Fake heads! (Cue dystopian scifi music.)Read More iOS 15 includes Face ID fix for security bypass using fake heads
“Stop. Think. Connect.” Say those words aloud – and please pronounce the pauses prescribed by the periods!Read More “Back to basics” as courier scammers skip fake fees and missed deliveries
Got Linux? Here’s a bug you weren’t expecting, in software you might not even know you have.Read More OMIGOD, an exploitable hole in Microsoft open source code!
Bugs! So many bugs! Latest episode – listen now…Read More S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]
Double trouble: two zero-days, patched in the same emergency update. So please don’t delay – patch today!Read More Apple products vulnerable to FORCEDENTRY zero-day attack – patch now!
Hey, let’s create a text file that lists our security contacts! We’ll call it… security DOT txt.Read More Serious Security: How to make sure you don’t miss bug reports!
Latest episode – listen now!Read More S3 Ep49: Poison PACs, pointless alarms and phunky bugs [Podcast]
Zero-day bug in MSHTML, the “mini-Internet Explorer” component of Windows, triggered by booby trapped Office files.Read More Windows zero-day MSHTML attack – how not to get booby trapped!
3,000,000 downloads a week… if only they’d read the fastidious manual!Read More Poisoned proxy PACs! The NPM package with a network-wide security hole…
Latest episode – listen now!Read More S3 Ep48: Cryptographic bugs, cryptocurrency nightmares, and lots of phishing [Podcast]
The alarm system that can be turned off with your email address.Read More Pwned! The home security system that can be hacked with your email address
Recursion [noun]: see recursion.Read More Skimming the CREAM – recursive withdrawals loot $13M in cryptocash
The buggy code’s in there, alright. Fortunately, it’s hard to get OpenSSL to use it even if you want to, which mitigates the risk.Read More Big bad decryption bug in OpenSSL – but no cause for alarm
Latest episode – listen now!Read More S3 Ep47: Daylight robbery, spaghetti trouble, and mousetastic superpowers [Podcast]
When a helpful feature (that you probably didn’t need) turns into an exploitable vulnerability…Read More How a gaming mouse can get you Windows superpowers!
That’s funny. I could have sworn I didn’t run a print job yesterday… but will you look at that?Read More What’s *THAT* on my 3D printer? Cloud bug lets anyone print to everyone
Another week, another cryptocurrency catastrophe. This time, it’s “only” $100 million’s worth…Read More Japanese cryptocoin exchange robbed of $100,000,000
Lastest episode – listen, laugh and learn! This week, Chester Wisniewski joins us on the show.Read More S3 Ep46: Copyright scams, video snooping and Grand Theft Crypto [Podcast]
Home automation. Internet of Things. Cloud management. And a security bug that could let other people watch you online…Read More Video surveillance network hacked by researchers to hijack footage
Forewarned is forearmed. Here’s our advice on dealing with “copyright infringement” scammers.Read More Copyright scammers turn to phone numbers instead of web links
Latest episode – listen now!Read More S3 Ep32: AirTag jailbreak, Dell vulns, and a never-ending scam [Podcast]
All that glisters is not gold/Often have you heard that told/Gilded tombs do worms enfoldRead More Beware fake online trading apps, on iOS as well as Android
Ooooh, look! A shiny button-like object!Read More Apple AirTag jailbroken already – hacked in rickroll attack
640Kbytes of RAM should be enough for anyone…Read More Never say never! Warren Buffett caught up in integer overflow error…
Latest episode – listen now! (And please share with your friends.)Read More S3 Ep31: Apple zero-days, Flubot scammers and PHP supply chain bug [Podcast]
This browser update is for everyone, but it’s for Android users particularly.Read More Firefox for Android gets critical update to block cookie-stealing hole
These bugs date back to 2009, and they could give crooks who are already in your network access to sysadmin superpowers.Read More Dell fixes exploitable holes in its own firmware update driver – patch now!
Don’t delay. Get these updates today.Read More Apple products hit by fourfecta of zero-day exploits – patch now!
