Login
FreshRSS
Login
Naked Security
How to celebrate SysAdmin Day!
By
Paul Ducklin
β July 29
th
2022 at 15:37
I've just popped in to wish you all/The best SysAdmin Day!
Naked Security
Critical Samba bug could let anyone become Domain Admin β patch now!
By
Paul Ducklin
β July 27
th
2022 at 21:15
It's a serious bug... but there's a fix for it, so you know exactly what to do!
Naked Security
S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]
By
Paul Ducklin
β July 21
st
2022 at 16:25
Latest episode - listen, read or both!
Naked Security
8 months on, US says Log4Shell will be around for βa decade or longerβ
By
Paul Ducklin
β July 18
th
2022 at 16:57
When it comes to cybersecurity, ask not what everyone else can do for you...
Naked Security
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
By
Paul Ducklin
β July 14
th
2022 at 18:47
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.
Naked Security
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
By
Paul Ducklin
β July 7
th
2022 at 18:46
Listen now! Or read if you prefer...
Naked Security
S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
By
Paul Ducklin
β June 30
th
2022 at 12:57
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!
Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
By
Paul Ducklin
β June 23
rd
2022 at 11:08
Latest epsiode - listen (or read) now!
Naked Security
Youβre invited! Join us for a live walkthrough of the βFollinaβ storyβ¦
By
Paul Ducklin
β June 13
th
2022 at 16:28
Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!
Naked Security
S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
By
Paul Ducklin
β June 9
th
2022 at 13:07
Latest episode - listen (or read) now!
Naked Security
Know your enemy! Learn how cybercrime adversaries get inβ¦
By
Paul Ducklin
β June 7
th
2022 at 15:49
Here's how 144 recent attacks actually went down in real life. Don't let this happen to you!
Naked Security
S3 Ep85: Now THATβS what I call a Microsoft Office exploit! [Podcast]
By
Paul Ducklin
β June 2
nd
2022 at 18:37
Latest episode - listen now!
Naked Security
Mysterious βFollinaβ zero-day hole in Office β hereβs what to do!
By
Paul Ducklin
β May 30
th
2022 at 23:01
News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!
Naked Security
S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
By
Paul Ducklin
β May 27
th
2022 at 11:17
Latest episode - listen now!
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
β May 24
th
2022 at 23:04
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Naked Security
S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]
By
Paul Ducklin
β May 19
th
2022 at 13:56
Latest episode - listen now!
Naked Security
Pwn2Own hacking schedule released β Windows and Linux are top targets
By
Paul Ducklin
β May 18
th
2022 at 13:04
What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?
Naked Security
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
By
Paul Ducklin
β May 12
th
2022 at 15:46
Latest episode - lots to learn - plain English - fun with a serious side - listen now!
Naked Security
Serious Security: Learning from curlβs latest bug update
By
Paul Ducklin
β May 12
th
2022 at 15:08
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.
Naked Security
S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]
By
Paul Ducklin
β May 5
th
2022 at 14:16
Latest episode - listen now!
Naked Security
World Password Day β the 1960s just called and gave you your passwords back
By
Paul Ducklin
β May 5
th
2022 at 01:06
Yes, passwords are going away. No, it won't happen tomorrow. So it's still worth knowing the basics of picking proper passwords.
Naked Security
Firefox hits 100*, fixes bugs⦠but no new zero-days this month
By
Paul Ducklin
β May 3
rd
2022 at 16:42
Despite concerns that some websites might break when Chromium and then Firefox reached version 100, the web still seems to be intact.
Naked Security
S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]
By
Paul Ducklin
β April 28
th
2022 at 13:18
Latest episode - listen now!
Naked Security
Ransomware Survey 2022 β like the Curateβs Egg, βgood in partsβ
By
Paul Ducklin
β April 27
th
2022 at 15:22
You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look!
Naked Security
S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]
By
Paul Ducklin
β April 21
st
2022 at 13:41
Do you know your Adam Osborne from your John Osbourne? Your Z80 from your 6502? Latest episode - listen now!
Naked Security
Yet another Chrome zero-day emergency update β patch now!
By
Paul Ducklin
β April 16
th
2022 at 00:33
The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.
Naked Security
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
By
Paul Ducklin
β April 14
th
2022 at 13:39
Latest episode - listen now!
Naked Security
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
By
Paul Ducklin
β April 7
th
2022 at 12:24
Latest episode - listen now! Cybersecurity news and advice in plain English.
Naked Security
S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]
By
Paul Ducklin
β March 31
st
2022 at 13:38
Latest episode - listen now!
Naked Security
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
By
Paul Ducklin
β March 24
th
2022 at 13:49
Latest episode - listen now!
Naked Security
S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]
By
Paul Ducklin
β March 17
th
2022 at 13:32
Latest episode - listen now!
