Login
FreshRSS
Login
Naked Security
LastPass source code breach β incident response report released
By
Paul Ducklin
β September 19
th
2022 at 18:59
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.
Naked Security
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
By
Paul Ducklin
β September 17
th
2022 at 20:57
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."
Naked Security
UBER HAS BEEN HACKED, boasts hacker β how to stop it happening to you
By
Paul Ducklin
β September 16
th
2022 at 18:43
Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?"
Naked Security
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
By
Paul Ducklin
β September 13
th
2022 at 20:52
Simple but super-sneaky - use a picture of a browser, and convince people it's real...
pipe-light-not-1200
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By
Paul Ducklin
β September 1
st
2022 at 16:55
Latest episode - listen now!
Naked Security
LastPass source code breach β do we still recommend password managers?
By
Paul Ducklin
β August 29
th
2022 at 16:59
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
By
Paul Ducklin
β August 24
th
2022 at 18:59
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By
Paul Ducklin
β August 11
th
2022 at 14:34
Latest episode - listen now! (Or read the transcript if you prefer.)
Naked Security
APIC/EPIC! Intel chips leak secrets even the kernel shouldnβt seeβ¦
By
Paul Ducklin
β August 10
th
2022 at 16:59
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
Naked Security
Slack admits to leaking hashed passwords for five years
By
Paul Ducklin
β August 8
th
2022 at 15:14
"When those invitations went out... somehow, your password hash went out with them."
Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
By
Paul Ducklin
β July 28
th
2022 at 15:47
Latest episode - listen now!
Naked Security
T-Mobile to cough up $500 million over 2021 data breach
By
Paul Ducklin
β July 25
th
2022 at 16:20
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.
Naked Security
Office macro security: on-again-off-again feature now BACK ON AGAIN!
By
Paul Ducklin
β July 23
rd
2022 at 01:10
20 years to turn it on, then 20 weeks to turn it off, then just 2 weeks to turn it back on again. That's progress!
Naked Security
Facebook 2FA phish arrives just 28 minutes after scam domain created
By
Paul Ducklin
β July 1
st
2022 at 20:01
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
Naked Security
Harmony blockchain loses nearly $100M due to hacked private keys
By
Paul Ducklin
β June 27
th
2022 at 18:14
The crooks needed at least two private keys, each stored in two parts... but they got them anyway.
Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
By
Paul Ducklin
β June 23
rd
2022 at 11:08
Latest epsiode - listen (or read) now!
Naked Security
Capital One identity theft hacker finally gets convicted
By
Paul Ducklin
β June 21
st
2022 at 15:24
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
Naked Security
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
β April 29
th
2022 at 16:15
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Naked Security
LAPSUS$ hacks continue despite two hacker suspects in court
By
Paul Ducklin
β April 4
th
2022 at 21:36
Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?
Naked Security
World Backup Day: 5 data recovery tips for everyone!
By
Paul Ducklin
β March 30
th
2022 at 15:10
The only backup you will ever regret is the one you didn't make
Naked Security
S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]
By
Paul Ducklin
β March 24
th
2022 at 13:49
Latest episode - listen now!
Naked Security
Adafruit suffers GitHub data breach β donβt let this happen to you
By
Paul Ducklin
β March 7
th
2022 at 12:47
Training data stashed in GitHub by mistake... unfortunately, it was *real* data
Naked Security
Linux kernel patches βperformance can be harmfulβ bug in video driver
By
Paul Ducklin
β February 1
st
2022 at 19:59
This bug is fiendishly hard to exploit - but if you patch, it won't be there to exploit at all.
Naked Security
Serious Security: Apple Safari leaks private data via database API β what you need to know
By
Paul Ducklin
β January 18
th
2022 at 19:23
There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing
Naked Security
FTC threatens βlegal actionβ over unpatched Log4j and other vulns
By
Paul Ducklin
β January 5
th
2022 at 19:37
Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!
Naked Security
US government securities watchdog spoofed by investment scammers β donβt fall for it!
By
Paul Ducklin
β November 24
th
2021 at 19:57
Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.
Naked Security
GoDaddy admits to password breach: check your Managed WordPress site!
By
Paul Ducklin
β November 23
rd
2021 at 00:35
GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.
Naked Security
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
By
Paul Ducklin
β November 18
th
2021 at 22:20
Be aware before you share! That's a good rule for developers and techies, just as much as it is for social media addicts.
There are no more articles
β
Mark all as read