Sophos Naked Security


News, opinion, advice and research on computer security threats from Sophos
Aktualizace: 9 min 19 sek zpět
OpenSSH fixes double-free memory bug that’s pokable over the network
It's a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code...
Kategorie: Hacking & Security, Viry a Červi
S3 Ep120: When dud crypto simply won’t let go [Audio + Text]
Latest episode - listen now!
Kategorie: Hacking & Security, Viry a Červi
Password-stealing “vulnerability” reported in KeePass – bug or feature?
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Kategorie: Hacking & Security, Viry a Červi
GitHub code-signing certificates stolen (but will be revoked this week)
There was a breach, so the bad news isn't great, but the good news isn't too bad...
Kategorie: Hacking & Security, Viry a Červi
Serious Security: The Samba logon bug caused by outdated crypto
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
Kategorie: Hacking & Security, Viry a Červi
Hive ransomware servers shut down at last, says FBI
Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...
Kategorie: Hacking & Security, Viry a Červi
Dutch suspect locked up for alleged personal data megathefts
Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.
Kategorie: Hacking & Security, Viry a Červi
S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
Lastest episode - listen now! (Or read the transcript.)
Kategorie: Hacking & Security, Viry a Červi
GoTo admits: Customer cloud backups stolen together with decryption key
We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Kategorie: Hacking & Security, Viry a Červi
Apple patches are out – old iPhones get an old zero-day fix at last!
Don't delay, especially if you're still running an iOS 12 device... please do it today!
Kategorie: Hacking & Security, Viry a Červi
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
It's a really cool and super-simple trick. The question is, "Will it help?"
Kategorie: Hacking & Security, Viry a Červi
T-Mobile admits to 37,000,000 customer records stolen by “bad actor”
Once more, it's time for Shakespeare's words: Once more unto the breach...
Kategorie: Hacking & Security, Viry a Červi
S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...
Kategorie: Hacking & Security, Viry a Červi
Serious Security: Unravelling the LifeLock “hacked passwords” story
Four straight-talking tips to improve your online security, whether you're a LifeLock customer or not.
Kategorie: Hacking & Security, Viry a Červi
Multi-million investment scammers busted in four-country Europol raid
216 questioned, 15 arrested, 4 fake call centres searched, millions seized...
Kategorie: Hacking & Security, Viry a Červi
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]
Tell us in the comments... What's the REAL reason there was no Windows 9? (No theory too far-fetched!)
Kategorie: Hacking & Security, Viry a Červi
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...
Kategorie: Hacking & Security, Viry a Červi
Popular JWT cloud security library patches “remote” code execution hole
It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.
Kategorie: Hacking & Security, Viry a Červi
CircleCI – code-building service suffers total credential compromise
They're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help you find them all.
Kategorie: Hacking & Security, Viry a Červi