Category: Naked Security – Sophos

They can’t read much of your data, but even a few stray network packets could tell them something they’re not supposed to know. This article has been indexed from Naked Security – Sophos Read the original article: Researchers claim they…

Read more →

The only backup you will ever regret is the one you didn’t make… This article has been indexed from Naked Security – Sophos Read the original article: World Backup Day is here again – 5 tips to keep your precious…

Read more →

Booby-trapped app, apparently signed and shipped by 3CX itself after its source code repository was broken into. This article has been indexed from Naked Security – Sophos Read the original article: Supply chain blunder puts 3CX telephone app users at…

Read more →

Latest episode – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep128: So you want to be a cyber­criminal? [Audio + Text]

Read more →

Latest episode – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep128: So you want to be a cybercriminal? [Audio + Text]

Read more →

Thinking of trying a bit of DDoSsing to get a feel for life at the fringes of the Dark Side? Don’t do it! This article has been indexed from Naked Security – Sophos Read the original article: Cops use fake…

Read more →

Got an older iPhone that can’t run iOS 16? You’ve got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too. This article has been indexed from Naked Security – Sophos Read the original article: Apple patches…

Read more →

Microsoft says “successful exploitation requires uncommon user interaction”, but it’s the innocent and accidental leakage of private data you should be concerned about. This article has been indexed from Naked Security – Sophos Read the original article: Microsoft assigns CVE…

Read more →

His prediction was called a “Law”, though it was an exhortation to engineering excellence as much it was an estimate. This article has been indexed from Naked Security – Sophos Read the original article: In Memoriam – Gordon Moore, who…

Read more →

Admin-level holes in websites are always a bad thing… and for “bad”, read “worse” if it’s an e-commerce site. This article has been indexed from Naked Security – Sophos Read the original article: WooCommerce Payments plugin for WordPress has an…

Read more →

Listen now – latest episode. Full transcript inside. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep127: When you chop someone out of a photo, but there they are anyway…

Read more →

Turns out that the Windows 11 Snipping Tool has the same “aCropalypse” data leakage bug as Pixel phones. Here’s how to work around the problem… This article has been indexed from Naked Security – Sophos Read the original article: Windows…

Read more →

What if the “safe” images you shared after carefully cropping them… had some or all of the “unsafe” pixels left behind anyway? This article has been indexed from Naked Security – Sophos Read the original article: Google Pixel phones had…

Read more →

As the misquote goes, “Once is misfortune…” This is the second time, and you know what Lady Bracknell had to say about that… This article has been indexed from Naked Security – Sophos Read the original article: Bitcoin ATM customers…

Read more →

Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation. This article has been indexed from Naked Security – Sophos Read the original article: Dangerous Android phone 0-day bugs…

Read more →

Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English… just like old times, with Duck and Chet! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep 126:…

Read more →

An email you haven’t even looked at yet could be used to trick your mail server into helping crooks to logon as you. This article has been indexed from Naked Security – Sophos Read the original article: Microsoft fixes two…

Read more →

In the game of cricket, 111 is an unauspicious number, but for Firefox, there doesn’t seem to be much to worry about this month. This article has been indexed from Naked Security – Sophos Read the original article: Firefox 111…

Read more →

Linux doesn’t BSoD. It has oopses and panics instead. (We show you how to make a kernel module to explore further.) This article has been indexed from Naked Security – Sophos Read the original article: Linux gets double-quick double-update to…

Read more →

It’s not exactly data theft, but it’s worrying close to “unintentional treachery” – apparently because it’s great for marketing purposes This article has been indexed from Naked Security – Sophos Read the original article: SHEIN shopping app goes rogue, grabs…

Read more →

Lastest episode – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep125: When security hardware has security holes [Audio + Text]

Read more →

Security bugs in the very code you’ve been told you must have to improve the security of your computer… This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: TPM 2.0 vulns – is…

Read more →

Devices seized, suspects interrogated and arrested, allegedly connected to devastating cyberattack on University Hospital in Düsseldorf. This article has been indexed from Naked Security – Sophos Read the original article: DoppelPaymer ransomware supsects arrested in Germany and Ukraine

Read more →

Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them? This article has been indexed from Naked Security – Sophos Read the original article: Feds warn about right Royal ransomware rampage that runs…

