FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Naked Security

Beware bad passwords as attackers co-opt Linux servers into cybercrime

By Paul Ducklin β€” June 21st 2023 at 19:50
Did you prevent password-only logins on your SSH servers? On ALL of them? Are you sure about that?

☐ β˜† βœ‡ Naked Security

Thoughts on scheduled password changes (don’t call them rotations!)

By Paul Ducklin β€” June 9th 2023 at 18:58
Does swapping your password regularly make it a better password?

☐ β˜† βœ‡ Naked Security

S3 Ep133: Apple takes β€œtight-lipped” to a whole new level

By Paul Ducklin β€” May 4th 2023 at 20:59
Entertaining, educational, and all in plain English πŸŽ§πŸ“–

☐ β˜† βœ‡ Naked Security

World Password Day: 2 + 2 = 4

By Paul Ducklin β€” May 4th 2023 at 13:12
We've kept it short and simple, with no sermons, no judgmentalism, no tubthumping... and no BUY NOW buttons. Have a nice day!

☐ β˜† βœ‡ Naked Security

Serious Security: Unravelling the LifeLock β€œhacked passwords” story

By Paul Ducklin β€” January 17th 2023 at 17:59
Four straight-talking tips to improve your online security, whether you're a LifeLock customer or not.

☐ β˜† βœ‡ Naked Security

SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m

By Naked Security writer β€” December 6th 2022 at 17:56
Guilty party got 18 months, also has to pay back $20m he probably hasn't got, which could land him in more hot water.

☐ β˜† βœ‡ Naked Security

LastPass source code breach – incident response report released

By Paul Ducklin β€” September 19th 2022 at 18:59
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.

☐ β˜† βœ‡ Naked Security

LastPass source code breach – do we still recommend password managers?

By Paul Ducklin β€” August 29th 2022 at 16:59
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?

☐ β˜† βœ‡ Naked Security

Slack admits to leaking hashed passwords for five years

By Paul Ducklin β€” August 8th 2022 at 15:14
"When those invitations went out... somehow, your password hash went out with them."

☐ β˜† βœ‡ Naked Security

Critical Samba bug could let anyone become Domain Admin – patch now!

By Paul Ducklin β€” July 27th 2022 at 21:15
It's a serious bug... but there's a fix for it, so you know exactly what to do!

☐ β˜† βœ‡ Naked Security

World Password Day – the 1960s just called and gave you your passwords back

By Paul Ducklin β€” May 5th 2022 at 01:06
Yes, passwords are going away. No, it won't happen tomorrow. So it's still worth knowing the basics of picking proper passwords.

☐ β˜† βœ‡ Naked Security

Phishing goes KISS: Don’t let plain and simple messages catch you out!

By Paul Ducklin β€” April 25th 2022 at 16:58
Sometimes we receive phishing tricks that we grudgingly have to admit are better than average, just because they're uncomplicated.

☐ β˜† βœ‡ Naked Security

IoT devices must β€œprotect consumers from cyberharm”, says UK government

By Paul Ducklin β€” December 2nd 2021 at 19:10
"Must be at least THIS tall to go on ride" seems to be the starting point. Too little, too late? Or better than nothing?

☐ β˜† βœ‡ Naked Security

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

By Paul Ducklin β€” November 25th 2021 at 12:38
Latest episode - listen now! Solid cybersecurity advice in plain English.

☐ β˜† βœ‡ Naked Security

GoDaddy admits to password breach: check your Managed WordPress site!

By Paul Ducklin β€” November 23rd 2021 at 00:35
GoDaddy found crooks in its network, and kicked them out - but not before they'd been in there for six weeks.

☐ β˜† βœ‡ Naked Security

The self-driving smart suitcase… that the person behind you can hijack!

By Paul Ducklin β€” November 16th 2021 at 21:09
Apparently, we need a self-driving IoT Bluetooth robot suitcase. Who knew?

❌