S3 Ep145: Bugs With Impressive Names!

By Paul Ducklin — July 27^th 2023 at 18:47

Fascinating fun (with a serious and educational side) - listen now! Full transcript available inside.

Naked Security

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day

By Paul Ducklin — July 24^th 2023 at 23:18

Another month, another patch for in-the-wild iPhone malware (and a whole lot more).

Naked Security

Apple silently pulls its latest zero-day update – what now?

By Paul Ducklin — July 11^th 2023 at 15:21

Previously, we said "do it today", but now we're forced back on: "Do not delay; do it as soon as Apple and your device will let you."

Naked Security

Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs

By Paul Ducklin — July 10^th 2023 at 23:12

Don't delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit.

Naked Security

S3 Ep141: What was Steve Jobs’s first job?

By Paul Ducklin — June 29^th 2023 at 16:58

Latest episode - listen now! (Full transcript inside.)

Naked Security

Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!

By Paul Ducklin — June 22^nd 2023 at 00:36

Apple didn't use the words "Triangulation Trojan", but you probably will.

Naked Security

Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

By Paul Ducklin — May 19^th 2023 at 01:02

All Apple users have zero-days that need patching, though some have more zero-days than others.

Naked Security

S3 Ep133: Apple takes “tight-lipped” to a whole new level

By Paul Ducklin — May 4^th 2023 at 20:59

Entertaining, educational, and all in plain English 🎧📖

Naked Security

Tracked by hidden tags? Apple and Google unite to propose safety and security standards…

By Paul Ducklin — May 3^rd 2023 at 19:58

To bleat, or not to bleat, that is the question.

Naked Security

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

By Paul Ducklin — May 1^st 2023 at 20:46

Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

Naked Security

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

By Paul Ducklin — April 30^th 2023 at 01:23

These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short.

Naked Security

S3 Ep131: Can you really have fun with FORTRAN?

By Paul Ducklin — April 20^th 2023 at 17:55

Loop-the-loop in this week's episode. Entertaining, educational and all in plain English. Transcript inside.

Naked Security

FBI and FCC warn about “Juicejacking” – but just how useful is their advice?

By Paul Ducklin — April 17^th 2023 at 18:17

USB charging stations - can you trust them? What are the real risks, and how can you keep your data safe on the road?

Naked Security

S3 Ep130: Open the garage bay doors, HAL [Audio + Text]

By Paul Ducklin — April 13^th 2023 at 16:54

I'm sorry, Dave. I'm afraid I can't... errr, no, hang on a minute, I can do that easily! Worldwide! Right now!

Naked Security

Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads

By Paul Ducklin — April 10^th 2023 at 20:20

That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices - patch now!

Naked Security

Apple issues emergency patches for spyware-style 0-day exploits – update now!

By Paul Ducklin — April 8^th 2023 at 01:20

A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International.

Naked Security

S3 Ep128: So you want to be a cybercriminal? [Audio + Text]

By Paul Ducklin — March 30^th 2023 at 19:43

Latest episode - listen now!

Naked Security

Apple patches everything, including a zero-day fix for iOS 15 users

By Paul Ducklin — March 28^th 2023 at 00:23

Got an older iPhone that can't run iOS 16? You've got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too.

Naked Security

S3 Ep124: When so-called security apps go rogue [Audio + Text]

By Paul Ducklin — March 2^nd 2023 at 19:40

Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!

s3-ep124-auth--1200

Naked Security

S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]

By Paul Ducklin — February 16^th 2023 at 17:46

Latest episode - listen now! (Full transcript inside.)

Naked Security

Apple fixes zero-day spyware implant bug – patch now!

By Paul Ducklin — February 14^th 2023 at 19:08

Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!

Naked Security

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

By Paul Ducklin — January 26^th 2023 at 19:57

Lastest episode - listen now! (Or read the transcript.)

Naked Security

Apple patches are out – old iPhones get an old zero-day fix at last!

By Paul Ducklin — January 24^th 2023 at 01:24

Don't delay, especially if you're still running an iOS 12 device... please do it today!

Naked Security

Microsoft dishes the dirt on Apple’s “Achilles heel” shortly after fixing similar Windows bug

By Paul Ducklin — December 20^th 2022 at 17:59

It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.

Naked Security

S3 Ep113: Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text]

By Paul Ducklin — December 15^th 2022 at 17:10

Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!

Naked Security

Apple patches everything, finally reveals mystery of iOS 16.1.2

By Paul Ducklin — December 14^th 2022 at 02:11

There's an update for everything this time, not just for iOS.

Naked Security

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

By Paul Ducklin — December 9^th 2022 at 16:46

Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.

Naked Security

Apple pushes out iOS security update that’s more tight-lipped than ever

By Paul Ducklin — December 2^nd 2022 at 21:02

We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...

Naked Security

S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]

By Paul Ducklin — November 17^th 2022 at 17:52

Latest episode - listen now! Cybersecurity news plus loads of great advice...

