S3 Ep128: So you want to be a cybercriminal? [Audio + Text]

By Paul Ducklin — March 30^th 2023 at 19:43

Latest episode - listen now!

Naked Security

S3 Ep127: When you chop someone out of a photo, but there they are anyway…

By Paul Ducklin — March 23^rd 2023 at 17:59

Listen now - latest episode. Full transcript inside.

Naked Security

Google Pixel phones had a serious data leakage bug – here’s what to do!

By Paul Ducklin — March 21^st 2023 at 17:58

What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?

Naked Security

Dangerous Android phone 0-day bugs revealed – patch or work around them now!

By Paul Ducklin — March 17^th 2023 at 19:56

Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.

Naked Security

S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]

By Paul Ducklin — March 16^th 2023 at 17:56

Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!

Naked Security

S3 Ep124: When so-called security apps go rogue [Audio + Text]

By Paul Ducklin — March 2^nd 2023 at 19:40

Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!

s3-ep124-auth--1200

Naked Security

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

By Paul Ducklin — January 26^th 2023 at 19:57

Lastest episode - listen now! (Or read the transcript.)

Naked Security

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

By Paul Ducklin — December 9^th 2022 at 16:46

Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.

Naked Security

Number Nine! Chrome fixes another 2022 zero-day, Edge patched too

By Paul Ducklin — December 5^th 2022 at 20:58

Ninth more unto the breach, dear friends, ninth more.

Naked Security

Chrome fixes 8th zero-day of 2022 – check your version now (Edge too!)

By Paul Ducklin — November 28^th 2022 at 19:42

There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!

Naked Security

Dangerous SIM-swap lockscreen bypass – update Android now!

By Paul Ducklin — November 11^th 2022 at 19:59

A bit like leaving the front door keys under the doormat...

Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By Paul Ducklin — November 3^rd 2022 at 17:51

Listen now - latest episode - audio plus full transcript

Naked Security

Chrome issues urgent zero-day fix – update now!

By Paul Ducklin — October 29^th 2022 at 15:08

We've said it before/And we'll say it again/It's not *if* you should patch/It's a matter of *when*. (Hint: now!)

Naked Security

WhatsApp goes after Chinese password scammers via US court

By Paul Ducklin — October 7^th 2022 at 18:14

If you can't beat 'em, sue 'em!

Naked Security

Chrome and Edge fix zero-day security hole – update now!

By Paul Ducklin — September 5^th 2022 at 15:12

This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.

Naked Security

Chrome patches 24 security holes, enables “Sanitizer” safety system

By Paul Ducklin — August 31^st 2022 at 11:48

24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.

Naked Security

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

By Paul Ducklin — August 25^th 2022 at 15:37

Latest episode - listen now! (Or read the transcript if you prefer the text version.)

Naked Security

Chrome browser gets 11 security fixes with 1 zero-day – update now!

By Paul Ducklin — August 17^th 2022 at 13:16

Don't delay - patch today.

Naked Security

S3 Ep90: Chrome 0-day again, True Cybercrime, and a 2FA bypass [Podcast + Transcript]

By Paul Ducklin — July 7^th 2022 at 18:46

Listen now! Or read if you prefer...

Naked Security

Google patches “in-the-wild” Chrome zero-day – update now!

By Paul Ducklin — July 5^th 2022 at 15:55

Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...

Naked Security

You didn’t leave enough space between ROSE and AND, and AND and CROWN

By Paul Ducklin — May 6^th 2022 at 16:59

What weird Google Docs bug connects the words THEREFORE, AND, SECONDLY, WHY, BUT and BESIDES?

Naked Security

Android monthly updates are out – critical bugs found in critical places!

By Paul Ducklin — May 4^th 2022 at 15:54

Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...

Naked Security

Yet another Chrome zero-day emergency update – patch now!

By Paul Ducklin — April 16^th 2022 at 00:33

The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP.

Naked Security

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

By Paul Ducklin — April 7^th 2022 at 12:24

Latest episode - listen now! Cybersecurity news and advice in plain English.

Naked Security

Google’s monthly Android updates patch numerous “get root” holes

By Paul Ducklin — April 5^th 2022 at 14:44

Get the update now... if it's available for your phone. Here's how to check.

android-1200

Naked Security

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

By Paul Ducklin — March 31^st 2022 at 13:38

Latest episode - listen now!

Naked Security

Google Chrome patches mysterious new zero-day bug – update now

By Paul Ducklin — March 28^th 2022 at 14:18

CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!

Naked Security

“Dirty Pipe” Linux kernel bug lets anyone write to any file

By Paul Ducklin — March 8^th 2022 at 19:37

Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.

pipe-1200

Naked Security

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

By Paul Ducklin — February 17^th 2022 at 17:12

Latest episode - listen and learn!

Naked Security

Google announces zero-day in Chrome browser – update now!

By Paul Ducklin — February 15^th 2022 at 19:17

Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week"

Naked Security

Cloud Security: Don’t wait until your next bill to find out about an attack!

By Paul Ducklin — November 26^th 2021 at 19:58

Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.