S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]

By Paul Ducklin — February 10^th 2022 at 01:15

Latest episode - listen now!

Naked Security

At last! Office macros from the internet to be blocked by default

By Paul Ducklin — February 8^th 2022 at 16:34

It's been a long time coming, and we're not there yet, but at least Microsoft Office will be a bit safer against macro malware...

Naked Security

S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]

By Paul Ducklin — February 3^rd 2022 at 16:20

Latest episode - listen now!

Naked Security

Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!

By Paul Ducklin — January 28^th 2022 at 23:58

Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...

Naked Security

Happy Data Privacy Day – and we really do mean “happy” :-)

By Paul Ducklin — January 28^th 2022 at 15:34

We give you some simple digital lifesytle tips that cost nothing.

Naked Security

S3 Ep67: Tax scams, carder busts and crypto capers [Podcast + Transcript]

By Paul Ducklin — January 27^th 2022 at 19:57

Latest episode - listen now!

Naked Security

Tax scam emails are alive and well as US tax season starts

By Paul Ducklin — January 25^th 2022 at 17:19

If in doubt, don't give it out! (And don't forget that no reply is often a good reply.)

Naked Security

S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]

By Paul Ducklin — January 20^th 2022 at 17:28

Latest epsiode - listen now!

Naked Security

Serious Security: Linux full-disk encryption bug fixed – patch now!

By Paul Ducklin — January 14^th 2022 at 21:58

Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.

Naked Security

S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]

By Paul Ducklin — January 13^th 2022 at 15:26

Latest episode -listen to it or read it now!

Naked Security

S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]

By Paul Ducklin — January 6^th 2022 at 19:44

We're back for 2022 - listen now!

Naked Security

SFW! The Top N Cybersecurity Stories of 2021 (for small positive integer values of N)

By Paul Ducklin — December 24^th 2021 at 17:44

Happy Holidays! Our Top N stories, all totally SFW!

Naked Security

The cool retro phone with a REAL DIAL… plus plenty of IoT problems

By Paul Ducklin — December 23^rd 2021 at 17:58

You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.

Naked Security

Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!

By Paul Ducklin — December 21^st 2021 at 19:57

The Apache web server just got an update - this one is nothing to do with Log4j!

Naked Security

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]

By Paul Ducklin — December 16^th 2021 at 17:41

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

Naked Security

S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]

By Paul Ducklin — December 9^th 2021 at 17:40

Listen now or read as an article! (Full transcript inside.)

Naked Security

S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]

By Paul Ducklin — December 2^nd 2021 at 20:50

Latest episode - listen now!

Naked Security

Cloud Security: Don’t wait until your next bill to find out about an attack!

By Paul Ducklin — November 26^th 2021 at 19:58

Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.

Naked Security

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

By Paul Ducklin — November 25^th 2021 at 12:38

Latest episode - listen now! Solid cybersecurity advice in plain English.

Naked Security

US government securities watchdog spoofed by investment scammers – don’t fall for it!

By Paul Ducklin — November 24^th 2021 at 19:57

Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.

Naked Security

GoDaddy admits to password breach: check your Managed WordPress site!

By Paul Ducklin — November 23^rd 2021 at 00:35

GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.

Naked Security

Black Friday and Cyber Monday – here’s what you REALLY need to do!

By Paul Ducklin — November 22^nd 2021 at 19:52

The world fills up with cybersecurity tips every year when Black Friday comes round. But what about the rest of the year?

Naked Security

S3 Ep59: Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase [Podcast]

By Paul Ducklin — November 18^th 2021 at 15:00

Latest episode - listen now!

Naked Security

S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust [Podcast]

By Paul Ducklin — November 11^th 2021 at 17:41

Latest epsiode - listen now!

Naked Security

Patch Tuesday updates the Win 7 updater… for at most 1 more year of updates

By Paul Ducklin — November 10^th 2021 at 19:45

The clock stopped long ago on Windows 7, except for those who paid for overtime. But there won't be any double overtime!

Naked Security

Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!

By Paul Ducklin — November 9^th 2021 at 19:31

The crooks have shown that they're willing to learn and adapt their attacks, so we need to make sure we learn and adapt, too.

Naked Security

S3 Ep57: Europol v. Ransomware, Shrootless bug, and Linux browser flamewars [Podcast]

By Paul Ducklin — November 4^th 2021 at 17:46

Latest episode - listen now!

Naked Security

Europol announces “targeting” of 12 suspects in ransomware attacks

By Naked Security writer — October 29^th 2021 at 23:22

More anti-ransomware activity by law enforcement, this time in Switzerland and Ukraine.

Naked Security

S3 Ep56: Cryptotrading rodent, ransomware hackback, and a Docusign phish [Podcast]

By Paul Ducklin — October 28^th 2021 at 18:45

Latest episode - listen now! Serious security explained with personality in plain English.

ns-1200-logo-podcast-with-mic-and-rodent-emoji

Naked Security

Listen up 2 – CYBERSECURITY FIRST! How to protect yourself from supply chain attacks

By Paul Ducklin — October 25^th 2021 at 16:38

Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.

Naked Security

Listen up 3 – CYBERSECURITY FIRST! Cyberinsurance, help or hindrance?

By Paul Ducklin — October 25^th 2021 at 16:37

Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, takes on the controversial topic of cyberinsurance.

Naked Security

Listen up 4 – CYBERSECURITY FIRST! Purple teaming – learning to think like your adversaries

By Paul Ducklin — October 25^th 2021 at 16:36

Michelle Farenci knows her stuff, because she's a cybersecurity practitioner inside a cybersecurity company! Learn why thinking like an attacker makes you a better defender.