Login
FreshRSS
Login
Naked Security
S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text]
By
Paul Ducklin
β December 15
th
2022 at 17:10
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Naked Security
S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]
By
Paul Ducklin
β December 9
th
2022 at 16:46
Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.
Naked Security
S3 Ep111: The business risk of a sleazy βnudity unfilterβ [Audio + Text]
By
Paul Ducklin
β December 1
st
2022 at 19:58
Latest episode - listen now (or read if you prefer)...
Naked Security
S3 Ep110: Spotlight on cyberthreats β an expert speaks [Audio + Text]
By
Paul Ducklin
β November 24
th
2022 at 16:52
Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us
Naked Security
Multimillion dollar CryptoRom scam sites seized, suspects arrested in US
By
Paul Ducklin
β November 23
rd
2022 at 19:58
Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers...
cryptorom-1200
Naked Security
How to hack an unpatched Exchange server with rogue PowerShell code
By
Paul Ducklin
β November 22
nd
2022 at 19:54
Review your servers, your patches and your authentication policies - there's a proof-of-concept out
Naked Security
How social media scammers buy time to steal your 2FA codes
By
Paul Ducklin
β November 21
st
2022 at 17:02
The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fake
ffs-2fa-1200
Naked Security
S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
By
Paul Ducklin
β November 17
th
2022 at 17:52
Latest episode - listen now! Cybersecurity news plus loads of great advice...
Naked Security
Black Friday and retail season β watch out for PayPal βmoney requestβ scams
By
Paul Ducklin
β November 17
th
2022 at 12:45
Don't let a keen eye for bargains lead you into risky online behaviour...
Naked Security
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
By
Paul Ducklin
β November 10
th
2022 at 17:26
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Naked Security
Public URL scanning tools β when security leads to insecurity
By
Paul Ducklin
β November 7
th
2022 at 19:59
Never make your users cry/By how you use an API
Naked Security
Twitter Blue Badge email scams β Donβt fall for them!
By
Naked Security writer
β November 4
th
2022 at 17:59
That was the week that was...
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
By
Paul Ducklin
β November 3
rd
2022 at 17:51
Listen now - latest episode - audio plus full transcript
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
By
Paul Ducklin
β October 27
th
2022 at 16:59
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By
Paul Ducklin
β October 20
th
2022 at 18:54
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
Naked Security
Zoom for Mac patches sneaky βspy-on-meβ bug β update now!
By
Paul Ducklin
β October 18
th
2022 at 18:01
Hey! That back door isn't supposed to be there at all, let alone propped open...
Naked Security
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
By
Paul Ducklin
β October 13
th
2022 at 16:37
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...
Naked Security
Serious Security: OAuth 2 and why Microsoft is finally forcing you into it
By
Paul Ducklin
β October 10
th
2022 at 18:02
Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.
Naked Security
WhatsApp goes after Chinese password scammers via US court
By
Paul Ducklin
β October 7
th
2022 at 18:14
If you can't beat 'em, sue 'em!
Naked Security
S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]
By
Paul Ducklin
β October 6
th
2022 at 14:43
Latest episode - listen and learn now (or read and revise, if the written word is your thing)...
Naked Security
BEC fraudster and romance scammer sent to prison for 25 years
By
Paul Ducklin
β October 4
th
2022 at 19:12
Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth.
rs-1200
Naked Security
Scammers and rogue callers β can anything ever stop them?
By
Paul Ducklin
β October 4
th
2022 at 00:06
Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?
Naked Security
S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text]
By
Paul Ducklin
β October 1
st
2022 at 14:05
Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...
Naked Security
S3 Ep102: How to avoid a data breach [Audio + Transcript]
By
Paul Ducklin
β September 29
th
2022 at 18:45
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
Naked Security
S3 Ep101: Uber and LastPass breaches β is 2FA all itβs cracked up to be? [Audio + Text]
By
Paul Ducklin
β September 22
nd
2022 at 18:42
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
Naked Security
S3 Ep100.5: Uber breach β an expert speaks [Audio + Text]
By
Paul Ducklin
β September 17
th
2022 at 20:57
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."
Naked Security
S3 Ep100: Browser-in-the-Browser β how to spot an attack [Audio + Text]
By
Paul Ducklin
β September 15
th
2022 at 18:50
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...
s3-ep100-js-1200
Naked Security
Serious Security: Browser-in-the-browser attacks β watch out for windows that arenβt!
By
Paul Ducklin
β September 13
th
2022 at 20:52
Simple but super-sneaky - use a picture of a browser, and convince people it's real...
pipe-light-not-1200
Naked Security
S3 Ep99: TikTok βattackβ β was there a data breach, or not? [Audio + Text]
By
Paul Ducklin
β September 8
th
2022 at 13:21
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
Naked Security
S3 Ep98: The LastPass saga β should we stop using password managers? [Audio + Text]
By
Paul Ducklin
β September 1
st
2022 at 16:55
Latest episode - listen now!
