Naked Security

How to celebrate SysAdmin Day!

I've just popped in to wish you all/The best SysAdmin Day!

Naked Security

Critical Samba bug could let anyone become Domain Admin – patch now!

It's a serious bug... but there's a fix for it, so you know exactly what to do!

Naked Security

S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]

Latest episode - listen, read or both!

Naked Security

8 months on, US says Log4Shell will be around for “a decade or longer”

When it comes to cybersecurity, ask not what everyone else can do for you...

Naked Security

S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]

Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

Naked Security

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

Listen now! Or read if you prefer...

Naked Security

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!

Naked Security

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

Latest epsiode - listen (or read) now!

Naked Security

You’re invited! Join us for a live walkthrough of the “Follina” story…

Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!

Naked Security

S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]

Latest episode - listen (or read) now!

Naked Security

Know your enemy! Learn how cybercrime adversaries get in…

Here's how 144 recent attacks actually went down in real life. Don't let this happen to you!

Naked Security

S3 Ep85: Now THAT’S what I call a Microsoft Office exploit! [Podcast]

Latest episode - listen now!

Naked Security

Mysterious “Follina” zero-day hole in Office – here’s what to do!

News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!

Naked Security

S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]

Latest episode - listen now!

Naked Security

Poisoned Python and PHP packages purloin passwords for AWS access

More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.

Naked Security

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

Latest episode - listen now!

Naked Security

Pwn2Own hacking schedule released – Windows and Linux are top targets

What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?

Naked Security

S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]

Latest episode - lots to learn - plain English - fun with a serious side - listen now!

Naked Security

Serious Security: Learning from curl’s latest bug update

Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.

Naked Security

S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]

Latest episode - listen now!

Naked Security

World Password Day – the 1960s just called and gave you your passwords back

Yes, passwords are going away. No, it won't happen tomorrow. So it's still worth knowing the basics of picking proper passwords.

Naked Security

Firefox hits 100*, fixes bugs… but no new zero-days this month

Despite concerns that some websites might break when Chromium and then Firefox reached version 100, the web still seems to be intact.

Naked Security

S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

Latest episode - listen now!

Naked Security

Ransomware Survey 2022 – like the Curate’s Egg, “good in parts”

You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look!

Naked Security

S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]

Do you know your Adam Osborne from your John Osbourne? Your Z80 from your 6502? Latest episode - listen now!

Naked Security

Yet another Chrome zero-day emergency update – patch now!

The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.

Naked Security

S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]

Latest episode - listen now!

Naked Security

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

Latest episode - listen now! Cybersecurity news and advice in plain English.

Naked Security

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

Latest episode - listen now!

Naked Security

S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]

Latest episode - listen now!

Naked Security

S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]

Latest episode - listen now!

Naked Security

Alleged Kaseya ransomware attacker arrives in Texas for trial

The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...

Naked Security

S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]

Latest episode - listen now!

Naked Security

S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]

Latest episode - listen now (or read it, if that's your preference)...

Naked Security

Ransomware with a difference: “Derestrict your software, or else!”

"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.

Naked Security

S3 Ep71: VMware escapes, PHP holes, WP plugin woes, and scary scams [Podcast + Transcript]

Latest episode - listen now!

Naked Security

French speakers blasted by sextortion scams with no text or links

You'd spot this one a mile away... but what about your friends or family?

Naked Security

Irony alert! PHP fixes security flaw in input validation code

What's wrong with this sequence? 1. Step into the road 2. Check if it's safe 3. Keep on walki...

Naked Security

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

Latest episode - listen and learn!

Naked Security

S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]

Latest episode - listen now!

Naked Security

At last! Office macros from the internet to be blocked by default

It's been a long time coming, and we're not there yet, but at least Microsoft Office will be a bit safer against macro malware...

Naked Security

S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]

Latest episode - listen now!

Naked Security

Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!

Free home PCR devices would be technological marvels, and really useful, too. But there aren't any...

Naked Security

Happy Data Privacy Day – and we really do mean “happy” :-)

We give you some simple digital lifesytle tips that cost nothing.

Naked Security

S3 Ep67: Tax scams, carder busts and crypto capers [Podcast + Transcript]

Latest episode - listen now!

Naked Security

Tax scam emails are alive and well as US tax season starts

If in doubt, don't give it out! (And don't forget that no reply is often a good reply.)

Naked Security

S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]

Latest epsiode - listen now!

Naked Security

Serious Security: Linux full-disk encryption bug fixed – patch now!

Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.

Naked Security

S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]

Latest episode -listen to it or read it now!

Naked Security

S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]

We're back for 2022 - listen now!

Naked Security

SFW! The Top N Cyber­security Stories of 2021 (for small positive integer values of N)

Happy Holidays! Our Top N stories, all totally SFW!

Naked Security

The cool retro phone with a REAL DIAL… plus plenty of IoT problems

You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.

Naked Security

Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!

The Apache web server just got an update - this one is nothing to do with Log4j!

Naked Security

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

Naked Security

S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]

Listen now or read as an article! (Full transcript inside.)

Naked Security

S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]

Latest episode - listen now!

Naked Security

Cloud Security: Don’t wait until your next bill to find out about an attack!

Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.

Naked Security

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

Latest episode - listen now! Solid cybersecurity advice in plain English.

Naked Security

US government securities watchdog spoofed by investment scammers – don’t fall for it!

Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.

Naked Security

GoDaddy admits to password breach: check your Managed WordPress site!

GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.