S3 Ep149: How many cryptographers does it take to change a light bulb?

By Paul Ducklin — August 24^th 2023 at 18:50

Latest episode - listen now! Full transcript inside...

Naked Security

S3 Ep148: Remembering crypto heroes

By Paul Ducklin — August 17^th 2023 at 19:43

Celebrating the true crypto bros. Listen now (full transcript available).

Naked Security

S3 Ep147: What if you type in your password during a meeting?

By Paul Ducklin — August 10^th 2023 at 13:34

Latest episode - listen now! (Full transcript inside.)

Naked Security

Serious Security: Why learning to touch-type could protect you from audio snooping

By Paul Ducklin — August 8^th 2023 at 18:51

Fast, quiet, smooth, consistent and low impact... why true hacker-grade touch-typing might keep you more secure.

Naked Security

S3 Ep146: Tell us about that breach! (If you want to.)

By Paul Ducklin — August 3^rd 2023 at 17:56

Serious security stories explained clearly in plain English - listen now. (Full transcript available.)

Naked Security

Firefox fixes a flurry of flaws in the first of two releases this month

By Paul Ducklin — August 1^st 2023 at 19:28

No zero-days, but some interesting patches with their very own "teachable moments".

Firefox

Naked Security

S3 Ep145: Bugs With Impressive Names!

By Paul Ducklin — July 27^th 2023 at 18:47

Fascinating fun (with a serious and educational side) - listen now! Full transcript available inside.

Naked Security

S3 Ep144: When threat hunting goes down a rabbit hole

By Paul Ducklin — July 20^th 2023 at 14:58

Latest episode - check it out now!

Naked Security

S3 Ep143: Supercookie surveillance shenanigans

By Paul Ducklin — July 13^th 2023 at 16:48

Latest episode - listen now! (Full transcript inside.)

Naked Security

Microsoft patches four zero-days, finally takes action against crimeware kernel drivers

By Paul Ducklin — July 12^th 2023 at 18:57

Here's a brief reminder to do two things. The first is to patch. The second is to read up why it's a good idea to patch...

Naked Security

Apple silently pulls its latest zero-day update – what now?

By Paul Ducklin — July 11^th 2023 at 15:21

Previously, we said "do it today", but now we're forced back on: "Do not delay; do it as soon as Apple and your device will let you."

Naked Security

Serious Security: Rowhammer returns to gaslight your computer

By Paul Ducklin — July 10^th 2023 at 21:22

Gaslights produce a telltale flicker when nearby lamps are lit; DRAM values do something similar when nearby memory cells are accessed.

Naked Security

S3 Ep142: Putting the X in X-Ops

By Paul Ducklin — July 6^th 2023 at 19:58

How to get all your corporate "Ops" teams working together, with cybersecurity correctness as a guiding light.

s3-ep100-js-1200

Naked Security

S3 Ep141: What was Steve Jobs’s first job?

By Paul Ducklin — June 29^th 2023 at 16:58

Latest episode - listen now! (Full transcript inside.)

Naked Security

S3 Ep140: So you think you know ransomware?

By Paul Ducklin — June 22^nd 2023 at 16:48

Lots to learn this week - listen now! (Full transcript inside.)

Naked Security

S3 Ep139: Are password rules like running through rain?

By Paul Ducklin — June 15^th 2023 at 18:43

Latest episode - listen now! (Full transcript inside.)

Naked Security

S3 Ep138: I like to MOVEit, MOVEit

By Paul Ducklin — June 8^th 2023 at 16:56

Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)

s3-ep138-1200

Naked Security

Serious Security: That KeePass “master password crack”, and what we can learn from it

By Paul Ducklin — May 31^st 2023 at 19:39

Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)

Naked Security

S3 Ep136: Navigating a manic malware maelstrom

By Paul Ducklin — May 25^th 2023 at 16:50

Latest episode - listen now. Full transcript inside...

Naked Security

S3 Ep135: Sysadmin by day, extortionist by night

By Paul Ducklin — May 18^th 2023 at 18:48

Laugh (sufficiently), learn (efficiently), and then let us know what you think in our comments (anonymously, if you wish)...

Naked Security

S3 Ep134: It’s a PRIVATE key – the hint is in the name!

By Paul Ducklin — May 11^th 2023 at 14:54

Latest episode - listen now! (Full transcript inside.)

Naked Security

S3 Ep133: Apple takes “tight-lipped” to a whole new level

By Paul Ducklin — May 4^th 2023 at 20:59

Entertaining, educational, and all in plain English 🎧📖

Naked Security

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

By Paul Ducklin — May 1^st 2023 at 20:46

Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

Naked Security

S3 Ep131: Can you really have fun with FORTRAN?

By Paul Ducklin — April 20^th 2023 at 17:55

Loop-the-loop in this week's episode. Entertaining, educational and all in plain English. Transcript inside.

Naked Security

S3 Ep130: Open the garage bay doors, HAL [Audio + Text]

By Paul Ducklin — April 13^th 2023 at 16:54

I'm sorry, Dave. I'm afraid I can't... errr, no, hang on a minute, I can do that easily! Worldwide! Right now!

