Category: Naked Security – Sophos

To consolidate all of our security intelligence and news in one location, we have migrated Naked Security to the Sophos News platform. This article has been indexed from Naked Security – Sophos Read the original article: Update on Naked Security

Read more →

It took six months for notifications to start, and we still don’t know exactly what went down… but here’s our advice on what to do. This article has been indexed from Naked Security – Sophos Read the original article: Mom’s…

Read more →

Latest episode – listen now! Full transcript inside… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep149: How many cryptographers does it take to change a light bulb?

Read more →

Imagine if you clicked on a harmless-looking image, but an unknown application fired up instead… This article has been indexed from Naked Security – Sophos Read the original article: Using WinRAR? Be sure to patch against these code execution bugs…

Read more →

Cryptography isn’t just about secrecy. You need to take care of authenticity (no imposters!) and integrity (no tampering!) as well. This article has been indexed from Naked Security – Sophos Read the original article: Smart light bulbs could give away…

Read more →

WYSIWYG is short for “what you see is what you get”. Except when it isn’t… This article has been indexed from Naked Security – Sophos Read the original article: “Snakes in airplane mode” – what if your phone says it’s…

Read more →

Celebrating the true crypto bros. Listen now (full transcript available). This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep148: Remembering crypto heroes

Read more →

Apps on your iPhone must come from the App Store. Except when they don’t… we explain what to look out for. This article has been indexed from Naked Security – Sophos Read the original article: FBI warns about scams that…

Read more →

The rise of tap-to-pay and chip-and-PIN hasn’t rid the world of ATM card skimming criminals… This article has been indexed from Naked Security – Sophos Read the original article: “Grab hold and give it a wiggle” – ATM card skimming…

Read more →

The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back… This article has been indexed from Naked Security – Sophos Read the original article: Crimeware server used by NetWalker…

Read more →

Latest episode – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep147: What if you type in your password during a meeting?

Read more →

74 CVEs, and two “Exploitation Detected” advisories, which are nearly but not quite the same as 0-days. Also, two potential Teams treacheries that you really want to fix. This article has been indexed from Naked Security – Sophos Read the…

Read more →

Fast, quiet, smooth, consistent and low impact… why true hacker-grade touch-typing might keep you more secure. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: Why learning to touch-type could protect you from…

Read more →

Sentences still to be decided, but she could get up to 10 years and he could get as many as 20. This article has been indexed from Naked Security – Sophos Read the original article: “Crocodile of Wall Street” and…

Read more →

Serious security stories explained clearly in plain English – listen now. (Full transcript available.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep146: Tell us about that breach! (If you want to.)

Read more →

It’s a real vulnerability, but the data leakage rate can be as low as… let’s just say that an IMAX-quality copy of the new “Oppenheimer” movie could take you 4 billion years to exfiltrate. This article has been indexed from…

Read more →

No zero-days, but some interesting patches with their very own “teachable moments”. This article has been indexed from Naked Security – Sophos Read the original article: Firefox fixes a flurry of flaws in the first of two releases this month

Read more →

When is a ransomware attack a reportable matter? And how long have you got to decide? This article has been indexed from Naked Security – Sophos Read the original article: SEC demands four-day disclosure limit for cybersecurity breaches

Read more →

Fascinating fun (with a serious and educational side) – listen now! Full transcript available inside. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep145: Bugs With Impressive Names!

Read more →

“You need to turn on a special setting to stop the code you wrote to stop the code you wrote to improve performance from reducing performance from reducing security.” This article has been indexed from Naked Security – Sophos Read…

Read more →

Another month, another patch for in-the-wild iPhone malware (and a whole lot more). This article has been indexed from Naked Security – Sophos Read the original article: Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second…

Read more →

“Three may keep a secret, if two of them are dead.” This article has been indexed from Naked Security – Sophos Read the original article: Hacking police radios: 30-year-old crypto flaws in the spotlight

Read more →

Latest episode – check it out now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep144: When threat hunting goes down a rabbit hole

Read more →

Careful with that file, Eugene! This article has been indexed from Naked Security – Sophos Read the original article: Google Virus Total leaks list of spooky email addresses

Read more →

The first compromise didn’t get the crooks as far as they wanted, so they found a second one that did… This article has been indexed from Naked Security – Sophos Read the original article: Microsoft hit by Storm season –…