Read more →

Rogue software packages. Rogue “sysadmins”. Rogue keyloggers. Rogue authenticators. Rogue ROGUES! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep124: When so-called security apps go rogue [Audio + Text]

Read more →

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn’t say which one!) on a developer’s home computer. This article has been indexed from Naked Security – Sophos Read the original article: LastPass: Keylogger on home…

Read more →

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn’t say which one!) on a developer’s home computer. This article has been indexed from Naked Security – Sophos Read the original article: LastPass: The crooks used…

Read more →

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn’t say which one!) on a developer’s home computer. This article has been indexed from Naked Security – Sophos Read the original article: LastPass: The crooks used…

Read more →

Ever paid hush money to crooks who broke into your network? Wondered how much you can trust them? This article has been indexed from Naked Security – Sophos Read the original article: Dutch police arrest three cyberextortion suspects who allegedly…

Read more →

Even in Apple’s and Google’s “walled gardens”, there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.) This article has been indexed from Naked Security – Sophos Read the original article: Beware rogue…

Read more →

Latest episode – listen now! Top-notch advice for cybersecurity, both at work and at home. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]

Read more →

Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?! This article has been indexed from Naked Security – Sophos Read the original article: NPM JavaScript packages…

Read more →

Another day, another “sophisticated” attack. This time, the company has handily included some useful advice along with its mea culpa… This article has been indexed from Naked Security – Sophos Read the original article: Coinbase breached by social engineers, employee…

Read more →

Ironically, Twitter Blue users will be allowed to keep using the very 2FA process that’s not considered secure enough for everyone else. This article has been indexed from Naked Security – Sophos Read the original article: Twitter tells users: Pay…

Read more →

New report admits that attackers were detected in the network about three months ago, and may have been attacking for about three years. This article has been indexed from Naked Security – Sophos Read the original article: GoDaddy admits: Crooks…

Read more →

Latest episode – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]

Read more →

Lots of lovely patches for your Valentine’s Day delight. Get ’em as soon as you can… This article has been indexed from Naked Security – Sophos Read the original article: Microsoft Patch Tuesday: 36 RCE bugs, 3 zero-days, 75 CVEs

Read more →

Everyone update now! Except for those who don’t need to! Or who need to but will only get updates later on, though Apple isn’t saying yet! This article has been indexed from Naked Security – Sophos Read the original article:…

Read more →

Conditional code considered cryptographically counterproductive. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

Read more →

Reddit is suggesting three tips as a follow-up to this breach. We agree with two of them but not with the third… This article has been indexed from Naked Security – Sophos Read the original article: Reddit admits it was…

Read more →

7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English… This article has been indexed from Naked Security – Sophos Read the original article: OpenSSL fixes High Severity data-stealing bug – patch now!

Read more →

Latest epsiode. Listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

Read more →

7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English… This article has been indexed from Naked Security – Sophos Read the original article: OpenSSL fixes High Severity data-stealing bug – patch now!

Read more →

To borrow from HHGttG, please DON’T PANIC. But if you are two years out of date with patches, please do ACT NOW! This article has been indexed from Naked Security – Sophos Read the original article: VMWare user? Worried about…

Read more →

Hear renowned cybersecurity author Andy Greenberg’s thoughtful commentary about the “war on crypto” as we talk to him about his new book… This article has been indexed from Naked Security – Sophos Read the original article: Tracers in the Dark:…

Read more →

Company transcribed ultra-personal conversations, didn’t secure them. Criminal stole them, then extorted thousands of vulnerable patients. This article has been indexed from Naked Security – Sophos Read the original article: Finnish psychotherapy extortion suspect arrested in France

Read more →

Latest episode – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

Read more →

It’s a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code… This article has been indexed from Naked Security – Sophos Read the original article: OpenSSH fixes…

Read more →

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway? This article has been indexed from Naked Security – Sophos Read the original article: Password-stealing “vulnerability” reported…

Read more →

There was a breach, so the bad news isn’t great, but the good news isn’t too bad… This article has been indexed from Naked Security – Sophos Read the original article: GitHub code-signing certificates stolen (but will be revoked this…

