Sophos Naked Security

Syndikovat obsah Naked Security
News, opinion, advice and research on computer security threats from Sophos
Aktualizace: 9 min 19 sek zpět

OpenSSH fixes double-free memory bug that’s pokable over the network

3 Únor, 2023 - 18:59
It's a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code...

S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

2 Únor, 2023 - 20:50
Latest episode - listen now!

Password-stealing “vulnerability” reported in KeePass – bug or feature?

1 Únor, 2023 - 20:58
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?

GitHub code-signing certificates stolen (but will be revoked this week)

31 Leden, 2023 - 20:35
There was a breach, so the bad news isn't great, but the good news isn't too bad...

Serious Security: The Samba logon bug caused by outdated crypto

30 Leden, 2023 - 20:59
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!

Hive ransomware servers shut down at last, says FBI

27 Leden, 2023 - 20:58
Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...

Dutch suspect locked up for alleged personal data megathefts

26 Leden, 2023 - 23:02
Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

26 Leden, 2023 - 20:57
Lastest episode - listen now! (Or read the transcript.)

GoTo admits: Customer cloud backups stolen together with decryption key

25 Leden, 2023 - 20:37
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.

Apple patches are out – old iPhones get an old zero-day fix at last!

24 Leden, 2023 - 20:24
Don't delay, especially if you're still running an iOS 12 device... please do it today!

Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security

23 Leden, 2023 - 20:59
It's a really cool and super-simple trick. The question is, "Will it help?"

T-Mobile admits to 37,000,000 customer records stolen by “bad actor”

20 Leden, 2023 - 20:59
Once more, it's time for Shakespeare's words: Once more unto the breach...

S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

19 Leden, 2023 - 20:53
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...

Serious Security: Unravelling the LifeLock “hacked passwords” story

17 Leden, 2023 - 20:59
Four straight-talking tips to improve your online security, whether you're a LifeLock customer or not.

Multi-million investment scammers busted in four-country Europol raid

16 Leden, 2023 - 20:10
216 questioned, 15 arrested, 4 fake call centres searched, millions seized...

S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]

12 Leden, 2023 - 20:59
Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches

11 Leden, 2023 - 20:22
Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...

Popular JWT cloud security library patches “remote” code execution hole

10 Leden, 2023 - 20:59
It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.

CircleCI – code-building service suffers total credential compromise

9 Leden, 2023 - 20:52
They're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help you find them all.