Read more →

Zimbra didn’t actually say, “Do not delay/Do it today,” but they did say, “We kindly request your cooperation to apply the fix manually.” This article has been indexed from Naked Security – Sophos Read the original article: Zimbra Collaboration Suite…

Read more →

Latest episode – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep143: Supercookie surveillance shenanigans

Read more →

Here’s a brief reminder to do two things. The first is to patch. The second is to read up why it’s a good idea to patch… This article has been indexed from Naked Security – Sophos Read the original article:…

Read more →

Previously, we said “do it today”, but now we’re forced back on: “Do not delay; do it as soon as Apple and your device will let you.” This article has been indexed from Naked Security – Sophos Read the original…

Read more →

Don’t delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit. This article has been indexed from Naked Security – Sophos Read the original article: Urgent! Apple fixes critical zero-day hole in…

Read more →

Gaslights produce a telltale flicker when nearby lamps are lit; DRAM values do something similar when nearby memory cells are accessed. This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: Rowhammer returns to…

Read more →

How to get all your corporate “Ops” teams working together, with cybersecurity correctness as a guiding light. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep142: Putting the X in X-Ops

Read more →

No zero-days this month, so you’re patching to stay ahead, not merely to catch up! This article has been indexed from Naked Security – Sophos Read the original article: Firefox 115 is out, says farewell to older Windows and Mac…

Read more →

Even if you’ve never heard of the venerable Ghostscript project, you may have it installed without knowing. This article has been indexed from Naked Security – Sophos Read the original article: Ghostscript bug could allow rogue documents to run system…

Read more →

Ultimate Member plugin lets rogue users choose their own site capabilities, including becoming admins. This article has been indexed from Naked Security – Sophos Read the original article: WordPress plugin lets users become admins – Patch early, patch often!

Read more →

Latest episode – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep141: What was Steve Jobs’s first job?

Read more →

Technically, it’s “up to $10 million”, but it’s potentially a LOT of money, nevertheless… This article has been indexed from Naked Security – Sophos Read the original article: Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

Read more →

Not just that infamous Twitter hack, but SIM-swapping, stalking and swatting too… This article has been indexed from Naked Security – Sophos Read the original article: UK hacker busted in Spain gets 5 years over Twitter hack and more

Read more →

Don’t treat rebooting your phone once a day as a cybersecurity talisman… here are 8 additional tips for better mobile phone security. This article has been indexed from Naked Security – Sophos Read the original article: Aussie PM says, “Shut…

Read more →

Lots to learn this week – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep140: So you think you know ransomware?

Read more →

Apple didn’t use the words “Triangulation Trojan”, but you probably will. This article has been indexed from Naked Security – Sophos Read the original article: Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!

Read more →

Did you prevent password-only logins on your SSH servers? On ALL of them? Are you sure about that? This article has been indexed from Naked Security – Sophos Read the original article: Beware bad passwords as attackers co-opt Linux servers…

Read more →

Get the full 360-degree view of ransomware This article has been indexed from Naked Security – Sophos Read the original article: “The Ransomware Documentary” – brand new video series from Sophos starting now!

Read more →

“Do as we say, not as we do!” – The patches took ages to come out, but don’t let that lure you into taking ages to install them. This article has been indexed from Naked Security – Sophos Read the…

Read more →

One, sadly, has died, and two are heading to prison, but for Kim Dotcom, the saga goes on… This article has been indexed from Naked Security – Sophos Read the original article: Megaupload duo will go to prison at last,…

Read more →

Twice more unto the breach… patch being tested, in the meantime, shut down web access. This article has been indexed from Naked Security – Sophos Read the original article: MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Read more →

Latest episode – listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep139: Are password rules like running through rain?

Read more →

No zero-days this month, if you ignore the Edge RCE hole patched last week This article has been indexed from Naked Security – Sophos Read the original article: Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office…

Read more →

Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end… This article has been indexed from Naked Security – Sophos Read the original article: Gozi…

Read more →

Though the mills of the Law grind slowly/Yet they grind exceeding small/Though with patience they stand waiting/With exactness grind they all… This article has been indexed from Naked Security – Sophos Read the original article: History revisited: US DOJ unseals…

Read more →

Good news… more patches, this time available proactively This article has been indexed from Naked Security – Sophos Read the original article: More MOVEit mitigations: new patches published for further protection

Read more →

Does swapping your password regularly make it a better password? This article has been indexed from Naked Security – Sophos Read the original article: Thoughts on scheduled password changes (don’t call them rotations!)