Read more →

Latest episode – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

Read more →

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway? This article has been indexed from Naked Security – Sophos Read the original article: Password-stealing “vulnerability” reported…

Read more →

There was a breach, so the bad news isn’t great, but the good news isn’t too bad… This article has been indexed from Naked Security – Sophos Read the original article: GitHub code-signing certificates stolen (but will be revoked this…

Read more →

Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important! This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: The Samba logon bug caused by outdated crypto

Read more →

We were going to write, “Once more unto the breach, dear friends, once more”… but it seems to go without saying these days. This article has been indexed from Naked Security – Sophos Read the original article: GoTo admits: Customer…

Read more →

Unfortunately, you’ve probably already heard the cliche that “cybercrime abhors a vacuum”… This article has been indexed from Naked Security – Sophos Read the original article: Hive ransomware servers shut down at last, says FBI

Read more →

Undercover Austrian “controlled data buy” leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records. This article has been indexed from Naked Security – Sophos Read the original article:…

Read more →

Don’t delay, especially if you’re still running an iOS 12 device… please do it today! This article has been indexed from Naked Security – Sophos Read the original article: Apple patches are out – old iPhones get an old zero-day…

Read more →

Lastest episode – listen now! (Or read the transcript.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

Read more →

We were going to write, “Once more unto the breach, dear friends, once more”… but it seems to go without saying these days. This article has been indexed from Naked Security – Sophos Read the original article: GoTo admits: Customer…

Read more →

Don’t delay, especially if you’re still running an iOS 12 device… please do it today! This article has been indexed from Naked Security – Sophos Read the original article: Apple patches are out – old iPhones get an old zero-day…

Read more →

It’s a really cool and super-simple trick. The question is, “Will it help?” This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security

Read more →

Once more, it’s time for Shakespeare’s words: Once more unto the breach… This article has been indexed from Naked Security – Sophos Read the original article: T-Mobile admits to 37,000,000 customer records stolen by “bad actor”

Read more →

As always: entertaining, informative and educational… and not bogged down with jargon! Listen (or read) now… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep118: Guess your password? No need if it’s stolen…

Read more →

Four straight-talking tips to improve your online security, whether you’re a LifeLock customer or not. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: Unravelling the LifeLock “hacked passwords” story

Read more →

216 questioned, 15 arrested, 4 fake call centres searched, millions seized… This article has been indexed from Naked Security – Sophos Read the original article: Multi-million investment scammers busted in four-country Europol raid

Read more →

Tell us in the comments… What’s the REAL reason there was no Windows 9? (No theory too far-fetched!) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep117: The crypto crisis that wasn’t (and…

Read more →

Get ’em while they’re hot. And get ’em for the very last time, if you still have Windows 7 or 8.1… This article has been indexed from Naked Security – Sophos Read the original article: Microsoft Patch Tuesday: One 0-day;…

Read more →

It’s remotely triggerable, but attackers would already have pretty deep network access if they could “prime” your server for compromise. This article has been indexed from Naked Security – Sophos Read the original article: Popular JWT cloud security library patches…

Read more →

They’re saying “rotate secrets”… in plain English, they mean “change your credentials”. The company has a tool to help you find them all. This article has been indexed from Naked Security – Sophos Read the original article: CircleCI – code-building…

Read more →

Stand down from blue alert, it seems… but why not plan your cryptographic agility anyway? This article has been indexed from Naked Security – Sophos Read the original article: RSA crypto cracked? Or perhaps not!

Read more →

Lessons for us all: improve cryptography, fight cybercrime, own your supply chain… and don’t steal my data and then pretend you’re sorry. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: How to…

Read more →

Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep116: Last straw for LastPass? Is crypto…

Read more →

Lessons for us all: improve cryptography, fight cybercrime, own your supply chain… and don’t steal my data and then pretend you’re sorry. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: Vital cybersecurity…

Read more →

When someone calls you up to warn you that your bank account is under attack – it’s true, because THAT VERY PERSON is the one attacking you! This article has been indexed from Naked Security – Sophos Read the original…

Read more →

The bad news: the crooks have your SSH private keys. The good news: only users of the “nightly” build were affected. This article has been indexed from Naked Security – Sophos Read the original article: PyTorch: Machine Learning toolkit pwned…

Read more →

The problem with anniversaries is that there’s an almost infinite number of them every day… This article has been indexed from Naked Security – Sophos Read the original article: Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyond

Read more →

Is there a special meaning of “don’t” that means “go right ahead”? This article has been indexed from Naked Security – Sophos Read the original article: The horror! The horror! NOTEPAD gets tabbed editing (very briefly)

Read more →

Cryptographic agility: the ability and the willingness to change quickly when needed. This article has been indexed from Naked Security – Sophos Read the original article: US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?

