Category: Naked Security – Sophos

Ninth more unto the breach, dear friends, ninth more. This article has been indexed from Naked Security – Sophos Read the original article: Number Nine! Chrome fixes another 2022 zero-day, Edge not patched yet

Read more →

We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good… This article has been indexed from Naked Security – Sophos Read the original…

Read more →

Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round. This article has been indexed from Naked Security – Sophos Read the original article: LastPass admits to customer data breach…

Read more →

“Uh-oh, this viruses-and-worms scene could turn out quite troublesome.” If only we’d been wrong… This article has been indexed from Naked Security – Sophos Read the original article: The CHRISTMA EXEC network worm – 35 years and counting!

Read more →

Latest episode – listen now (or read if you prefer)… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]

Read more →

It’s not just the hashing, by the way. It’s the salting and the stretching, too! This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: MD5 considered harmful – to the tune of $600,000

Read more →

An injury to one is an injury to all. Especially if the other people are part of your social network. This article has been indexed from Naked Security – Sophos Read the original article: TikTok “Invisible Challenge” porn malware puts…

Read more →

There isn’t a rhyme to remind you which months have browser zero-days… you just have to keep your eyes and ears open! This article has been indexed from Naked Security – Sophos Read the original article: Chrome fixes 8th zero-day…

Read more →

There isn’t a rhyme to remind you which months have browser zero-days… you just have to keep your eyes and ears open! This article has been indexed from Naked Security – Sophos Read the original article: Chrome fixes 8th zero-day…

Read more →

Those numbers or names that pop up when a call comes up? They’re OK as a hint of who’s calling, but THEY PROVE NOTHING This article has been indexed from Naked Security – Sophos Read the original article: Voice-scamming site…

Read more →

Five tips to keep yourself, and your friends and family, out of the clutches of “chopping block” scammers… This article has been indexed from Naked Security – Sophos Read the original article: Multimillion dollar CryptoRom scam sites seized, suspects arrested…

Read more →

Latest episode – security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep110: Spotlight on cyberthreats…

Read more →

Five tips to keep yourself, and your friends and family, out of the clutches of “chopping block” scammers… This article has been indexed from Naked Security – Sophos Read the original article: CryptoRom “pig butchering” scam sites seized, suspects arrested…

Read more →

Review your servers, your patches and your authentication policies – there’s a proof-of-concept out This article has been indexed from Naked Security – Sophos Read the original article: How to hack an unpatched Exchange server with rogue PowerShell code

Read more →

The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server… but the content is all fake This article has been indexed from Naked Security – Sophos Read the original article: How social…

Read more →

Don’t let a keen eye for bargains lead you into risky online behaviour… This article has been indexed from Naked Security – Sophos Read the original article: Black Friday and retail season – watch out for PayPal “money request” scams

Read more →

What’s so bad about a web page going fullscreen without warning you first? This article has been indexed from Naked Security – Sophos Read the original article: Firefox fixes fullscreen fakery flaw – get the update now!

Read more →

Latest episode – listen now! Cybersecurity news plus loads of great advice… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]

Read more →

Good old “string templating”, also known as “string interpolation”, in the spotlight again… This article has been indexed from Naked Security – Sophos Read the original article: Log4Shell-like code execution hole in popular Backstage dev tool

Read more →

Latest episode – listen now! Cybersecurity news plus loads of great advice… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep109: How one leaked email password could drain your business

Read more →

Don’t let a keen eye for bargains lead you into risky online behaviour… This article has been indexed from Naked Security – Sophos Read the original article: Black Friday and retail season – watch out for PayPal “money request” scams

Read more →

What’s so bad about a web page going fullscreen without warning you first? This article has been indexed from Naked Security – Sophos Read the original article: Firefox fixes fullscreen fakery flaw – get the update now!

Read more →

Researchers at cloud coding security company Oxeye have written up a critical bug that they recently discovered in the popular cloud development toolkit Backstage. Their report includes an explanation of how the bug works, plus proof-of-concept (PoC) code showing how…

Read more →

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world… This article has been indexed from Naked Security – Sophos Read the original article: “Gucci Master” business email scammer Hushpuppi gets 11 years

Read more →

A bit like leaving the front door keys under the doormat… This article has been indexed from Naked Security – Sophos Read the original article: Dangerous SIM-swap lockscreen bypass – update Android now!

