FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Naked Security

S3 Ep136: Navigating a manic malware maelstrom

By Paul Ducklin β€” May 25th 2023 at 16:50
Latest episode - listen now. Full transcript inside...

☐ β˜† βœ‡ Naked Security

PyPI open-source code repository deals with manic malware maelstrom

By Paul Ducklin β€” May 23rd 2023 at 18:45
Controlled outage used to keep malware marauders from gumming up the works. Learn what you can do to help in future...

☐ β˜† βœ‡ Naked Security

PHP Packagist supply chain poisoned by hacker β€œlooking for a job”

By Paul Ducklin β€” May 5th 2023 at 16:59
I pwned you! Gizza job! You know it makes sense!

☐ β˜† βœ‡ Naked Security

Attention gamers! Motherboard maker MSI admits to breach, issues β€œrogue firmware” alert

By Paul Ducklin β€” April 11th 2023 at 18:58
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.

☐ β˜† βœ‡ Naked Security

S3 Ep129: When spyware arrives from someone you trust

By Paul Ducklin β€” April 6th 2023 at 14:57
Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days... listen now!

☐ β˜† βœ‡ Naked Security

S3 Ep113: Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text]

By Paul Ducklin β€” December 15th 2022 at 17:10
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!

☐ β˜† βœ‡ Naked Security

TikTok β€œInvisible Challenge” porn malware puts us all at risk

By Paul Ducklin β€” November 29th 2022 at 19:58
An injury to one is an injury to all. Especially if the other people are part of your social network.

☐ β˜† βœ‡ Naked Security

GitHub blighted by β€œresearcher” who created thousands of malicious projects

By Paul Ducklin β€” August 3rd 2022 at 23:06
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.

☐ β˜† βœ‡ Naked Security

Poisoned Python and PHP packages purloin passwords for AWS access

By Paul Ducklin β€” May 24th 2022 at 23:04
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.

☐ β˜† βœ‡ Naked Security

GitHub issues final report on supply-chain source code intrusions

By Paul Ducklin β€” April 29th 2022 at 16:15
Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.

☐ β˜† βœ‡ Naked Security

S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]

By Paul Ducklin β€” January 13th 2022 at 15:26
Latest episode -listen to it or read it now!

☐ β˜† βœ‡ Naked Security

JavaScript developer destroys own projects in supply chain β€œlesson”

By Paul Ducklin β€” January 11th 2022 at 00:54
Two popular open source JavaScript packages recently got "hacked" in a symbolic gesture by the original project creator.

☐ β˜† βœ‡ Naked Security

Listen up 2 – CYBERSECURITY FIRST! How to protect yourself from supply chain attacks

By Paul Ducklin β€” October 25th 2021 at 16:38
Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.

❌