Naked Security

Emergency code execution patch from Apple – but not an 0-day

By Paul Ducklin — November 10^th 2022 at 01:49

Not a zero-day, but important enough for a quick-fire patch to one system library...

Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By Paul Ducklin — November 3^rd 2022 at 17:51

Listen now - latest episode - audio plus full transcript

Naked Security

Updates to Apple’s zero-day update story – iPhone and iPad users read this!

By Paul Ducklin — October 28^th 2022 at 18:04

Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day for iOS 15...

Naked Security

Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!

By Paul Ducklin — October 25^th 2022 at 18:03

Ventura hits the market with 112 patches, Catalina's gone missing, and iPhones and iPads get a critical kernel-level zero-day patch...

Naked Security

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

By Paul Ducklin — October 13^th 2022 at 16:37

Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...

Naked Security

Mystery iPhone update patches against iOS 16 mail crash-attack

By Paul Ducklin — October 11^th 2022 at 00:28

The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages...

Naked Security

Apple patches zero-day holes – even in the brand new iOS 16

By Paul Ducklin — September 12^th 2022 at 21:25

Five updates, one upgrade, plus two zero-days. Patch your Macs, iPhones and iPads as soon as you can (again)...

apple-plus-16-1200

Naked Security

URGENT! Apple slips out zero-day update for older iPhones and iPads

By Paul Ducklin — August 31^st 2022 at 18:42

Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.

Naked Security

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

By Paul Ducklin — August 25^th 2022 at 15:37

Latest episode - listen now! (Or read the transcript if you prefer the text version.)

Naked Security

Apple patches double zero-day in browser and kernel – update now!

By Paul Ducklin — August 17^th 2022 at 23:33

Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!

Naked Security

S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

By Paul Ducklin — July 28^th 2022 at 15:47

Latest episode - listen now!

Naked Security

Apple patches “0-day” browser bug fixed 2 weeks ago in Chrome, Edge

By Paul Ducklin — July 21^st 2022 at 12:38

One vendor's zero-day is another vendor's routine patch...

Naked Security

S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast]

By Paul Ducklin — June 16^th 2022 at 16:52

Lastest epsiode - listen now!

Naked Security

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

By Paul Ducklin — May 19^th 2022 at 13:56

Latest episode - listen now!

Naked Security

Apple patches zero-day kernel hole and much more – update now!

By Paul Ducklin — May 17^th 2022 at 09:30

You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.

Naked Security

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

By Paul Ducklin — April 7^th 2022 at 12:24

Latest episode - listen now! Cybersecurity news and advice in plain English.

Naked Security

Apple pushes out two emergency 0-day updates – get ’em now!

By Paul Ducklin — March 31^st 2022 at 23:38

More Apple zero-days - mobile devices, laptops and desktops affected. Update now!

apple-1200

Naked Security

S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]

By Paul Ducklin — March 17^th 2022 at 13:32

Latest episode - listen now!

Naked Security

Beware bogus Betas – cryptocoin scammers abuse Apple’s TestFlight system

By Paul Ducklin — March 16^th 2022 at 15:49

"Install this moneymaking app" - this one is so special that it isn't available on Google Play or the App Store!

Naked Security

Apple patches 87 security holes – from iPhones and Macs to Windows

By Paul Ducklin — March 15^th 2022 at 16:36

Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.

apple-1200

Naked Security

S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript]

By Paul Ducklin — March 3^rd 2022 at 14:04

Latest episode - listen now (or read it, if that's your preference)...

Naked Security

Apple AirTag anti-stalking protection bypassed by researchers

By Paul Ducklin — February 23^rd 2022 at 17:59

Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.

Naked Security

S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript]

By Paul Ducklin — February 17^th 2022 at 17:12

Latest episode - listen and learn!

Naked Security

Apple zero-day drama for Macs, iPhones and iPads – patch now!

By Paul Ducklin — February 11^th 2022 at 14:25

Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now...

apple-1200

Naked Security

S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]

By Paul Ducklin — February 3^rd 2022 at 16:20

Latest episode - listen now!

Naked Security

Apple fixes Safari data leak (and patches a zero-day!) – update now

By Paul Ducklin — January 27^th 2022 at 21:09

That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.

apple-1200

Naked Security

S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]

By Paul Ducklin — January 20^th 2022 at 17:28

Latest epsiode - listen now!

Naked Security

Serious Security: Apple Safari leaks private data via database API – what you need to know

By Paul Ducklin — January 18^th 2022 at 19:23

There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing

Naked Security

S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]

By Paul Ducklin — January 6^th 2022 at 19:44

We're back for 2022 - listen now!

Naked Security

Apple Home software bug could lock you out of your iPhone

By Paul Ducklin — January 4^th 2022 at 17:23

The finder of this bug insists it "poses a serious risk". We're not so sure, but we recommend you take steps to avoid it anyway.

Naked Security

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]

By Paul Ducklin — December 16^th 2021 at 17:41

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)