FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Naked Security

S3 Ep113: Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text]

By Paul Ducklin β€” December 15th 2022 at 17:10
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!

☐ β˜† βœ‡ Naked Security

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

By Paul Ducklin β€” December 9th 2022 at 16:46
Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.

☐ β˜† βœ‡ Naked Security

S3 Ep111: The business risk of a sleazy β€œnudity unfilter” [Audio + Text]

By Paul Ducklin β€” December 1st 2022 at 19:58
Latest episode - listen now (or read if you prefer)...

☐ β˜† βœ‡ Naked Security

S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]

By Paul Ducklin β€” November 24th 2022 at 16:52
Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us

☐ β˜† βœ‡ Naked Security

Multimillion dollar CryptoRom scam sites seized, suspects arrested in US

By Paul Ducklin β€” November 23rd 2022 at 19:58
Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers...

cryptorom-1200

☐ β˜† βœ‡ Naked Security

How to hack an unpatched Exchange server with rogue PowerShell code

By Paul Ducklin β€” November 22nd 2022 at 19:54
Review your servers, your patches and your authentication policies - there's a proof-of-concept out

☐ β˜† βœ‡ Naked Security

How social media scammers buy time to steal your 2FA codes

By Paul Ducklin β€” November 21st 2022 at 17:02
The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fake

ffs-2fa-1200

☐ β˜† βœ‡ Naked Security

S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]

By Paul Ducklin β€” November 17th 2022 at 17:52
Latest episode - listen now! Cybersecurity news plus loads of great advice...

☐ β˜† βœ‡ Naked Security

Black Friday and retail season – watch out for PayPal β€œmoney request” scams

By Paul Ducklin β€” November 17th 2022 at 12:45
Don't let a keen eye for bargains lead you into risky online behaviour...

☐ β˜† βœ‡ Naked Security

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

By Paul Ducklin β€” November 10th 2022 at 17:26
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

☐ β˜† βœ‡ Naked Security

Public URL scanning tools – when security leads to insecurity

By Paul Ducklin β€” November 7th 2022 at 19:59
Never make your users cry/By how you use an API

☐ β˜† βœ‡ Naked Security

Twitter Blue Badge email scams – Don’t fall for them!

By Naked Security writer β€” November 4th 2022 at 17:59
That was the week that was...

☐ β˜† βœ‡ Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By Paul Ducklin β€” November 3rd 2022 at 17:51
Listen now - latest episode - audio plus full transcript

☐ β˜† βœ‡ Naked Security

S3 Ep106: Facial recognition without consent – should it be banned?

By Paul Ducklin β€” October 27th 2022 at 16:59
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!

☐ β˜† βœ‡ Naked Security

S3 Ep105: WONTFIX! The MS Office cryptofail that β€œisn’t a security flaw” [Audio + Text]

By Paul Ducklin β€” October 20th 2022 at 18:54
The coolest video game ever! And lots of solid cybersecurity advice - listen now!

pic-1200

☐ β˜† βœ‡ Naked Security

Zoom for Mac patches sneaky β€œspy-on-me” bug – update now!

By Paul Ducklin β€” October 18th 2022 at 18:01
Hey! That back door isn't supposed to be there at all, let alone propped open...

☐ β˜† βœ‡ Naked Security

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

By Paul Ducklin β€” October 13th 2022 at 16:37
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...

☐ β˜† βœ‡ Naked Security

Serious Security: OAuth 2 and why Microsoft is finally forcing you into it

By Paul Ducklin β€” October 10th 2022 at 18:02
Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.

☐ β˜† βœ‡ Naked Security

WhatsApp goes after Chinese password scammers via US court

By Paul Ducklin β€” October 7th 2022 at 18:14
If you can't beat 'em, sue 'em!

☐ β˜† βœ‡ Naked Security

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

By Paul Ducklin β€” October 6th 2022 at 14:43
Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

☐ β˜† βœ‡ Naked Security

BEC fraudster and romance scammer sent to prison for 25 years

By Paul Ducklin β€” October 4th 2022 at 19:12
Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth.

rs-1200

☐ β˜† βœ‡ Naked Security

Scammers and rogue callers – can anything ever stop them?

By Paul Ducklin β€” October 4th 2022 at 00:06
Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?

☐ β˜† βœ‡ Naked Security

S3 Ep102.5: β€œProxyNotShell” Exchange bugs – an expert speaks [Audio + Text]

By Paul Ducklin β€” October 1st 2022 at 14:05
Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...

☐ β˜† βœ‡ Naked Security

S3 Ep102: How to avoid a data breach [Audio + Transcript]

By Paul Ducklin β€” September 29th 2022 at 18:45
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...

☐ β˜† βœ‡ Naked Security

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]

By Paul Ducklin β€” September 22nd 2022 at 18:42
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...

☐ β˜† βœ‡ Naked Security

S3 Ep100.5: Uber breach – an expert speaks [Audio + Text]

By Paul Ducklin β€” September 17th 2022 at 20:57
Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."

☐ β˜† βœ‡ Naked Security

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

By Paul Ducklin β€” September 15th 2022 at 18:50
Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...

s3-ep100-js-1200

☐ β˜† βœ‡ Naked Security

Serious Security: Browser-in-the-browser attacks – watch out for windows that aren’t!

