FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Naked Security

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

By Paul Ducklin β€” November 10th 2022 at 17:26
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By Paul Ducklin β€” November 3rd 2022 at 17:51
Listen now - latest episode - audio plus full transcript

☐ β˜† βœ‡ Naked Security

S3 Ep106: Facial recognition without consent – should it be banned?

By Paul Ducklin β€” October 27th 2022 at 16:59
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!

☐ β˜† βœ‡ Naked Security

Online ticketing company β€œSee” pwned for 2.5 years by attackers

By Paul Ducklin β€” October 26th 2022 at 19:58
Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.

☐ β˜† βœ‡ Naked Security

S3 Ep105: WONTFIX! The MS Office cryptofail that β€œisn’t a security flaw” [Audio + Text]

By Paul Ducklin β€” October 20th 2022 at 18:54
The coolest video game ever! And lots of solid cybersecurity advice - listen now!

pic-1200

☐ β˜† βœ‡ Naked Security

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

By Paul Ducklin β€” October 13th 2022 at 16:37
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...

☐ β˜† βœ‡ Naked Security

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

By Paul Ducklin β€” October 6th 2022 at 14:43
Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

☐ β˜† βœ‡ Naked Security

S3 Ep102: How to avoid a data breach [Audio + Transcript]

By Paul Ducklin β€” September 29th 2022 at 18:45
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...

☐ β˜† βœ‡ Naked Security

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]

By Paul Ducklin β€” September 22nd 2022 at 18:42
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...

☐ β˜† βœ‡ Naked Security

Interested in cybersecurity? Join us for Security SOS Week 2022!

By Paul Ducklin β€” September 21st 2022 at 14:24
Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.

☐ β˜† βœ‡ Naked Security

LastPass source code breach – incident response report released

By Paul Ducklin β€” September 19th 2022 at 18:59
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.

☐ β˜† βœ‡ Naked Security

S3 Ep100.5: Uber breach – an expert speaks [Audio + Text]

By Paul Ducklin β€” September 17th 2022 at 20:57
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."

☐ β˜† βœ‡ Naked Security

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

By Paul Ducklin β€” September 15th 2022 at 18:50
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...

s3-ep100-js-1200

☐ β˜† βœ‡ Naked Security

How to deal with dates and times without any timezone tantrums…

By Paul Ducklin β€” September 9th 2022 at 18:59
Heartfelt encouragement to embrace RFC 3339 - find out why!

☐ β˜† βœ‡ Naked Security

S3 Ep99: TikTok β€œattack” – was there a data breach, or not? [Audio + Text]

By Paul Ducklin β€” September 8th 2022 at 13:21
Latest episode - listen now! (Or read if you prefer - full transcript inside.)

☐ β˜† βœ‡ Naked Security

Chrome patches 24 security holes, enables β€œSanitizer” safety system

By Paul Ducklin β€” August 31st 2022 at 11:48
24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.

☐ β˜† βœ‡ Naked Security

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

By Paul Ducklin β€” August 25th 2022 at 15:37
Latest episode - listen now! (Or read the transcript if you prefer the text version.)

☐ β˜† βœ‡ Naked Security

S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]

By Paul Ducklin β€” August 18th 2022 at 18:38
Latest episode - listen now (or read if you prefer!)

☐ β˜† βœ‡ Naked Security

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

By Paul Ducklin β€” August 11th 2022 at 14:34
Latest episode - listen now! (Or read the transcript if you prefer.)

☐ β˜† βœ‡ Naked Security

Traffic Light Protocol for cybersecurity responders gets a revamp

By Paul Ducklin β€” August 5th 2022 at 18:57
Traffic lights make a handy global metaphor for denoting the sensitivity of cybersecurity threat data - three colours that everyone knows.

☐ β˜† βœ‡ Naked Security

S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]

By Paul Ducklin β€” August 4th 2022 at 17:52
Latest episode - listen now! (Or read if that's what you prefer.)

☐ β˜† βœ‡ Naked Security

How to celebrate SysAdmin Day!

By Paul Ducklin β€” July 29th 2022 at 15:37
I've just popped in to wish you all/The best SysAdmin Day!

☐ β˜† βœ‡ Naked Security

Critical Samba bug could let anyone become Domain Admin – patch now!

By Paul Ducklin β€” July 27th 2022 at 21:15
It's a serious bug... but there's a fix for it, so you know exactly what to do!

☐ β˜† βœ‡ Naked Security

S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]

By Paul Ducklin β€” July 21st 2022 at 16:25
Latest episode - listen, read or both!

☐ β˜† βœ‡ Naked Security

8 months on, US says Log4Shell will be around for β€œa decade or longer”

By Paul Ducklin β€” July 18th 2022 at 16:57
When it comes to cybersecurity, ask not what everyone else can do for you...

☐ β˜† βœ‡ Naked Security

S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]

By Paul Ducklin β€” July 14th 2022 at 18:47
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

☐ β˜† βœ‡ Naked Security

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

By Paul Ducklin β€” July 7th 2022 at 18:46
Listen now! Or read if you prefer...

☐ β˜† βœ‡ Naked Security

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

By Paul Ducklin β€” June 30th 2022 at 12:57
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!