Read more →

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

Read more →

Not a zero-day, but important enough for a quick-fire patch to one system library… This article has been indexed from Naked Security – Sophos Read the original article: Emergency code execution patch from Apple – but not an 0-day

Read more →

In all the excitement, we kind of lost count ourselves. Were there six 0-days, or only four? This article has been indexed from Naked Security – Sophos Read the original article: Exchange 0-days fixed (at last) – plus 4 brand…

Read more →

Jurisprudence isn’t like arithmetic… two negatives never make a positive! This article has been indexed from Naked Security – Sophos Read the original article: Silk Road drugs market hacker pleads guilty, faces 20 years inside

Read more →

Never make your users cry/By how you use an API This article has been indexed from Naked Security – Sophos Read the original article: Public URL scanning tools – when security leads to insecurity

Read more →

That was the week that was… This article has been indexed from Naked Security – Sophos Read the original article: Twitter Blue Badge email scams – Don’t fall for them!

Read more →

Listen now – latest episode – audio plus full transcript This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio +…

Read more →

How to Hack! Finding OpenSSL library files and accurately identifying their version numbers… This article has been indexed from Naked Security – Sophos Read the original article: The OpenSSL security update story – how can you tell what needs fixing?

Read more →

That bated-breath OpenSSL update is out! It’s no longer rated CRITICAL, but we advise you to patch ASAP anyway. Here’s why… This article has been indexed from Naked Security – Sophos Read the original article: OpenSSL patches are out – CRITICAL…

Read more →

As everyone waits for news of a bug in OpenSSL, here’s a reminder that other cryptographic code in your life may also need patching! This article has been indexed from Naked Security – Sophos Read the original article: SHA-3 code…

Read more →

Wanted! Not only the extortionist who abused the data, but also the CEO who let it happen. This article has been indexed from Naked Security – Sophos Read the original article: Psychotherapy extortion suspect: arrest warrant issued

Read more →

We’ve said it before/And we’ll say it again/It’s not *if* you should patch/It’s a matter of *when*. (Hint: now!) This article has been indexed from Naked Security – Sophos Read the original article: Chrome issues urgent zero-day fix – update…

Read more →

“We told you to stop but you ignored us,” said the French regulator, “so now we’re coming after you again.” This article has been indexed from Naked Security – Sophos Read the original article: Clearview AI image-scraping face recognition service…

Read more →

Turns out that Tuesday’s zero-day for iOS 16 is Friday’s zero-day for iOS 15… This article has been indexed from Naked Security – Sophos Read the original article: Updates to Apple’s zero-day update story – iPhone and iPad users read…

Read more →

Don’t be a cybersecurity slowcoach – you need to spot possible attacks as soon as you can. This article has been indexed from Naked Security – Sophos Read the original article: Online ticketing company “See” pwned for 2.5 years by…

Read more →

Ventura hits the market with 112 patches, Catalina’s gone missing, and iPhones and iPads get a critical kernel-level zero-day patch… This article has been indexed from Naked Security – Sophos Read the original article: Apple megaupdate: Ventura out, iOS and…

Read more →

Latest episode – listen (or read) now. Teachable moments for X-Ops professionals! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep106: Facial recognition without consent – should it be banned?

Read more →

“We told you to stop but you ignored us,” said the French regulator, “so now we’re coming after you again.” This article has been indexed from Naked Security – Sophos Read the original article: Clearview AI image-scraping face recognition service…

Read more →

Don’t be a cybersecurity slowcoach – you need to spot possible attacks as soon as you can. This article has been indexed from Naked Security – Sophos Read the original article: Online ticketing company “See” pwned for 2.5 years by…

Read more →

What if you could guess the next card correctly twice as often as you should? This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: How randomly (or not) can you shuffle cards?

Read more →

Ventura hits the market with 112 patches, Catalina’s gone missing, and iPhones and iPads get a critical kernel-level zero-day patch… This article has been indexed from Naked Security – Sophos Read the original article: Apple megaupdate: Ventura out, iOS and…

Read more →

“We told you to stop but you ignored us,” said the French regulator, “so now we’re coming after you again.” This article has been indexed from Naked Security – Sophos Read the original article: Clearview AI image-scraping face recognition service…

Read more →

What if you could guess the next card correctly twice as often as you should? This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: How randomly (or not) can you shuffle cards?

