Online ticketing company “See” pwned for 2.5 years by attackers

By Paul Ducklin — October 26^th 2022 at 19:58

Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.

Fashion brand SHEIN fined $1.9m for lying about data breach

By Naked Security writer — October 17^th 2022 at 18:50

Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?

By Paul Ducklin — September 21^st 2022 at 14:24

Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.

By Paul Ducklin — August 31^st 2022 at 18:42

Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.

By Paul Ducklin — June 13^th 2022 at 16:28

Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!

By Paul Ducklin — June 2^nd 2022 at 18:37

Latest episode - listen now!

By Paul Ducklin — May 26^th 2022 at 12:41

When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.

By Paul Ducklin — April 14^th 2022 at 13:39

Latest episode - listen now!

By Paul Ducklin — April 6^th 2022 at 16:22

Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English...

By Paul Ducklin — January 18^th 2022 at 19:23

There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing

By Paul Ducklin — December 21^st 2021 at 19:57

The Apache web server just got an update - this one is nothing to do with Log4j!