Read more →

Listen now – you’ll be alarmed, amused and educated, all in equal measure. (Full transcript in article.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep115: True crime stories – A day in…

Read more →

If the crooks have connected up your phone number and your Twitter handle… what could go wrong? This article has been indexed from Naked Security – Sophos Read the original article: Twitter data of “+400 million unique users” up for…

Read more →

It’s serious, it’s critical, and you could call it severe… but in HHGttG terminology, it’s probably “mostly harmless”. This article has been indexed from Naked Security – Sophos Read the original article: Critical “10-out-of-10” Linux kernel SMB hole – should…

Read more →

The crooks now know who you are, where you live, which computers are yours, where you go online… and they got those password vaults, too. This article has been indexed from Naked Security – Sophos Read the original article: LastPass…

Read more →

The crooks now know who you are, where you live, which computers are yours, where you go online… and they got those password vaults, too. This article has been indexed from Naked Security – Sophos Read the original article: LastPass…

Read more →

Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep114: Preventing cyberthreats – stop them…

Read more →

A picture is worth 1024 words – we clicked through so you don’t have to. This article has been indexed from Naked Security – Sophos Read the original article: “Suspicious login” scammers up their game – take care at Christmas

Read more →

It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day. This article has been indexed from Naked Security – Sophos Read the original article: Microsoft dishes…

Read more →

The Cryptoqueen herself is still missing, but her co-conspirator, who is said to have pocketed over $20m a month, has been convicted. This article has been indexed from Naked Security – Sophos Read the original article: OneCoin scammer Sebastian Greenwood…

Read more →

Tales of derring-do in the cyberunderground! (And some zero-days.) This article has been indexed from Naked Security – Sophos Read the original article: Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

Read more →

There’s an update for everything this time, not just for iOS. This article has been indexed from Naked Security – Sophos Read the original article: Apple patches everything, finally reveals mystery of iOS 16.1.2

Read more →

Return o’ the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep113: Pwning the Windows kernel – the crooks who…

Read more →

Tales of derring-do in the cyberunderground! (And some zero-days.) This article has been indexed from Naked Security – Sophos Read the original article: Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

Read more →

There’s an update for everything this time, not just for iOS. This article has been indexed from Naked Security – Sophos Read the original article: Apple patches everything, finally reveals mystery of iOS 16.1.2

Read more →

It’s not the switching that’s the problem, it’s the switching of the switching! This article has been indexed from Naked Security – Sophos Read the original article: COVID-bit: the wireless spyware trick with an unfortunate name

Read more →

That’s a mean average of $15,710 per bug… and 63 fewer bugs out there for crooks and rogues to find. This article has been indexed from Naked Security – Sophos Read the original article: Pwn2Own Toronto: 54 hacks, 63 new…

Read more →

Breaches, exploits, busts, buffer overflows and bug hunting – entertaining and educational in equal measure. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep112: Data breaches can haunt you more than once! [Audio…

Read more →

Don’t keep calling home to a JavaScript server that closed its doors eight years ago! This article has been indexed from Naked Security – Sophos Read the original article: Credit card skimming – the long and winding road of supply…

Read more →

Guilty party got 18 months, also has to pay back $20m he probably hasn’t got, which could land him in more hot water. This article has been indexed from Naked Security – Sophos Read the original article: SIM swapper sent…

Read more →

Ninth more unto the breach, dear friends, ninth more. This article has been indexed from Naked Security – Sophos Read the original article: Number Nine! Chrome fixes another 2022 zero-day, Edge patched too

Read more →

It’s a venerable program, and this version had a venerable bug in it. This article has been indexed from Naked Security – Sophos Read the original article: Ping of death! FreeBSD fixes crashtastic bug in network tool

Read more →