S3 Ep38: Clop busts, destructive Linux hacking, and rooted bicycles [Podcast]
Latest episode – listen now!
Read More S3 Ep38: Clop busts, destructive Linux hacking, and rooted bicycles [Podcast]Author: Paul Ducklin
Ransomware: What REALLY happens if you pay the crooks?
Free talk! Join us online for as much fun as you can ethically have while talking about ransomware. (And learn some useful stuff too!)
Read More Ransomware: What REALLY happens if you pay the crooks?Can *YOU* blow a PC speaker using only a Linux kernel driver?
Can you help? There’s a hidden meaning here, and it’s time to find it!
Read More Can *YOU* blow a PC speaker using only a Linux kernel driver?S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems [Podcast]
Latest episode – listen now!
Read More S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems [Podcast]How to hack a bicycle – Peloton Bike+ rooting bug patched
It’s a bike, Jim, but not as we know it.
Read More How to hack a bicycle – Peloton Bike+ rooting bug patchedClop ransomware suspects busted in Ukraine, money and motors seized
Victims in South Korea and the USA, suspects busted in Ukraine.
Read More Clop ransomware suspects busted in Ukraine, money and motors seized“Face of Anonymous” suspect deported from Mexico to face US hacking charges
After nearly a decade as a US expat dubbed “The Face of Anoynmous”, he’s back in the US facing cybercrime charges from almost a decade ago.
Read More “Face of Anonymous” suspect deported from Mexico to face US hacking chargesALPACA – the wacky TLS security vulnerability with a funky name
Don’t panic – this isn’t another Heartbleed. But it’s a fascinating reminder of why doing things the easy way isn’t always the best way.
Read More ALPACA – the wacky TLS security vulnerability with a funky nameS3 Ep36: Trickbot coder busted, passwords cracked, and breaches judged [Podcast]
Latest episode – listen now!
Read More S3 Ep36: Trickbot coder busted, passwords cracked, and breaches judged [Podcast]Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!
Patch early. Patch often. Patch now!
Read More Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!How could the FBI recover BTC from Colonial’s ransomware payment?
But Bitcoins are anonymous! However could they get refunded?
Read More How could the FBI recover BTC from Colonial’s ransomware payment?Latvian woman charged with writing malware for the Trickbot Group
Looking for contract programming work? You might be surprised at what’s on offer out there.
Read More Latvian woman charged with writing malware for the Trickbot GroupHow to hack into 5500 accounts… just using “credential stuffing”
Passwords – don’t just pay them lip service.
Read More How to hack into 5500 accounts… just using “credential stuffing”S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble [Podcast]
Latest episode – listen now!
Read More S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble [Podcast]“Have I Been Pwned” breach site partners with… the FBI!
If your password gets stolen as part of a data breach, you’ll probably be told. But what if your password gets pwned some other way?
Read More “Have I Been Pwned” breach site partners with… the FBI!“Unpatchable” vuln in Apple’s new Mac chip – what you need to know
It’s all over the news! The bug you can’t fix! Fortunately, you don’t need to. We explain why.
Read More “Unpatchable” vuln in Apple’s new Mac chip – what you need to knowS3 Ep34: Apple bugs, scammers busted, and how crooks bypass 2FA [Podcast]
Latest episode – listen now. (And please leave us a review if you like what you hear!)
Read More S3 Ep34: Apple bugs, scammers busted, and how crooks bypass 2FA [Podcast]S3 Ep32: AirTag jailbreak, Dell vulns, and a never-ending scam [Podcast]
Latest episode – listen now!
Read More S3 Ep32: AirTag jailbreak, Dell vulns, and a never-ending scam [Podcast]Beware fake online trading apps, on iOS as well as Android
All that glisters is not gold/Often have you heard that told/Gilded tombs do worms enfold
Read More Beware fake online trading apps, on iOS as well as AndroidApple AirTag jailbroken already – hacked in rickroll attack
Ooooh, look! A shiny button-like object!
Read More Apple AirTag jailbroken already – hacked in rickroll attackNever say never! Warren Buffett caught up in integer overflow error…
640Kbytes of RAM should be enough for anyone…
Read More Never say never! Warren Buffett caught up in integer overflow error…S3 Ep31: Apple zero-days, Flubot scammers and PHP supply chain bug [Podcast]
Latest episode – listen now! (And please share with your friends.)
Read More S3 Ep31: Apple zero-days, Flubot scammers and PHP supply chain bug [Podcast]Firefox for Android gets critical update to block cookie-stealing hole
This browser update is for everyone, but it’s for Android users particularly.
Read More Firefox for Android gets critical update to block cookie-stealing holeDell fixes exploitable holes in its own firmware update driver – patch now!
These bugs date back to 2009, and they could give crooks who are already in your network access to sysadmin superpowers.
Read More Dell fixes exploitable holes in its own firmware update driver – patch now!Apple products hit by fourfecta of zero-day exploits – patch now!
Don’t delay. Get these updates today.
Read More Apple products hit by fourfecta of zero-day exploits – patch now!Naked Security Live – Beware ‘Flubot’: the home delivery scam with a difference
Here’s the latest Naked Security talk – watch now!
Read More Naked Security Live – Beware ‘Flubot’: the home delivery scam with a differencePHP community sidesteps its third supply chain attack in three years
Third time lucky! (The first two times were lucky, too, luckily.)
Read More PHP community sidesteps its third supply chain attack in three yearsS3 Ep30: AirDrop worries, Linux pests and ransomware truths [Podcast]
Listen now – latest episode – lots of fun but with a serious (and educational!) side.
