Login
FreshRSS
Login
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
By
Paul Ducklin
β October 27
th
2022 at 16:59
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Naked Security
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
By
Paul Ducklin
β October 26
th
2022 at 00:50
"We told you to stop but you ignored us," said the French regulator, "so now we're coming after you again."
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By
Paul Ducklin
β September 1
st
2022 at 16:55
Latest episode - listen now!
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
By
Paul Ducklin
β August 24
th
2022 at 18:59
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...
Naked Security
Apple patches double zero-day in browser and kernel β update now!
By
Paul Ducklin
β August 17
th
2022 at 23:33
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!
Naked Security
GitHub blighted by βresearcherβ who created thousands of malicious projects
By
Paul Ducklin
β August 3
rd
2022 at 23:06
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
Naked Security
Murder suspect admits she tracked cheating partner with hidden AirTag
By
Paul Ducklin
β June 14
th
2022 at 18:49
O! What a tangled web we weave, when first we practise to deceive.
Naked Security
Poisoned Python and PHP packages purloin passwords for AWS access
By
Paul Ducklin
β May 24
th
2022 at 23:04
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Naked Security
Clearview AI face-matching service fined a lot less than expected
By
Paul Ducklin
β May 23
rd
2022 at 13:01
The fine has finally gone through... but it's less than 45% of what was originally proposed.
eleceye-1200
Naked Security
RubyGems supply chain rip-and-replace bug fixed β check your logs!
By
Paul Ducklin
β May 9
th
2022 at 15:41
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank".
ruby-1200
Naked Security
GitHub issues final report on supply-chain source code intrusions
By
Paul Ducklin
β April 29
th
2022 at 16:15
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.
Naked Security
Beanstalk cryptocurrency heist: scammer votes himself all the money
By
Paul Ducklin
β April 19
th
2022 at 16:00
Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community.
Naked Security
S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]
By
Paul Ducklin
β March 3
rd
2022 at 14:04
Latest episode - listen now (or read it, if that's your preference)...
Naked Security
Apple AirTag anti-stalking protection bypassed by researchers
By
Paul Ducklin
β February 23
rd
2022 at 17:59
Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.
Naked Security
Wormhole cryptotrading company turns over $340,000,000 to criminals
By
Paul Ducklin
β February 4
th
2022 at 17:38
It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said.
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
By
Paul Ducklin
β January 13
th
2022 at 15:26
Latest episode -listen to it or read it now!
Naked Security
JavaScript developer destroys own projects in supply chain βlessonβ
By
Paul Ducklin
β January 11
th
2022 at 00:54
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.
Naked Security
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
By
Paul Ducklin
β December 16
th
2021 at 17:41
Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
Naked Security
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast+Transcript]
By
Paul Ducklin
β December 2
nd
2021 at 20:50
Latest episode - listen now!
Naked Security
Clearview AI face-matching service set to be fined over $20m
By
Paul Ducklin
β November 30
th
2021 at 19:13
Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.
Naked Security
Samba update patches plaintext password plundering problem
By
Paul Ducklin
β November 12
th
2021 at 19:59
When Microsoft itself says STOP USING X, where X is one of its own protocols... we think you should listen.
Naked Security
Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
By
Paul Ducklin
β November 9
th
2021 at 19:31
The crooks have shown that they're willing to learn and adapt their attacks, so we need to make sure we learn and adapt, too.
Naked Security
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
By
Paul Ducklin
β October 25
th
2021 at 16:38
Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.
There are no more articles
β
Mark all as read