Naked Security
Alleged Kaseya ransomware attacker arrives in Texas for trial
By
Naked Security writer
β March 11
th
2022 at 14:59
The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...
Naked Security
S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]
By
Paul Ducklin
β March 10
th
2022 at 19:37
Latest episode - listen now!
Naked Security
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
By
Paul Ducklin
β March 3
rd
2022 at 14:04
Latest episode - listen now (or read it, if that's your preference)...
Naked Security
Ransomware with a difference: βDerestrict your software, or else!β
By
Paul Ducklin
β March 2
nd
2022 at 16:33
"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.
Naked Security
S3 Ep71: VMware escapes, PHP holes, WP plugin woes, and scary scams [Podcast + Transcript]
By
Paul Ducklin
β February 24
th
2022 at 16:51
Latest episode - listen now!
Naked Security
French speakers blasted by sextortion scams with no text or links
By
Paul Ducklin
β February 21
st
2022 at 17:59
You'd spot this one a mile away... but what about your friends or family?
Naked Security
Irony alert! PHP fixes security flaw in input validation code
By
Paul Ducklin
β February 18
th
2022 at 17:59
What's wrong with this sequence? 1. Step into the road 2. Check if it's safe 3. Keep on walki...
Naked Security
S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]
By
Paul Ducklin
β February 17
th
2022 at 17:12
Latest episode - listen and learn!
Naked Security
S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]
By
Paul Ducklin
β February 10
th
2022 at 01:15
Latest episode - listen now!
Naked Security
At last! Office macros from the internet to be blocked by default
By
Paul Ducklin
β February 8
th
2022 at 16:34
It's been a long time coming, and we're not there yet, but at least Microsoft Office will be a bit safer against macro malware...
Naked Security
S3 Ep68: Bugs, scams, privacy β¦and fonts?! [Podcast + Transcript]
By
Paul Ducklin
β February 3
rd
2022 at 16:20
Latest episode - listen now!
Naked Security
Coronavirus SMS scam offers home PCR testing devices β donβt fall for it!
By
Paul Ducklin
β January 28
th
2022 at 23:58
Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...
Naked Security
Happy Data Privacy Day β and we really do mean βhappyβ :-)
By
Paul Ducklin
β January 28
th
2022 at 15:34
We give you some simple digital lifesytle tips that cost nothing.
Naked Security
S3 Ep67: Tax scams, carder busts and crypto capers [Podcast + Transcript]
By
Paul Ducklin
β January 27
th
2022 at 19:57
Latest episode - listen now!
Naked Security
Tax scam emails are alive and well as US tax season starts
By
Paul Ducklin
β January 25
th
2022 at 17:19
If in doubt, don't give it out! (And don't forget that no reply is often a good reply.)
Naked Security
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
By
Paul Ducklin
β January 20
th
2022 at 17:28
Latest epsiode - listen now!
Naked Security
Serious Security: Linux full-disk encryption bug fixed β patch now!
By
Paul Ducklin
β January 14
th
2022 at 21:58
Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
By
Paul Ducklin
β January 13
th
2022 at 15:26
Latest episode -listen to it or read it now!
Naked Security
S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]
By
Paul Ducklin
β January 6
th
2022 at 19:44
We're back for 2022 - listen now!
Naked Security
SFW! The Top N CyberΒsecurity Stories of 2021 (for small positive integer values of N)
By
Paul Ducklin
β December 24
th
2021 at 17:44
Happy Holidays! Our Top N stories, all totally SFW!
Naked Security
The cool retro phone with a REAL DIAL⦠plus plenty of IoT problems
By
Paul Ducklin
β December 23
rd
2021 at 17:58
You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.
Naked Security
Apacheβs other product: Critical bugs in βhttpdβ web server, patch now!
By
Paul Ducklin
β December 21
st
2021 at 19:57
The Apache web server just got an update - this one is nothing to do with Log4j!
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By
Paul Ducklin
β December 16
th
2021 at 17:41
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
Naked Security
S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]
By
Paul Ducklin
β December 9
th
2021 at 17:40
Listen now or read as an article! (Full transcript inside.)
Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
By
Paul Ducklin
β December 2
nd
2021 at 20:50
Latest episode - listen now!
Naked Security
Cloud Security: Donβt wait until your next bill to find out about an attack!
By
Paul Ducklin
β November 26
th
2021 at 19:58
Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.
Naked Security
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
By
Paul Ducklin
β November 25
th
2021 at 12:38
Latest episode - listen now! Solid cybersecurity advice in plain English.
Naked Security
US government securities watchdog spoofed by investment scammers β donβt fall for it!
By
Paul Ducklin
β November 24
th
2021 at 19:57
Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.
Naked Security
GoDaddy admits to password breach: check your Managed WordPress site!
By
Paul Ducklin
β November 23
rd
2021 at 00:35
GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.
Load more articles