Naked Security

S3 Ep129: When spyware arrives from someone you trust

By Paul Ducklin — April 6^th 2023 at 14:57

Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days... listen now!

Naked Security

S3 Ep128: So you want to be a cybercriminal? [Audio + Text]

By Paul Ducklin — March 30^th 2023 at 19:43

Latest episode - listen now!

Naked Security

S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]

By Paul Ducklin — March 16^th 2023 at 17:56

Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!

Naked Security

S3 Ep125: When security hardware has security holes [Audio + Text]

By Paul Ducklin — March 9^th 2023 at 18:58

Lastest episode - listen now! (Full transcript inside.)

Naked Security

S3 Ep124: When so-called security apps go rogue [Audio + Text]

By Paul Ducklin — March 2^nd 2023 at 19:40

Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!

s3-ep124-auth--1200

Naked Security

S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]

By Paul Ducklin — February 23^rd 2023 at 19:58

Latest episode - listen now! Top-notch advice for cybersecurity, both at work and at home.

Naked Security

S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]

By Paul Ducklin — February 16^th 2023 at 17:46

Latest episode - listen now! (Full transcript inside.)

Naked Security

S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

By Paul Ducklin — February 9^th 2023 at 19:41

Latest epsiode. Listen now!

Naked Security

S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

By Paul Ducklin — February 2^nd 2023 at 17:50

Latest episode - listen now!

Naked Security

S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

By Paul Ducklin — January 19^th 2023 at 15:53

As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...

Naked Security

S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]

By Paul Ducklin — January 12^th 2023 at 17:59

Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)

Naked Security

S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]

By Paul Ducklin — January 5^th 2023 at 17:52

Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now! (Full transcript inside.)

Naked Security

Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches

By Paul Ducklin — January 4^th 2023 at 19:50

Lessons for us all: improve cryptography, fight cybercrime, own your supply chain... and don't steal my data and then pretend you're sorry.

Naked Security

Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyond

By Paul Ducklin — December 30^th 2022 at 19:59

The problem with anniversaries is that there's an almost infinite number of them every day...

hny-1200

Naked Security

S3 Ep115: True crime stories – A day in the life of a cybercrime fighter [Audio + Text]

By Paul Ducklin — December 29^th 2022 at 09:20

Listen now - you'll be alarmed, amused and educated, all in equal measure. (Full transcript in article.)

Naked Security

S3 Ep114: Preventing cyberthreats – stop them before they stop you! [Audio + Text]

By Paul Ducklin — December 22^nd 2022 at 19:56

Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.

Naked Security

S3 Ep113: Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text]

By Paul Ducklin — December 15^th 2022 at 17:10

Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!

Naked Security

Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties

By Paul Ducklin — December 12^th 2022 at 19:58

That's a mean average of $15,710 per bug... and 63 fewer bugs out there for crooks and rogues to find.

Naked Security

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

By Paul Ducklin — December 9^th 2022 at 16:46

Breaches, exploits, busts, buffer overflows and bug hunting - entertaining and educational in equal measure.

Naked Security

Apple pushes out iOS security update that’s more tight-lipped than ever

By Paul Ducklin — December 2^nd 2022 at 21:02

We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...

Naked Security

S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]

By Paul Ducklin — December 1^st 2022 at 19:58

Latest episode - listen now (or read if you prefer)...

Naked Security

S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]

By Paul Ducklin — November 24^th 2022 at 16:52

Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us

Naked Security

S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]

By Paul Ducklin — November 17^th 2022 at 17:52

Latest episode - listen now! Cybersecurity news plus loads of great advice...

Naked Security

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

By Paul Ducklin — November 10^th 2022 at 17:26

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By Paul Ducklin — November 3^rd 2022 at 17:51

Listen now - latest episode - audio plus full transcript

Naked Security

S3 Ep106: Facial recognition without consent – should it be banned?

By Paul Ducklin — October 27^th 2022 at 16:59

Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!

Naked Security

S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw” [Audio + Text]

By Paul Ducklin — October 20^th 2022 at 18:54

The coolest video game ever! And lots of solid cybersecurity advice - listen now!

pic-1200

Naked Security

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

By Paul Ducklin — October 13^th 2022 at 16:37

Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...

Naked Security

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

By Paul Ducklin — October 6^th 2022 at 14:43

Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

Naked Security

S3 Ep102: How to avoid a data breach [Audio + Transcript]

By Paul Ducklin — September 29^th 2022 at 18:45

Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...

Naked Security

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]

By Paul Ducklin — September 22^nd 2022 at 18:42

Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...

Naked Security

Interested in cybersecurity? Join us for Security SOS Week 2022!

By Paul Ducklin — September 21^st 2022 at 14:24

Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.

Naked Security

S3 Ep100.5: Uber breach – an expert speaks [Audio + Text]

By Paul Ducklin — September 17^th 2022 at 20:57

Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't."

Naked Security

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

By Paul Ducklin — September 15^th 2022 at 18:50

Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...

s3-ep100-js-1200

Naked Security

How to deal with dates and times without any timezone tantrums…

By Paul Ducklin — September 9^th 2022 at 18:59

Heartfelt encouragement to embrace RFC 3339 - find out why!