Read more →

Ventura hits the market with 112 patches, Catalina’s gone missing, and iPhones and iPads get a critical kernel-level zero-day patch… This article has been indexed from Naked Security – Sophos Read the original article: Apple megaupdate: Ventura out, iOS and…

Read more →

What if you could guess the next card correctly twice as often as you should? This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: You can’t beat the house at Blackjack – or…

Read more →

The coolest video game ever! And lots of solid cybersecurity advice – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw”…

Read more →

Crooks: Show us the money! Cops: How about you show us the decryption keys first? This article has been indexed from Naked Security – Sophos Read the original article: When cops hack back: Dutch police fleece DEADBOLT criminals (legally!)

Read more →

What did you do in the war, Mom? Oh, y’know, a bit of this and that… This article has been indexed from Naked Security – Sophos Read the original article: Women in Cryptology – USPS celebrates WW2 codebreakers

Read more →

The coolest video game ever! And lots of solid cybersecurity advice – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw”…

Read more →

Third time unlucky. Time to put your patching boots on again… This article has been indexed from Naked Security – Sophos Read the original article: Dangerous hole in Apache Commons Text – like Log4Shell all over again

Read more →

What did you do in the war, Mom? Oh, y’know, a bit of this and that… This article has been indexed from Naked Security – Sophos Read the original article: Women in Cryptology – USPS celebrates WW2 codebreakers

Read more →

Hey! That back door isn’t supposed to be there at all, let alone propped open… This article has been indexed from Naked Security – Sophos Read the original article: Zoom for Mac patches sneaky “spy-on-me” bug – update now!

Read more →

Third time unlucky. Time to put your patching boots on again… This article has been indexed from Naked Security – Sophos Read the original article: Dangerous hole in Apache Commons Text – like Log4Shell all over again

Read more →

Is “pay a small fine and keep on trading” a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth? This article has been indexed from Naked Security – Sophos Read the original article: Fashion brand…

Read more →

What did you do in the war, Mom? Oh, y’know, a bit of this and that… This article has been indexed from Naked Security – Sophos Read the original article: Women in Cryptology – USPS celebrates WW2 codebreakers

Read more →

Hey! That back door isn’t supposed to be there at all, let alone propped open… This article has been indexed from Naked Security – Sophos Read the original article: Zoom for Mac patches sneaky “spy-on-me” bug – update now!

Read more →

Third time unlucky. Time to put your patching boots on again… This article has been indexed from Naked Security – Sophos Read the original article: Dangerous hole in Apache Commons Text – like Log4Shell all over again

Read more →

Is “pay a small fine and keep on trading” a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth? This article has been indexed from Naked Security – Sophos Read the original article: Fashion brand…

Read more →

How 2022 is your encryption? This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: Microsoft Office 365 attacked over feeble encryption

Read more →

Have your say on three deep questions posed by this week’s podcast. Read or listen as suits you best… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep104: Should hospital ransomware attackers be…

Read more →

There’s a zero-day patch, but it’s not for the zero-day you thought. This article has been indexed from Naked Security – Sophos Read the original article: Patch Tuesday in brief – one 0-day fixed, but no patches for Exchange!

Read more →

Have your say on three deep questions posed by this week’s podcast. Read or listen as suits you best… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep104: Should hospital ransomware attackers be…

Read more →

Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine. This article has been indexed from Naked Security – Sophos Read the original article: Move over Patch Tuesday –…

Read more →

The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages… This article has been indexed from Naked Security – Sophos Read the original article: Mystery iPhone update patches against iOS…

Read more →

Microsoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: OAuth 2 and…

Read more →

There’s a zero-day patch, but it’s not for the zero-day you thought. This article has been indexed from Naked Security – Sophos Read the original article: Patch Tuesday in brief – one 0-day fixed, but no patches for Exchange!

Read more →

Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine. This article has been indexed from Naked Security – Sophos Read the original article: Move over Patch Tuesday –…

Read more →

The problem with crashy messaging apps is that *other people* get to choose if and when to send you messages… This article has been indexed from Naked Security – Sophos Read the original article: Mystery iPhone update patches against iOS…

Read more →

Microsoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: OAuth 2 and…

Read more →

Latest episode – listen and learn now (or read and revise, if the written word is your thing)… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep103: Scammers in the Slammer (and other…

Read more →

Obstructed FTC proceedings, and concealed a crime, said the jury. This article has been indexed from Naked Security – Sophos Read the original article: Former Uber CSO convicted of covering up megabreach back in 2016

