Login
FreshRSS
Login
Naked Security
Apple patch fixes zero-day kernel hole reported by Kaspersky β update now!
By
Paul Ducklin
β June 22
nd
2023 at 00:36
Apple didn't use the words "Triangulation Trojan", but you probably will.
Naked Security
ASUS warns router customers: Patch now, or block all inbound requests
By
Paul Ducklin
β June 20
th
2023 at 18:14
"Do as we say, not as we do!" - The patches took ages to come out, but don't let that lure you into taking ages to install them.
Naked Security
Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes
By
Paul Ducklin
β June 13
th
2023 at 23:32
No zero-days this month, if you ignore the Edge RCE hole patched last week
Naked Security
Firefox 114 is out: No 0-days, but one fascinating βteachable momentβ bug
By
Paul Ducklin
β June 7
th
2023 at 19:59
With the right (or wrong, if you're on the right side of the fence) timing...
Naked Security
Apple delivers first-ever Rapid Security Response βcyberattackβ patch β leaves some users confused
By
Paul Ducklin
β May 1
st
2023 at 20:46
Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...
Naked Security
Double zero-day in Chrome and Edge β check your versions now!
By
Paul Ducklin
β April 24
th
2023 at 19:59
Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?
Naked Security
Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot
By
Paul Ducklin
β April 12
th
2023 at 18:57
Is Secure Boot without the Secure just "Boot"?
Naked Security
Dangerous Android phone 0-day bugs revealed β patch or work around them now!
By
Paul Ducklin
β March 17
th
2023 at 19:56
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
Naked Security
S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]
By
Paul Ducklin
β March 16
th
2023 at 17:56
Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!
Naked Security
Microsoft fixes two 0-days on Patch Tuesday β update now!
By
Paul Ducklin
β March 15
th
2023 at 00:06
An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.
Naked Security
S3 Ep122: Stop calling every breach βsophisticatedβ! [Audio + Text]
By
Paul Ducklin
β February 16
th
2023 at 17:46
Latest episode - listen now! (Full transcript inside.)
Naked Security
Microsoft Patch Tuesday: 36 RCE bugs, 3 zero-days, 75 CVEs
By
Paul Ducklin
β February 14
th
2023 at 22:12
Lots of lovely patches for your Valentine's Day delight. Get 'em as soon as you can...
Naked Security
VMWare user? Worried about βESXi ransomwareβ? Check your patches now!
By
Paul Ducklin
β February 7
th
2023 at 19:59
To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!
Naked Security
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
By
Paul Ducklin
β January 11
th
2023 at 00:22
Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...
Naked Security
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
By
Paul Ducklin
β December 14
th
2022 at 01:13
Tales of derring-do in the cyberunderground! (And some zero-days.)
Naked Security
Apple pushes out iOS security update thatβs more tight-lipped than ever
By
Paul Ducklin
β December 2
nd
2022 at 21:02
We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...
Naked Security
Firefox fixes fullscreen fakery flaw β get the update now!
By
Paul Ducklin
β November 16
th
2022 at 19:51
What's so bad about a web page going fullscreen without warning you first?
Naked Security
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
By
Paul Ducklin
β November 10
th
2022 at 17:26
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Naked Security
Exchange 0-days fixed (at last) β plus 4 brand new Patch Tuesday 0-days!
By
Paul Ducklin
β November 9
th
2022 at 19:58
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
By
Paul Ducklin
β November 3
rd
2022 at 17:51
Listen now - latest episode - audio plus full transcript
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that βisnβt a security flawβ [Audio + Text]
By
Paul Ducklin
β October 20
th
2022 at 18:54
The coolest video game ever! And lots of solid cybersecurity advice - listen now!
pic-1200
Naked Security
Patch Tuesday in brief β one 0-day fixed, but no patches for Exchange!
By
Paul Ducklin
β October 12
th
2022 at 16:58
There's a zero-day patch, but it's not for the zero-day you thought.
