Naked Security

Mom’s Meals issues “Notice of Data Event”: What to know and what to do

It took six months for notifications to start, and we still don't know exactly what went down... but here's our advice on what to do.

Naked Security

Crimeware server used by NetWalker ransomware seized and shut down

The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back...

Naked Security

SEC demands four-day disclosure limit for cybersecurity breaches

When is a ransomware attack a reportable matter? And how long have you got to decide?

Naked Security

Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

Technically, it's "up to $10 million", but it's potentially a LOT of money, nevertheless...

Naked Security

“The Ransomware Documentary” – brand new video series from Sophos starting now!

Get the full 360-degree view of ransomware

Naked Security

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…

Little Bobby Tables is back!

Naked Security

S3 Ep137: 16th century crypto skullduggery

Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)

Naked Security

Ransomware tales: The MitM attack that really had a Man in the Middle

Another traitorous sysadmin story, this one busted by system logs that gave his game away...

Naked Security

US offers $10m bounty for Russian ransomware suspect outed in indictment

"Up to $10 million for information that leads to the arrest and/or conviction of this defendant."

Naked Security

Whodunnit? Cybercrook gets 6 years for ransoming his own employer

Not just an active adversary, but a two-faced one, too.

Naked Security

S3 Ep134: It’s a PRIVATE key – the hint is in the name!

Latest episode - listen now! (Full transcript inside.)

Naked Security

Attention gamers! Motherboard maker MSI admits to breach, issues “rogue firmware” alert

Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.

Naked Security

World Backup Day is here again – 5 tips to keep your precious data safe

The only backup you will ever regret is the one you didn't make...

Naked Security

S3 Ep125: When security hardware has security holes [Audio + Text]

Lastest episode - listen now! (Full transcript inside.)

Naked Security

DoppelPaymer ransomware supsects arrested in Germany and Ukraine

Devices seized, suspects interrogated and arrested, allegedly connected to devastating cyberattack on University Hospital in Düsseldorf.

Naked Security

Feds warn about right Royal ransomware rampage that runs the gamut of TTPs

Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?

Naked Security

S3 Ep124: When so-called security apps go rogue [Audio + Text]

Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!

Naked Security

Dutch police arrest three cyberextortion suspects who allegedly earned millions

Ever paid hush money to crooks who broke into your network? Wondered how much you can trust them?

Naked Security

S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

Latest epsiode. Listen now!

Naked Security

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!

Naked Security

S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

Latest episode - listen now!

Naked Security

Hive ransomware servers shut down at last, says FBI

Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...

Naked Security

S3 Ep115: True crime stories – A day in the life of a cybercrime fighter [Audio + Text]

Listen now - you'll be alarmed, amused and educated, all in equal measure. (Full transcript in article.)

Naked Security

S3 Ep106: Facial recognition without consent – should it be banned?

Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!

Naked Security

When cops hack back: Dutch police fleece DEADBOLT criminals (legally!)

Crooks: Show us the money! Cops: How about you show us the decryption keys first?

Naked Security

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...

Naked Security

NetWalker ransomware affiliate sentenced to 20 years by Florida court

Judge tells the accused that if he hadn't pleaded guilty, "I would have given you life."

Naked Security

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...

Naked Security

DEADBOLT ransomware rears its head again, attacks QNAP devices

NAS devices make it easy for anyone to add high-capacity file servers to their network. Guess why cybercrooks love NAS devices too...

Naked Security

S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]

Latest episode - listen now (or read if you prefer!)

Naked Security

US offers reward “up to $10 million” for information about the Conti gang

Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)

Naked Security

S3 Ep91: CodeRed, OpenSSL, Java bugs, Office macros [Audio + Text]

Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

Naked Security

Paying ransomware crooks won’t reduce your legal risk, warns regulator

"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?

Naked Security

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

Bust in Canada, now bust in the USA as well.

Naked Security

Know your enemy! Learn how cybercrime adversaries get in…

Here's how 144 recent attacks actually went down in real life. Don't let this happen to you!

Naked Security

Colonial Pipeline facing $1,000,000 fine for poor recovery plans

How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here's some real-life advice...

Naked Security

S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

Latest episode - listen now!

Naked Security

Ransomware Survey 2022 – like the Curate’s Egg, “good in parts”

You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look!

Naked Security

LAPSUS$ hacks continue despite two hacker suspects in court

Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?

Naked Security

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

Latest episode - listen now!

Naked Security

World Backup Day: 5 data recovery tips for everyone!

The only backup you will ever regret is the one you didn't make

Naked Security

Serious Security: DEADBOLT – the ransomware that goes straight for your backups

Some tips on how to keep your network safe - even (or perhaps especially!) if you think you're safe already.

Naked Security

Alleged Kaseya ransomware attacker arrives in Texas for trial

The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...

Naked Security

S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]

Latest episode - listen now!

Naked Security

Ransomware with a difference: “Derestrict your software, or else!”

"Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets.

Naked Security

REvil ransomware crew allegedly busted in Russia, says FSB

The Russian Federal Security Bureau has just published a report about the investigation and arrest of the infamous "REvil" ransomware crew.

Naked Security

Emotet malware: “The report of my death was an exaggeration”

"Old malware rarely dies." The best way to predict the future is to look at the past... if it worked before, it will probably work again.

Naked Security

S3 Ep58: Faces on Facebook, scams that pose as complaints, and a Kaseya bust [Podcast]

Latest epsiode - listen now!

Naked Security

Kaseya ransomware suspect nabbed in Poland, $6m seized from absent colleague

Suspects nabbed, millions seized, in ransomware busts across the globe.

Naked Security

S3 Ep57: Europol v. Ransomware, Shrootless bug, and Linux browser flamewars [Podcast]

Latest episode - listen now!

Naked Security

Europol announces “targeting” of 12 suspects in ransomware attacks

More anti-ransomware activity by law enforcement, this time in Switzerland and Ukraine.

Naked Security

S3 Ep56: Cryptotrading rodent, ransomware hackback, and a Docusign phish [Podcast]

Latest episode - listen now! Serious security explained with personality in plain English.

Naked Security

Listen up 2 – CYBERSECURITY FIRST! How to protect yourself from supply chain attacks

Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.

Naked Security

Listen up 3 – CYBERSECURITY FIRST! Cyberinsurance, help or hindrance?

Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, takes on the controversial topic of cyberinsurance.

Naked Security

REvil ransomware gang allegedly forced offline by law enforcement counterattacks

One down. Lots more to go. Here's what to do...