Hacking police radios: 30-year-old crypto flaws in the spotlight

By Paul Ducklin — July 24^th 2023 at 16:59

"Three may keep a secret, if two of them are dead."

Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes

By Paul Ducklin — June 13^th 2023 at 23:32

No zero-days this month, if you ignore the Edge RCE hole patched last week

S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw” [Audio + Text]

By Paul Ducklin — October 20^th 2022 at 18:54

The coolest video game ever! And lots of solid cybersecurity advice - listen now!

pic-1200

Serious Security: Microsoft Office 365 attacked over feeble encryption

By Paul Ducklin — October 14^th 2022 at 16:59

How 2022 is your encryption?

Office macro security: on-again-off-again feature now BACK ON AGAIN!

By Paul Ducklin — July 23^rd 2022 at 01:10

20 years to turn it on, then 20 weeks to turn it off, then just 2 weeks to turn it back on again. That's progress!

That didn’t last! Microsoft turns off the Office security it just turned on

By Paul Ducklin — July 11^th 2022 at 13:27

An Office anti-malware setting that took more than 20 years to arrive... and fewer than 20 weeks to vanish again.

Mysterious “Follina” zero-day hole in Office – here’s what to do!

By Paul Ducklin — May 30^th 2022 at 23:01

News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!

At last! Office macros from the internet to be blocked by default

By Paul Ducklin — February 8^th 2022 at 16:34

It's been a long time coming, and we're not there yet, but at least Microsoft Office will be a bit safer against macro malware...