Read more →

Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available…) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep138: I like to MOVEit, MOVEit

Read more →

With the right (or wrong, if you’re on the right side of the fence) timing… This article has been indexed from Naked Security – Sophos Read the original article: Firefox 114 is out: No 0-days, but one fascinating “teachable moment”…

Read more →

Chrome 0-day patched now, Edge patch coming soon. This article has been indexed from Naked Security – Sophos Read the original article: Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now

Read more →

Chrome 0-day patched now, Edge patch coming soon. This article has been indexed from Naked Security – Sophos Read the original article: Chrome zero-day: “This exploit is in the wild”, so check your version now

Read more →

Little Bobby Tables is back! This article has been indexed from Naked Security – Sophos Read the original article: MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…

Read more →

It’s a backdoor, Jim, but not as we know it… here’s a sober look at this issue. This article has been indexed from Naked Security – Sophos Read the original article: Researchers claim Windows “backdoor” affects hundreds of Gigabyte motherboards

Read more →

Lots to learn, clearly explained in plain English… listen now! (Full transcript inside.) This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep137: 16th century crypto skullduggery

Read more →

Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don’t panic.) This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: That KeePass “master password crack”, and what we…

Read more →

What good is a popup asking for your approval if an attacker can bypass it simply by suppressing it? This article has been indexed from Naked Security – Sophos Read the original article: Serious Security: Verification is vital – examining…

Read more →

Latest episode – listen now. Full transcript inside… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep136: Navigating a manic malware maelstrom

Read more →

Another traitorous sysadmin story, this one busted by system logs that gave his game away… This article has been indexed from Naked Security – Sophos Read the original article: Ransomware tales: The MitM attack that really had a Man in…

Read more →

Controlled outage used to keep malware marauders from gumming up the works. Learn what you can do to help in future… This article has been indexed from Naked Security – Sophos Read the original article: PyPI open-source code repository deals…

Read more →

Site marketing video promised total anonymity, but that was a lie. 170 arrested already. Potentially 1000s more to follow. This article has been indexed from Naked Security – Sophos Read the original article: Phone scamming kingpin gets 13 years for…

Read more →

All Apple users have zero-days that need patching, though some have more zero-days than others. This article has been indexed from Naked Security – Sophos Read the original article: Apple’s secret is out: 3 zero-days fixed, so be sure to…

Read more →

Laugh (sufficiently), learn (efficiently), and then let us know what you think in our comments (anonymously, if you wish)… This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep135: Sysadmin by day, extortionist by…

Read more →

“Up to $10 million for information that leads to the arrest and/or conviction of this defendant.” This article has been indexed from Naked Security – Sophos Read the original article: US offers $10m bounty for Russian ransomware suspect outed in…

Read more →

Yes, it’s a buffer overflow bug. No, it’s not going get fixed. This article has been indexed from Naked Security – Sophos Read the original article: Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched

Read more →

We asked you once, we told you twice, now we’re ordering you for the third time… This article has been indexed from Naked Security – Sophos Read the original article: Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble…

Read more →

Not just an active adversary, but a two-faced one, too. This article has been indexed from Naked Security – Sophos Read the original article: Whodunnit? Cybercrook gets 6 years for ransoming his own employer

Read more →

Latest episode – listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep134: It’s a PRIVATE key – the hint is in the name!

Read more →

When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car… This article has been indexed from Naked Security – Sophos Read the original article: Bootkit zero-day fix – is this Microsoft’s…

Read more →

What can you do if someone steals your keys but you can’t change the lock? We explain the dilemma in plain English. This article has been indexed from Naked Security – Sophos Read the original article: Low-level motherboard security keys…

Read more →

I pwned you! Gizza job! You know it makes sense! This article has been indexed from Naked Security – Sophos Read the original article: PHP Packagist supply chain poisoned by hacker “looking for a job”

Read more →

Entertaining, educational, and all in plain English 🎧📖 This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep133: Apple takes “tight-lipped” to a whole new level

Read more →

We’ve kept it short and simple, with no sermons, no judgmentalism, no tubthumping… and no BUY NOW buttons. Have a nice day! This article has been indexed from Naked Security – Sophos Read the original article: World Password Day: 2…

