Login
FreshRSS
Login
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
β May 24
th
2022 at 23:04
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Naked Security
Clearview AI face-matching service fined a lot less than expected
By
Paul Ducklin
β May 23
rd
2022 at 13:01
The fine has finally gone through... but it's less than 45% of what was originally proposed.
eleceye-1200
Naked Security
RubyGems supply chain rip-and-replace bug fixed β check your logs!
By
Paul Ducklin
β May 9
th
2022 at 15:41
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank".
ruby-1200
Naked Security
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
β April 29
th
2022 at 16:15
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
By
Paul Ducklin
β April 19
th
2022 at 16:00
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
Naked Security
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
By
Paul Ducklin
β March 3
rd
2022 at 14:04
Latest episode - listen now (or read it, if that's your preference)...
Naked Security
Apple AirTag anti-stalking protection bypassed by researchers
By
Paul Ducklin
β February 23
rd
2022 at 17:59
Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
By
Paul Ducklin
β February 4
th
2022 at 17:38
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
By
Paul Ducklin
β January 13
th
2022 at 15:26
Latest episode -listen to it or read it now!
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
By
Paul Ducklin
β January 11
th
2022 at 00:54
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By
Paul Ducklin
β December 16
th
2021 at 17:41
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
By
Paul Ducklin
β December 2
nd
2021 at 20:50
Latest episode - listen now!
Naked Security
Clearview AI face-matching service set to be fined over $20m
By
Paul Ducklin
β November 30
th
2021 at 19:13
Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.
Naked Security
Samba update patches plaintext password plundering problem
By
Paul Ducklin
β November 12
th
2021 at 19:59
When Microsoft itself says STOP USING X, where X is one of its own protocols... we think you should listen.
Naked Security
Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
By
Paul Ducklin
β November 9
th
2021 at 19:31
The crooks have shown that they're willing to learn and adapt their attacks, so we need to make sure we learn and adapt, too.
Naked Security
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
By
Paul Ducklin
β October 25
th
2021 at 16:38
Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.
There are no more articles
β
Mark all as read