NakedSecurity

bg
Password-stealing “vulnerability” reported in KeePass – bug or feature?

Password-stealing “vulnerability” reported in KeePass –...

Is it a vulnerability if someone with control over your account can mess with files...

bg
GitHub code-signing certificates stolen (but will be revoked this week)

GitHub code-signing certificates stolen (but will be revoked...

There was a breach, so the bad news isn't great, but the good news isn't too bad...

bg
Serious Security: The Samba logon bug caused by outdated crypto

Serious Security: The Samba logon bug caused by outdated...

Enjoy our Serious Security deep dive into this real-world example of why cryptographic...

bg
Hive ransomware servers shut down at last, says FBI

Hive ransomware servers shut down at last, says FBI

Unfortunately, you've probably already heard the cliche that "cybercrime abhors...

bg
Dutch suspect locked up for alleged personal data megathefts

Dutch suspect locked up for alleged personal data megathefts

Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing...

bg
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio +...

Lastest episode - listen now! (Or read the transcript.)

bg
GoTo admits: Customer cloud backups stolen together with decryption key

GoTo admits: Customer cloud backups stolen together with...

We were going to write, "Once more unto the breach, dear friends, once more"......

bg
Apple patches are out – old iPhones get an old zero-day fix at last!

Apple patches are out – old iPhones get an old zero-day...

Don't delay, especially if you're still running an iOS 12 device... please do it...

bg
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security

Serious Security: How dEliBeRaTe tYpOs might imProVe DNS...

It's a really cool and super-simple trick. The question is, "Will it help?"

bg
T-Mobile admits to 37,000,000 customer records stolen by “bad actor”

T-Mobile admits to 37,000,000 customer records stolen by...

Once more, it's time for Shakespeare's words: Once more unto the breach...

bg
S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

S3 Ep118: Guess your password? No need if it’s stolen already!...

As always: entertaining, informative and educational... and not bogged down with...

bg
Serious Security: Unravelling the LifeLock “hacked passwords” story

Serious Security: Unravelling the LifeLock “hacked passwords”...

Four straight-talking tips to improve your online security, whether you're a LifeLock...

bg
Multi-million investment scammers busted in four-country Europol raid

Multi-million investment scammers busted in four-country...

216 questioned, 15 arrested, 4 fake call centres searched, millions seized...

bg
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]

S3 Ep117: The crypto crisis that wasn’t (and farewell forever...

Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory...

bg
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever...

Get 'em while they're hot. And get 'em for the very last time, if you still have...

bg
Popular JWT cloud security library patches “remote” code execution hole

Popular JWT cloud security library patches “remote” code...

It's remotely triggerable, but attackers would already have pretty deep network...

bg
CircleCI – code-building service suffers total credential compromise

CircleCI – code-building service suffers total credential...

They're saying "rotate secrets"... in plain English, they mean "change your credentials"....

bg
RSA crypto cracked? Or perhaps not!

RSA crypto cracked? Or perhaps not!

Stand down from blue alert, it seems... but why not plan your cryptographic agility...

bg
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]

S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio...

Lots of big issues this week: breaches, encryption, supply chains and patching problems....

bg
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches

Serious Security: How to improve cryptography, resist supply...

Lessons for us all: improve cryptography, fight cybercrime, own your supply chain......

bg
Serious Security: Vital cybersecurity lessons from the holiday season

Serious Security: Vital cybersecurity lessons from the...

Lessons for us all: improve cryptography, fight cybercrime, own your supply chain......

bg
Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raid

Inside a scammers’ lair: Ukraine busts 40 in fake bank...

When someone calls you up to warn you that your bank account is under attack - it's...

bg
PyTorch: Machine Learning toolkit pwned from Christmas to New Year

PyTorch: Machine Learning toolkit pwned from Christmas...

The bad news: the crooks have your SSH private keys. The good news: only users of...

bg
Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyond

Naked Security 33 1/3 – Cybersecurity predictions for 2023...

The problem with anniversaries is that there's an almost infinite number of them...