By Paul Ducklin β€” September 13th 2022 at 20:52
Simple but super-sneaky - use a picture of a browser, and convince people it's real...

pipe-light-not-1200

☐ β˜† βœ‡ Naked Security

S3 Ep99: TikTok β€œattack” – was there a data breach, or not? [Audio + Text]

By Paul Ducklin β€” September 8th 2022 at 13:21
Latest episode - listen now! (Or read if you prefer - full transcript inside.)

☐ β˜† βœ‡ Naked Security

S3 Ep98: The LastPass saga – should we stop using password managers? [Audio + Text]

By Paul Ducklin β€” September 1st 2022 at 16:55
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

By Paul Ducklin β€” August 25th 2022 at 15:37
Latest episode - listen now! (Or read the transcript if you prefer the text version.)

☐ β˜† βœ‡ Naked Security

S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]

By Paul Ducklin β€” August 18th 2022 at 18:38
Latest episode - listen now (or read if you prefer!)

☐ β˜† βœ‡ Naked Security

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

By Paul Ducklin β€” August 11th 2022 at 14:34
Latest episode - listen now! (Or read the transcript if you prefer.)

☐ β˜† βœ‡ Naked Security

S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]

By Paul Ducklin β€” August 4th 2022 at 17:52
Latest episode - listen now! (Or read if that's what you prefer.)

☐ β˜† βœ‡ Naked Security

S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

By Paul Ducklin β€” July 28th 2022 at 15:47
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]

By Paul Ducklin β€” July 21st 2022 at 16:25
Latest episode - listen, read or both!

☐ β˜† βœ‡ Naked Security

7 cybersecurity tips for your summer vacation!

By Paul Ducklin β€” July 15th 2022 at 18:23
Here you go - seven thoughtful cybersecurity tips to help you travel safely...

☐ β˜† βœ‡ Naked Security

S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]

By Paul Ducklin β€” July 14th 2022 at 18:47
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

☐ β˜† βœ‡ Naked Security

Facebook 2FA scammers return – this time in just 21 minutes

By Paul Ducklin β€” July 13th 2022 at 16:46
Last time they arrived 28 minutes after lighting up their fake domain... this time it was just 21 minutes

☐ β˜† βœ‡ Naked Security

Paying ransomware crooks won’t reduce your legal risk, warns regulator

By Paul Ducklin β€” July 12th 2022 at 18:24
"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?

☐ β˜† βœ‡ Naked Security

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

By Paul Ducklin β€” July 7th 2022 at 18:46
Listen now! Or read if you prefer...

☐ β˜† βœ‡ Naked Security

Facebook 2FA phish arrives just 28 minutes after scam domain created

By Paul Ducklin β€” July 1st 2022 at 20:01
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.

☐ β˜† βœ‡ Naked Security

β€œMissing Cryptoqueen” hits the FBI’s Ten Most Wanted list

By Paul Ducklin β€” July 1st 2022 at 16:49
The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.

☐ β˜† βœ‡ Naked Security

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

By Paul Ducklin β€” June 30th 2022 at 12:57
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!

☐ β˜† βœ‡ Naked Security

FTC warns of LGBTQ+ extortion scams – be aware before you share!

By Paul Ducklin β€” June 27th 2022 at 14:58
It's a simple jingle and it's solid advice: "If in doubt, don't give it out!"

☐ β˜† βœ‡ Naked Security

S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]

By Paul Ducklin β€” June 23rd 2022 at 11:08
Latest epsiode - listen (or read) now!

☐ β˜† βœ‡ Naked Security

Capital One identity theft hacker finally gets convicted

By Paul Ducklin β€” June 21st 2022 at 15:24
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!

☐ β˜† βœ‡ Naked Security

Interpol busts 2000 suspects in phone scamming takedown

By Paul Ducklin β€” June 20th 2022 at 18:10
Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...

☐ β˜† βœ‡ Naked Security

S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast]

By Paul Ducklin β€” June 16th 2022 at 16:52
Lastest epsiode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]

By Paul Ducklin β€” June 9th 2022 at 13:07
Latest episode - listen (or read) now!

☐ β˜† βœ‡ Naked Security

S3 Ep85: Now THAT’S what I call a Microsoft Office exploit! [Podcast]

By Paul Ducklin β€” June 2nd 2022 at 18:37
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Beware the Smish! Home delivery scams with a professional feel…

By Paul Ducklin β€” May 30th 2022 at 17:59
Home delivery scams are getting leaner, and meaner, and more likely to "look about right". Here's an example to show you what we mean...

☐ β˜† βœ‡ Naked Security

S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]

By Paul Ducklin β€” May 27th 2022 at 11:17
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Who’s watching your webcam? The Screencastify Chrome extension story…

By Paul Ducklin β€” May 26th 2022 at 12:41
When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.

☐ β˜† βœ‡ Naked Security

Microsoft patches the Patch Tuesday patch that broke authentication

By Paul Ducklin β€” May 20th 2022 at 22:35
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?

☐ β˜† βœ‡ Naked Security

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

By Paul Ducklin β€” May 19th 2022 at 13:56
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]

By Paul Ducklin β€” May 12th 2022 at 15:46
Latest episode - lots to learn - plain English - fun with a serious side - listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]

By Paul Ducklin β€” May 5th 2022 at 14:16
Latest episode - listen now!

☐ β˜† βœ‡ Naked Security

Android monthly updates are out – critical bugs found in critical places!

By Paul Ducklin β€” May 4th 2022 at 15:54
Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...

☐ β˜† βœ‡ Naked Security

S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

By Paul Ducklin β€” April 28th 2022 at 13:18
Latest episode - listen now!

❌