Read More S3 Ep30: AirDrop worries, Linux pests and ransomware truths [Podcast]Gamers update! Nvidia patches GPU driver kernel escalation bugs
Patch early, patch often. Here’s why it’s worth it.
Read More Gamers update! Nvidia patches GPU driver kernel escalation bugsRansomware: don’t expect a full recovery, however much you pay
Turns out the ransomware crooks aren’t that good at keeping their promises…
Read More Ransomware: don’t expect a full recovery, however much you payNaked Security Live – Just how (un)safe is AirDrop?
Here’s the latest Naked Security talk – watch now!
Read More Naked Security Live – Just how (un)safe is AirDrop?Apple AirDrop has “significant privacy leak”, say German researchers
Researchers say they reported what they consider to be a privacy hole to Apple in 2019, but never heard back. They worked on a fix anyway.
Read More Apple AirDrop has “significant privacy leak”, say German researchersLinux team in public bust-up over fake “patches” to introduce bugs
Embarrassed overreaction or righteous indignation? An academic research group has provoked the Linux crew to ban their whole university!
Read More Linux team in public bust-up over fake “patches” to introduce bugsS3 Ep29: Anti-tracking, rowhammer problems and IoT vulns [Podcast]
Latest episode – listen now!
Read More S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns [Podcast]When cryptography attacks – how TLS helps malware hide in plain sight
No IT technology feels quite as much of a double-edged sword as encryption.
Read More When cryptography attacks – how TLS helps malware hide in plain sightFirefox 88 patches bugs and kills off a sneaky JavaScript tracking trick
What’s in a window name? Turns out that it could be a sneaky tracking code, so Firefox has put a stop to that.
Read More Firefox 88 patches bugs and kills off a sneaky JavaScript tracking trickNaked Security Live – To hack or not to hack?
Latest video – watch now! We look at the recent FBI “webshell hacking” controversy from both sides.
Read More Naked Security Live – To hack or not to hack?S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]
Latest episode – listen now!
Read More S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]Keybase secure messaging fixes photo-leaking bug – patch now!
It’s a bit like Snapchat all over again – but this bug was quickly fixed.
Read More Keybase secure messaging fixes photo-leaking bug – patch now!Naked Security Live – How to calculate important things using a computer
Here’s the latest Naked Security Live talk – watch now!
Read More Naked Security Live – How to calculate important things using a computerNvidia announces official “anti-cryptomining” software drivers
“It’s a DoS, Jim, but not as we know it.”
Read More Nvidia announces official “anti-cryptomining” software driversThe massive coronavirus IT blunder with a funny side
He was either the smallest person who has ever lived, by an order of magnitude, or the heaviest person ever known, by two of them.
Read More The massive coronavirus IT blunder with a funny sideS3 Ep20: Corporate megahacking, true love gone bad, and tax grabs [Podcast]
Latest episode, listen now! (Includes special gardening safety section at no extra charge!)
Read More S3 Ep20: Corporate megahacking, true love gone bad, and tax grabs [Podcast]“ScamClub” gang outed for exploiting iPhone browser bug to spew ads
Stay away from popup surveys that want personal data. Tell your friends…
Read More “ScamClub” gang outed for exploiting iPhone browser bug to spew adsRomance scams at all-time high: here’s what you need to know
It’s heartbreaking to get sucked into a romance scam, or to watch a friend or family member getting sucked in. Here’s what to do…
Read More Romance scams at all-time high: here’s what you need to knowHow one man silently infiltrated dozens of high-tech networks
Ever counted how many external source code dependencies your fancy new software product has? Be prepared for a surprise!
Read More How one man silently infiltrated dozens of high-tech networksNaked Security Live – When is a bug bounty not a bug bounty?
Latest episode – watch now!
Read More Naked Security Live – When is a bug bounty not a bug bounty?Egregor ransomware criminals allegedly busted in Ukraine
More good news in the cybercrime law-and-order world, this time a bust of ransomware crooks.
Read More Egregor ransomware criminals allegedly busted in UkraineSMS tax scam unmasked: Bogus but believable – don’t fall for it!
Everyone loves a tax refund – just don’t get so excited that you forget to check for telltale signs of a scam.
Read More SMS tax scam unmasked: Bogus but believable – don’t fall for it!S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast]
Latest episode (includes 111,848 “free” cups of coffee) – listen now!
Read More S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast]Patch now to stop hackers blindly crashing your Windows computers
Patch early, patch often. In fact, patch now if you haven’t already. Here’s why.
Read More Patch now to stop hackers blindly crashing your Windows computersBeware of technical “experts” bombarding you with bug reports
Beware pseudo-geeks bearing ‘gifts’.
Read More Beware of technical “experts” bombarding you with bug reportsNaked Security Live – Jargonbuster: Bugs, vulns, 0-days and exploits
Latest Naked Security Live talk – watch now!
Read More Naked Security Live – Jargonbuster: Bugs, vulns, 0-days and exploitsPerl.com gets its domain back – normal service restored!
All’s well that ends well.
Read More Perl.com gets its domain back – normal service restored!Chrome zero-day browser bug found – patch now!
This zero-day bug affects Chrome, as well as Edge and other Chromium-based browsers.
Read More Chrome zero-day browser bug found – patch now!S3 Ep18: Apple emergency, crypto blunder and botnet takedown [Podcast]
New episode – listen now!
Read More S3 Ep18: Apple emergency, crypto blunder and botnet takedown [Podcast]Free coffee! Belgian researcher hacks prepaid vending machines
Only try this at home, folks! As easy as it might look, it’s illegal in the wild, with good reason.
Read More Free coffee! Belgian researcher hacks prepaid vending machines