S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]

By Paul Ducklin — March 24^th 2022 at 13:49

Latest episode - listen now!

Naked Security

CISA warning: “Russian actors bypassed 2FA” – what happened and how to avoid it

By Paul Ducklin — March 16^th 2022 at 01:22

Don't leave old accounts lying around where someone sketchy could reactivate them.

Naked Security

Alleged Kaseya ransomware attacker arrives in Texas for trial

By Naked Security writer — March 11^th 2022 at 14:59

The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...

Naked Security

Ransomware with a difference: “Derestrict your software, or else!”

By Paul Ducklin — March 2^nd 2022 at 16:33

"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.

Naked Security

Irony alert! PHP fixes security flaw in input validation code

By Paul Ducklin — February 18^th 2022 at 17:59

What's wrong with this sequence? 1. Step into the road 2. Check if it's safe 3. Keep on walki...

Naked Security

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

By Paul Ducklin — February 17^th 2022 at 17:12

Latest episode - listen and learn!

Naked Security

S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]

By Paul Ducklin — February 10^th 2022 at 01:15

Latest episode - listen now!

Naked Security

Self-styled “Crocodile of Wall Street” arrested with husband over Bitcoin megaheist

By Naked Security writer — February 9^th 2022 at 14:44

The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion!

Naked Security

At last! Office macros from the internet to be blocked by default

By Paul Ducklin — February 8^th 2022 at 16:34

It's been a long time coming, and we're not there yet, but at least Microsoft Office will be a bit safer against macro malware...

Naked Security

Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!

By Paul Ducklin — January 28^th 2022 at 23:58

Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...

Naked Security

Alleged carder gang mastermind and three acolytes under arrest in Russia

By Naked Security writer — January 24^th 2022 at 14:14

The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames.

Naked Security

REvil ransomware crew allegedly busted in Russia, says FSB

By Naked Security writer — January 14^th 2022 at 19:48

The Russian Federal Security Bureau has just published a report about the investigation and arrest of the infamous "REvil" ransomware crew.

Naked Security

Home routers with NetUSB support could have critical kernel hole

By Paul Ducklin — January 11^th 2022 at 17:42

Got a router that supports USB access across the network? You might need a kernel update...

Naked Security

SFW! The Top N Cybersecurity Stories of 2021 (for small positive integer values of N)

By Paul Ducklin — December 24^th 2021 at 17:44

Happy Holidays! Our Top N stories, all totally SFW!

Naked Security

Kaseya ransomware suspect nabbed in Poland, $6m seized from absent colleague

By Naked Security writer — November 8^th 2021 at 22:37

Suspects nabbed, millions seized, in ransomware busts across the globe.