Here’s the latest Naked Security talk – watch now!Read More Naked Security Live – Beware ‘Flubot’: the home delivery scam with a difference
Third time lucky! (The first two times were lucky, too, luckily.)Read More PHP community sidesteps its third supply chain attack in three years
Listen now – latest episode – lots of fun but with a serious (and educational!) side.Read More S3 Ep30: AirDrop worries, Linux pests and ransomware truths [Podcast]
Patch early, patch often. Here’s why it’s worth it.Read More Gamers update! Nvidia patches GPU driver kernel escalation bugs
Turns out the ransomware crooks aren’t that good at keeping their promises…Read More Ransomware: don’t expect a full recovery, however much you pay
Here’s the latest Naked Security talk – watch now!Read More Naked Security Live – Just how (un)safe is AirDrop?
Researchers say they reported what they consider to be a privacy hole to Apple in 2019, but never heard back. They worked on a fix anyway.Read More Apple AirDrop has “significant privacy leak”, say German researchers
Embarrassed overreaction or righteous indignation? An academic research group has provoked the Linux crew to ban their whole university!Read More Linux team in public bust-up over fake “patches” to introduce bugs
Latest episode – listen now!Read More S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns [Podcast]
No IT technology feels quite as much of a double-edged sword as encryption.Read More When cryptography attacks – how TLS helps malware hide in plain sight
Latest video – watch now! We look at the recent FBI “webshell hacking” controversy from both sides.Read More Naked Security Live – To hack or not to hack?
Latest episode – listen now!Read More S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]
It’s a bit like Snapchat all over again – but this bug was quickly fixed.Read More Keybase secure messaging fixes photo-leaking bug – patch now!
Here’s the latest Naked Security Live talk – watch now!Read More Naked Security Live – How to calculate important things using a computer
“It’s a DoS, Jim, but not as we know it.”Read More Nvidia announces official “anti-cryptomining” software drivers
He was either the smallest person who has ever lived, by an order of magnitude, or the heaviest person ever known, by two of them.Read More The massive coronavirus IT blunder with a funny side
Latest episode, listen now! (Includes special gardening safety section at no extra charge!)Read More S3 Ep20: Corporate megahacking, true love gone bad, and tax grabs [Podcast]
Stay away from popup surveys that want personal data. Tell your friends…Read More “ScamClub” gang outed for exploiting iPhone browser bug to spew ads
It’s heartbreaking to get sucked into a romance scam, or to watch a friend or family member getting sucked in. Here’s what to do…Read More Romance scams at all-time high: here’s what you need to know
Ever counted how many external source code dependencies your fancy new software product has? Be prepared for a surprise!Read More How one man silently infiltrated dozens of high-tech networks
Latest episode – watch now!Read More Naked Security Live – When is a bug bounty not a bug bounty?
More good news in the cybercrime law-and-order world, this time a bust of ransomware crooks.Read More Egregor ransomware criminals allegedly busted in Ukraine
Everyone loves a tax refund – just don’t get so excited that you forget to check for telltale signs of a scam.Read More SMS tax scam unmasked: Bogus but believable – don’t fall for it!
Latest episode (includes 111,848 “free” cups of coffee) – listen now!Read More S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast]
Patch early, patch often. In fact, patch now if you haven’t already. Here’s why.Read More Patch now to stop hackers blindly crashing your Windows computers
Beware pseudo-geeks bearing ‘gifts’.Read More Beware of technical “experts” bombarding you with bug reports
Latest Naked Security Live talk – watch now!Read More Naked Security Live – Jargonbuster: Bugs, vulns, 0-days and exploits
All’s well that ends well.Read More Perl.com gets its domain back – normal service restored!
This zero-day bug affects Chrome, as well as Edge and other Chromium-based browsers.Read More Chrome zero-day browser bug found – patch now!
New episode – listen now!Read More S3 Ep18: Apple emergency, crypto blunder and botnet takedown [Podcast]
Only try this at home, folks! As easy as it might look, it’s illegal in the wild, with good reason.Read More Free coffee! Belgian researcher hacks prepaid vending machines