Login
FreshRSS
Login
Naked Security
Performance and security clash yet again in βCollide+Powerβ attack
By
Paul Ducklin
β August 2
nd
2023 at 23:36
It's a real vulnerability, but the data leakage rate can be as low as... let's just say that an IMAX-quality copy of the new "Oppenheimer" movie could take you 4 billion years to exfiltrate.
Naked Security
Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs
By
Paul Ducklin
β July 10
th
2023 at 23:12
Don't delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit.
Naked Security
Belkin Wemo Smart Plug V2 β the buffer overflow that wonβt be patched
By
Paul Ducklin
β May 16
th
2023 at 17:59
Yes, it's a buffer overflow bug. No, it's not going get fixed.
Naked Security
Popular JWT cloud security library patches βremoteβ code execution hole
By
Paul Ducklin
β January 10
th
2023 at 19:59
It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.
Naked Security
S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text]
By
Paul Ducklin
β December 22
nd
2022 at 19:56
Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.
Naked Security
Online ticketing company βSeeβ pwned for 2.5 years by attackers
By
Paul Ducklin
β October 26
th
2022 at 19:58
Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.
Naked Security
Fashion brand SHEIN fined $1.9m for lying about data breach
By
Naked Security writer
β October 17
th
2022 at 18:50
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Naked Security
Interested in cybersecurity? Join us for Security SOS Week 2022!
By
Paul Ducklin
β September 21
st
2022 at 14:24
Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.
Naked Security
URGENT! Apple slips out zero-day update for older iPhones and iPads
By
Paul Ducklin
β August 31
st
2022 at 18:42
Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.
Naked Security
Youβre invited! Join us for a live walkthrough of the βFollinaβ storyβ¦
By
Paul Ducklin
β June 13
th
2022 at 16:28
Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!
Naked Security
S3 Ep85: Now THATβS what I call a Microsoft Office exploit! [Podcast]
By
Paul Ducklin
β June 2
nd
2022 at 18:37
Latest episode - listen now!
Naked Security
Whoβs watching your webcam? The Screencastify Chrome extension storyβ¦
By
Paul Ducklin
β May 26
th
2022 at 12:41
When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.
Naked Security
S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast]
By
Paul Ducklin
β April 14
th
2022 at 13:39
Latest episode - listen now!
Naked Security
Serious Security: Darkweb drugs market Hydra taken offline by German police
By
Paul Ducklin
β April 6
th
2022 at 16:22
Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English...
Naked Security
Serious Security: Apple Safari leaks private data via database API β what you need to know
By
Paul Ducklin
β January 18
th
2022 at 19:23
There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing
Naked Security
Apacheβs other product: Critical bugs in βhttpdβ web server, patch now!
By
Paul Ducklin
β December 21
st
2021 at 19:57
The Apache web server just got an update - this one is nothing to do with Log4j!
There are no more articles
β
Mark all as read