Read more →

To bleat, or not to bleat, that is the question. This article has been indexed from Naked Security – Sophos Read the original article: Tracked by hidden tags? Apple and Google unite to propose safety and security standards…

Read more →

Just when we’d got used to three-numbered versions, such as “13.3.1”, here comes an update suffix, bringing you “13.3.1 (a)”… This article has been indexed from Naked Security – Sophos Read the original article: Apple delivers first-ever Rapid Security Response…

Read more →

These malware peddlers are specifically going after Mac users. The hint’s in the name: “Atomic macOS Stealer”, or AMOS for short. This article has been indexed from Naked Security – Sophos Read the original article: Mac malware-for-hire steals passwords and…

Read more →

CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more. This article has been indexed from Naked Security – Sophos Read the original article: Google wins court order to force ISPs to filter botnet…

Read more →

When Doug says, “Happy Remote Code Execution Day, Duck”… it’s irony. For the avoidance of all doubt 🙂 This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep132: Proof-of-concept lets anyone hack at will

Read more →

You waited 13 years for this feature in Google Authenticator. Now researchers are advising you to wait a while longer, just in case… This article has been indexed from Naked Security – Sophos Read the original article: Google leaking 2FA…

Read more →

If you have the product, but you haven’t patched – well, the crooks have now landed, so please don’t delay. Do it today… This article has been indexed from Naked Security – Sophos Read the original article: PaperCut security vulnerabilities…

Read more →

Wouldn’t it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform? This article has been indexed from Naked Security – Sophos Read the original article: Double zero-day in Chrome…

Read more →

You know jolly well/What we’re going to say/And that’s “Do not delay/Simply do it today.” This article has been indexed from Naked Security – Sophos Read the original article: VMware patches break-and-enter hole in logging tools: update now!

Read more →

Loop-the-loop in this week’s episode. Entertaining, educational and all in plain English. Transcript inside. This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep131: Can you really have fun with FORTRAN?

Read more →

Did the sentence fit the crime? Read the backstory, and then have your say in our comments! (You may post anonymously.) This article has been indexed from Naked Security – Sophos Read the original article: Ex-CEO of breached pyschotherapy clinic…

Read more →

USB charging stations – can you trust them? What are the real risks, and how can you keep your data safe on the road? This article has been indexed from Naked Security – Sophos Read the original article: FBI and…

Read more →

Is Secure Boot without the Secure just “Boot”? This article has been indexed from Naked Security – Sophos Read the original article: Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot

Read more →

I’m sorry, Dave. I’m afraid I can’t… errr, no, hang on a minute, I can do that easily! Worldwide! Right now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep130: Open the garage…

Read more →

Is Secure Boot without the Secure just “Boot”? This article has been indexed from Naked Security – Sophos Read the original article: Microsoft fixes a zero-day – and two curious bugs that take the Secure out of Secure Boot

Read more →

Stealing private keys is like getting hold of a medieval monarch’s personal signet ring… you get to put an official seal on treasonous material. This article has been indexed from Naked Security – Sophos Read the original article: Attention gamers!…

Read more →

That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices – patch now! This article has been indexed from Naked Security – Sophos Read the original article: Apple…

Read more →

The security error was in the error handling system that was supposed to catch potential security errors… This article has been indexed from Naked Security – Sophos Read the original article: Popular server-side JavaScript security sandbox “vm2” patches remote execution…

Read more →

A bug to hack your browser, then a bug to pwn the kernel… reported from the wild by Amnesty International. This article has been indexed from Naked Security – Sophos Read the original article: Apple issues emergency patches for spyware-style…

Read more →

Grab a message/Play it back/You’ve just performed/A big phat hack… This article has been indexed from Naked Security – Sophos Read the original article: Hack and enter! The “secure” garage doors that anyone can open from anywhere – what you…

Read more →

Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days… listen now! This article has been indexed from Naked Security – Sophos Read the original article: S3 Ep129: When spyware arrives from someone you trust

Read more →

Grab a message/Play it back/You’ve just performed/A big phat hack… This article has been indexed from Naked Security – Sophos Read the original article: US government warning! What if anyone could open your garage door?

Read more →

Imagine tiling a whole football field using a single shape… yet not being able to produce a repeating pattern, even if you wanted to. This article has been indexed from Naked Security – Sophos Read the original article: Einstein tilings…

Read more →