malware
Privacy
Social
networks
github
malware
supply
chain
Tik
Tok
TikTok
November 29
th
2022 at 19:58
Naked Security
GitHub blighted by βresearcherβ who created thousands of malicious projects
August 3
rd
2022 at 23:06Β
GitHub blighted by βresearcherβ who created thousands of malicious projects
By
Paul Ducklin
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
Related tags
β
Law
&
order
github
malware
supply
chain
August 3
rd
2022 at 23:06
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
May 24
th
2022 at 23:04Β
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Related tags
β
Malware
Vulnerability
exfiltration
PHP
python
secops
supply
chain
XDR
May 24
th
2022 at 23:04
Naked Security
RubyGems supply chain rip-and-replace bug fixed β check your logs!
May 9
th
2022 at 15:41Β
RubyGems supply chain rip-and-replace bug fixed β check your logs!
By
Paul Ducklin
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank".
ruby-1200
Related tags
β
Vulnerability
CVE-2022-29176
ruby
RubyGems
suppy
chain
vulnerability
May 9
th
2022 at 15:41
Naked Security
GitHub issues final report on supply-chain source code intrusions
April 29
th
2022 at 16:15Β
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Related tags
β
Data
loss
Microsoft
github
oauth
supply
chain
zero
trust
April 29
th
2022 at 16:15
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
April 19
th
2022 at 16:00Β
Beanstalk cryptocurrency heist: scammer votes himself all the money
By
Paul Ducklin
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
Related tags
β
Cryptocurrency
Vulnerability
Blockchain
cryptocoin
cryptocurrency
vulnerability
April 19
th
2022 at 16:00
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
February 4
th
2022 at 17:38Β
Wormhole cryptotrading company turns over $340,000,000 to criminals
By
Paul Ducklin
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
Related tags
β
Cryptocurrency
Blockchain
Jump
Crypto
smart
contract
Wormhole
February 4
th
2022 at 17:38
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
January 13
th
2022 at 15:26Β
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
By
Paul Ducklin
Latest episode -listen to it or read it now!
Related tags
β
Podcast
Vulnerability
Honda
Naked
Security
Podcast
npm
supply
chain
January 13
th
2022 at 15:26
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
January 11
th
2022 at 00:54Β
JavaScript developer destroys own projects in supply chain βlessonβ
By
Paul Ducklin
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
Related tags
β
colors.js
faker.js
JavaScript
npm
supply
chain
January 11
th
2022 at 00:54
Naked Security
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
October 25
th
2021 at 16:38Β
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
By
Paul Ducklin
Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.
Related tags
β
Malware
Podcast
Ransomware
Security
leadership
BeCyberSmart
Cybermonth
Chester
Wisniewki
Cybermonth
2021
sos-2021
supply
chain
October 25
th
2021 at 16:38
There are no more articles
β
Mark all as read