There are new available articles, click to refresh the page.

Before yesterdayNaked Security

Naked Security
Ghostscript bug could allow rogue documents to run system commands
July 4^th 2023 at 17:57

Ghostscript bug could allow rogue documents to run system commands

By Paul Ducklin

Even if you've never heard of the venerable Ghostscript project, you may have it installed without knowing.

Related tags
July 4^th 2023 at 17:57

Naked Security
MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”
June 15^th 2023 at 22:10

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

By Paul Ducklin

Twice more unto the breach... third patch tested and released, shut down web access until you've applied it

mi-1200

Related tags
June 15^th 2023 at 22:10

Naked Security
Credit card skimming – the long and winding road of supply chain failure
December 8^th 2022 at 19:58

Credit card skimming – the long and winding road of supply chain failure

By Paul Ducklin

Don't keep calling home to a JavaScript server that closed its doors eight years ago!

Related tags
December 8^th 2022 at 19:58

Naked Security
OpenSSL issues a bugfix for the previous bugfix
June 24^th 2022 at 15:32

OpenSSL issues a bugfix for the previous bugfix

By Paul Ducklin

Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.

Related tags
June 24^th 2022 at 15:32