Naked Security
Chrome and Edge fix zero-day security hole β update now!
By
Paul Ducklin
β September 5
th
2022 at 15:12
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.
Naked Security
Firefox 104 is out β no critical bugs, but update anyway
By
Paul Ducklin
β August 26
th
2022 at 16:27
Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.
Naked Security
Firefox 102 fixes address bar spoofing security hole (and helps with Follina!)
By
Paul Ducklin
β June 29
th
2022 at 16:11
Firefox squashes a bug that helped phishers, and brings its own helping hand to Microsoft's "Follina" saga.
Naked Security
Follina gets fixed β but itβs not listed in the Patch Tuesday patches!
By
Paul Ducklin
β June 15
th
2022 at 01:20
We tried it out to make sure, so you don't have to.
Naked Security
Firefox 101 is out, this time with no 0-day scares (but update anyway!)
By
Paul Ducklin
β June 1
st
2022 at 14:31
After an intriguing month of Firefox releases, here's one with a bit less drama, probably to the collective relief of Mozilla's coders.
Naked Security
S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
By
Paul Ducklin
β May 27
th
2022 at 11:17
Latest episode - listen now!
Naked Security
Microsoft patches the Patch Tuesday patch that broke authentication
By
Paul Ducklin
β May 20
th
2022 at 22:35
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
Naked Security
Apple patches zero-day kernel hole and much more β update now!
By
Paul Ducklin
β May 17
th
2022 at 09:30
You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.
Naked Security
Android monthly updates are out β critical bugs found in critical places!
By
Paul Ducklin
β May 4
th
2022 at 15:54
Android May 2022 updates are out - with some critical fixes in some critical places. Learn more...
Naked Security
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
By
Paul Ducklin
β April 7
th
2022 at 12:24
Latest episode - listen now! Cybersecurity news and advice in plain English.
Naked Security
Firefox 99 is out β no major bugs, but update anyway!
By
Paul Ducklin
β April 5
th
2022 at 16:21
Firefox's four-weekly updates just dropped - here's what you need to know.
Naked Security
Googleβs monthly Android updates patch numerous βget rootβ holes
By
Paul Ducklin
β April 5
th
2022 at 14:44
Get the update now... if it's available for your phone. Here's how to check.
android-1200
Naked Security
Apple patches 87 security holes β from iPhones and Macs to Windows
By
Paul Ducklin
β March 15
th
2022 at 16:36
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.
apple-1200
Naked Security
Apple fixes Safari data leak (and patches a zero-day!) β update now
By
Paul Ducklin
β January 27
th
2022 at 21:09
That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.
apple-1200
Naked Security
Wormable Windows HTTP hole β what you need to know
By
Paul Ducklin
β January 12
th
2022 at 16:24
One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".
Naked Security
FTC threatens βlegal actionβ over unpatched Log4j and other vulns
By
Paul Ducklin
β January 5
th
2022 at 19:37
Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!
Naked Security
Log4Shell vulnerability Number Four: βMuch ado about somethingβ
By
Paul Ducklin
β December 29
th
2021 at 19:12
It's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one.
Naked Security
Serious Security: OpenSSL fixes βerror conflationβ bugs β how mixing up mistakes can lead to trouble
By
Paul Ducklin
β December 17
th
2021 at 17:57
Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!
Naked Security
Apple security updates are out β and not a Log4Shell mention in sight
By
Paul Ducklin
β December 14
th
2021 at 12:55
Get 'em while they're hot!
Naked Security
Check your patches β public exploit now out for critical Exchange bug
By
Paul Ducklin
β November 23
rd
2021 at 14:36
It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.
Naked Security
Patch Tuesday updates the Win 7 updater⦠for at most 1 more year of updates
By
Paul Ducklin
β November 10
th
2021 at 19:45
The clock stopped long ago on Windows 7, except for those who paid for overtime. But there won't be any double overtime!
There are no more articles
β
Mark all as read