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
By
Paul Ducklin
β August 25
th
2022 at 15:37
Latest episode - listen now! (Or read the transcript if you prefer the text version.)
Naked Security
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
By
Paul Ducklin
β August 18
th
2022 at 18:38
Latest episode - listen now (or read if you prefer!)
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
By
Paul Ducklin
β August 11
th
2022 at 14:34
Latest episode - listen now! (Or read the transcript if you prefer.)
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
By
Paul Ducklin
β August 4
th
2022 at 17:52
Latest episode - listen now! (Or read if that's what you prefer.)
Naked Security
S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]
By
Paul Ducklin
β July 28
th
2022 at 15:47
Latest episode - listen now!
Naked Security
S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]
By
Paul Ducklin
β July 21
st
2022 at 16:25
Latest episode - listen, read or both!
Naked Security
7 cybersecurity tips for your summer vacation!
By
Paul Ducklin
β July 15
th
2022 at 18:23
Here you go - seven thoughtful cybersecurity tips to help you travel safely...
Naked Security
S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]
By
Paul Ducklin
β July 14
th
2022 at 18:47
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.
Naked Security
Facebook 2FA scammers return β this time in just 21 minutes
By
Paul Ducklin
β July 13
th
2022 at 16:46
Last time they arrived 28 minutes after lighting up their fake domain... this time it was just 21 minutes
Naked Security
Paying ransomware crooks wonβt reduce your legal risk, warns regulator
By
Paul Ducklin
β July 12
th
2022 at 18:24
"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?
Naked Security
S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]
By
Paul Ducklin
β July 7
th
2022 at 18:46
Listen now! Or read if you prefer...
Naked Security
Facebook 2FA phish arrives just 28 minutes after scam domain created
By
Paul Ducklin
β July 1
st
2022 at 20:01
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
Naked Security
βMissing Cryptoqueenβ hits the FBIβs Ten Most Wanted list
By
Paul Ducklin
β July 1
st
2022 at 16:49
The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.
Naked Security
S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
By
Paul Ducklin
β June 30
th
2022 at 12:57
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!
Naked Security
FTC warns of LGBTQ+ extortion scams β be aware before you share!
By
Paul Ducklin
β June 27
th
2022 at 14:58
It's a simple jingle and it's solid advice: "If in doubt, don't give it out!"
Naked Security
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
By
Paul Ducklin
β June 23
rd
2022 at 11:08
Latest epsiode - listen (or read) now!
Naked Security
Capital One identity theft hacker finally gets convicted
By
Paul Ducklin
β June 21
st
2022 at 15:24
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
Naked Security
Interpol busts 2000 suspects in phone scamming takedown
By
Paul Ducklin
β June 20
th
2022 at 18:10
Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...
Naked Security
S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast]
By
Paul Ducklin
β June 16
th
2022 at 16:52
Lastest epsiode - listen now!
Naked Security
S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
By
Paul Ducklin
β June 9
th
2022 at 13:07
Latest episode - listen (or read) now!
Naked Security
S3 Ep85: Now THATβS what I call a Microsoft Office exploit! [Podcast]
By
Paul Ducklin
β June 2
nd
2022 at 18:37
Latest episode - listen now!
Naked Security
Beware the Smish! Home delivery scams with a professional feelβ¦
By
Paul Ducklin
β May 30
th
2022 at 17:59
Home delivery scams are getting leaner, and meaner, and more likely to "look about right". Here's an example to show you what we mean...
Naked Security
S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
By
Paul Ducklin
β May 27
th
2022 at 11:17
Latest episode - listen now!
Naked Security
Whoβs watching your webcam? The Screencastify Chrome extension storyβ¦
By
Paul Ducklin
β May 26
th
2022 at 12:41
When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.
Naked Security
Microsoft patches the Patch Tuesday patch that broke authentication
By
Paul Ducklin
β May 20
th
2022 at 22:35
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
Naked Security
S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]
By
Paul Ducklin
β May 19
th
2022 at 13:56
Latest episode - listen now!
Naked Security
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
By
Paul Ducklin
β May 12
th
2022 at 15:46
Latest episode - lots to learn - plain English - fun with a serious side - listen now!
Naked Security
S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]
By
Paul Ducklin
β May 5
th
2022 at 14:16
Latest episode - listen now!
Naked Security
Android monthly updates are out β critical bugs found in critical places!
By
Paul Ducklin
β May 4
th
2022 at 15:54
Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...
Naked Security
S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]
By
Paul Ducklin
β April 28
th
2022 at 13:18
Latest episode - listen now!
Load more articles