Read more →

If you can’t beat ’em, sue ’em! This article has been indexed from Naked Security – Sophos Read the original article: WhatsApp goes after Chinese password scammers via US court

Read more →

Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth. This article has been indexed from Naked Security – Sophos Read the original article: Romance scammer and BEC fraudster sent to prison…

Read more →

Judge tells the accused that if he hadn’t pleaded guilty, “I would have given you life.” This article has been indexed from Naked Security – Sophos Read the original article: NetWalker ransomware affiliate sentenced to 20 years by Florida court

Read more →

Obstructed FTC proceedings, and concealed a crime, said the jury. This article has been indexed from Naked Security – Sophos Read the original article: Former Uber CSO convicted of covering up megabreach back in 2016

Read more →

Latest episode – listen and learn now (or read and revise, if the written word is your thing)… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep103: Scammers in the Slammer (and other…

Read more →

Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams? This article has been indexed from Naked Security – Sophos Read the original article: Scammers and rogue callers – can anything…

Read more →

Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth. This article has been indexed from Naked Security – Sophos Read the original article: Romance scammer and BEC fraudster sent to prison…

Read more →

Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams? This article has been indexed from Naked Security – Sophos Read the original article: Scammers and rogue callers – can anything…

Read more →

Who’s affected, what you can do while waiting for Microsoft’s patches, and how to plan your threat hunting… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert…

Read more →

Latest episode – listen now! Tell fact from fiction in hyped-up cybersecurity news… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep102: How to avoid a data breach [Audio + Transcript]

Read more →

Double-play 0-day in Exchange – what you need to know, and what you can do This article has been indexed from Naked Security – Sophos Read the original article: URGENT! Microsoft Exchange double zero-day – “like ProxyShell, only different”

Read more →

Latest episode – listen now! Tell fact from fiction in hyped-up cybersecurity news… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep102: Cutting through cybersecurity news hype [Audio + Transcript]

Read more →

Licence compromised? Passport number burned? Need a new one? Who’s going to pay? This article has been indexed from Naked Security – Sophos Read the original article: Optus breach – Aussie telco told it will have to pay to replace…

Read more →

Is WhatsApp currently under active attack by cybercriminals? Is this a clear and current danger? How worried should WhatsApp users be? This article has been indexed from Naked Security – Sophos Read the original article: WhatsApp “zero-day exploit” news scare…

Read more →

Licence compromised? Passport number burned? Need a new one? Who’s going to pay? This article has been indexed from Naked Security – Sophos Read the original article: Optus breach – Aussie telco told it will have to pay to replace…

Read more →

Is WhatsApp currently under active attack by cyercriminals? Is this a clear and current danger? How worried should WhatsApp users be? This article has been indexed from Naked Security – Sophos Read the original article: WhatsApp “zero-day exploit” news scare…

Read more →

Is this the same suspect as before? Is he part of LAPSUS$? Is this the man who hacked Uber and Rockstar? And, if so, who else? This article has been indexed from Naked Security – Sophos Read the original article:…

Read more →

Latest episode – listen now! Learn why adopting 2FA isn’t a reason to relax your other security precautions… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep101: Uber and LastPass breaches – is…

Read more →

Critical data on old disks always seems inaccessible if you really need it. But when you DON”T want it back, guess what happens… This article has been indexed from Naked Security – Sophos Read the original article: Morgan Stanley fined…

Read more →

Four one-on-one interviews with experts who are passionate about sharing their expertise with the community. This article has been indexed from Naked Security – Sophos Read the original article: Interested in cybersecurity? Join us for Security SOS Week 2022!

Read more →

Latest episode – listen now! Learn why adopting 2FA isn’t a reason to relax your other security precautions… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep101: Uber and LastPass breaches – is…

Read more →

Four one-on-one interviews with experts who are passionate about sharing their expertise with the community. This article has been indexed from Naked Security – Sophos Read the original article: Interested in cybersecurity? Join us for Security SOS Week 2022!

Read more →

Wondering how you’d handle a data breach report if the worst happened to you? Here’s a useful example. This article has been indexed from Naked Security – Sophos Read the original article: LastPass source code breach – incident response report…

Read more →

Wondering how you’d handle a data breach report if the worst happened to you? Here’s a useful example. This article has been indexed from Naked Security – Sophos Read the original article: LastPass source code breach – incident response report…

Read more →