☐ β˜† βœ‡ Naked Security

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

By Paul Ducklin β€” June 23rd 2022 at 11:08
Latest epsiode - listen (or read) now!

☐ β˜† βœ‡ Naked Security

You’re invited! Join us for a live walkthrough of the β€œFollina” story…

By Paul Ducklin β€” June 13th 2022 at 16:28
Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!

☐ β˜† βœ‡ Naked Security

S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]

By Paul Ducklin β€” June 9th 2022 at 13:07
Latest episode - listen (or read) now!

☐ β˜† βœ‡ Naked Security

Know your enemy! Learn how cybercrime adversaries get in…

By Paul Ducklin β€” June 7th 2022 at 15:49
Here's how 144 recent attacks actually went down in real life. Don't let this happen to you!

☐ β˜† βœ‡ Naked Security

S3 Ep85: Now THAT’S what I call a Microsoft Office exploit! [Podcast]

By Paul Ducklin β€” June 2nd 2022 at 18:37
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Mysterious β€œFollina” zero-day hole in Office – here’s what to do!

By Paul Ducklin β€” May 30th 2022 at 23:01
News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!

☐ β˜† βœ‡ Naked Security

S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]

By Paul Ducklin β€” May 27th 2022 at 11:17
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Poisoned Python and PHP packages purloin passwords for AWS access

By Paul Ducklin β€” May 24th 2022 at 23:04
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.

☐ β˜† βœ‡ Naked Security

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

By Paul Ducklin β€” May 19th 2022 at 13:56
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Pwn2Own hacking schedule released – Windows and Linux are top targets

By Paul Ducklin β€” May 18th 2022 at 13:04
What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?

☐ β˜† βœ‡ Naked Security

S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]

By Paul Ducklin β€” May 12th 2022 at 15:46
Latest episode - lots to learn - plain English - fun with a serious side - listen now!

☐ β˜† βœ‡ Naked Security

Serious Security: Learning from curl’s latest bug update

By Paul Ducklin β€” May 12th 2022 at 15:08
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.

☐ β˜† βœ‡ Naked Security

S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]

By Paul Ducklin β€” May 5th 2022 at 14:16
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

World Password Day – the 1960s just called and gave you your passwords back

By Paul Ducklin β€” May 5th 2022 at 01:06
Yes, passwords are going away. No, it won't happen tomorrow. So it's still worth knowing the basics of picking proper passwords.

☐ β˜† βœ‡ Naked Security

Firefox hits 100*, fixes bugs… but no new zero-days this month

By Paul Ducklin β€” May 3rd 2022 at 16:42
Despite concerns that some websites might break when Chromium and then Firefox reached version 100, the web still seems to be intact.

☐ β˜† βœ‡ Naked Security

S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

By Paul Ducklin β€” April 28th 2022 at 13:18
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Ransomware Survey 2022 – like the Curate’s Egg, β€œgood in parts”

By Paul Ducklin β€” April 27th 2022 at 15:22
You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look!

☐ β˜† βœ‡ Naked Security

S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and crypto-dodginess [Podcast]

By Paul Ducklin β€” April 21st 2022 at 13:41
Do you know your Adam Osborne from your John Osbourne? Your Z80 from your 6502? Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Yet another Chrome zero-day emergency update – patch now!

By Paul Ducklin β€” April 16th 2022 at 00:33
The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.

☐ β˜† βœ‡ Naked Security

S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]

By Paul Ducklin β€” April 14th 2022 at 13:39
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

By Paul Ducklin β€” April 7th 2022 at 12:24
Latest episode - listen now! Cybersecurity news and advice in plain English.

☐ β˜† βœ‡ Naked Security

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

By Paul Ducklin β€” March 31st 2022 at 13:38
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast]

By Paul Ducklin β€” March 24th 2022 at 13:49
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]

By Paul Ducklin β€” March 17th 2022 at 13:32
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Alleged Kaseya ransomware attacker arrives in Texas for trial

By Naked Security writer β€” March 11th 2022 at 14:59
The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...

☐ β˜† βœ‡ Naked Security

S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]

By Paul Ducklin β€” March 10th 2022 at 19:37
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]

By Paul Ducklin β€” March 3rd 2022 at 14:04
Latest episode - listen now (or read it, if that's your preference)...

☐ β˜† βœ‡ Naked Security

Ransomware with a difference: β€œDerestrict your software, or else!”

By Paul Ducklin β€” March 2nd 2022 at 16:33
"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.

☐ β˜† βœ‡ Naked Security

S3 Ep71: VMware escapes, PHP holes, WP plugin woes, and scary scams [Podcast + Transcript]

By Paul Ducklin β€” February 24th 2022 at 16:51
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

French speakers blasted by sextortion scams with no text or links

By Paul Ducklin β€” February 21st 2022 at 17:59
You'd spot this one a mile away... but what about your friends or family?

☐ β˜† βœ‡ Naked Security

Irony alert! PHP fixes security flaw in input validation code

By Paul Ducklin β€” February 18th 2022 at 17:59
What's wrong with this sequence? 1. Step into the road 2. Check if it's safe 3. Keep on walki...

☐ β˜† βœ‡ Naked Security

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

By Paul Ducklin β€” February 17th 2022 at 17:12
Latest episode - listen and learn!

❌