The mighty CPU that wasn't. Hive ransomware takedown. Dutch data crime suspect busted. Samba finally gets rid of MD5. GitHub admits to an intrusion. Storing passwords securely. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The programming language almost called Oak. GoTo admits to more breach woes . T-Mobile spills 37 million records. Apple patches everything , even iOS 12. And Google mAkES tYpOs for sECurity.Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The HAPPY99 virus reminds us that less is more. Trouble with JSON Web Tokens . Investment scammers busted in Europe. The LifeLock "breach" that wasn't . Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Two stories from the underground. Bank scammers busted. The crypto-crack that wasn't. And the end of two Windows eras at the same time. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The ground-breaking HP-35 digital calculator. Last straw for LastPass? Congress takes on quantum computing . 33 1/3-year-old cybersecurity lessons . Machine learning supply chain attack. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Once more unto the breach, dear friends, once more! Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Original music by Edith Mudge Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity
Join world-renowned Sophos expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode, recorded during our recent Security SOS Week 2022. When it comes to fighting cybercrime, Fraser truly is a "specialist in everything", and he also has the knack of explaining this tricky and treacherous subject in plain English. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The irony of the CAN-SPAM law. When genuine kernel drivers go rogue. Apple patches everything. Stealing data via secret radio waves. E-commerce supply chain drama. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The worm that wasn't a Goner. LastPass suffers a sting in the data breach tail. Apple's secretive update. The Ping o' Death . SIM swapping explained . A Beatles-esque 0-day in Chrome and Edge. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Christmas-themed wormage. Prurient malware . Cryptorom busts . Voice call spoofing . Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Security specialist John Shier tells you the "news you can really use" - how to boost your cybersecurity based on real-world advice from the 2023 Sophos Threat Report. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity
Microsoft's tilt at the MP3 marketplace. Apple's not-a-zero-day emergency. Cracking the lock on Android phones. Browser-in-the-Browser revisited . The Emmenthal cheese attack. Business Email Compromise and how to prevent it . Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Radio waves so mysterious they're known only as X-Rays. Were there six 0-days or only four? The cops that found $3 billion in a popcorn tin. Blue badge confusion . When URL scanning goes wrong. Tracking down every last unpatched file. Why even unlikely exploits can earn "high" severity levels. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The man who put Boole in Boolean. OpenSSL's bated-breath update. Apple's zero-day finally settled. New Chrome zero-day . SHA-3 code gets a patch . Extreme extortion via stolen medical data . Data breach response the nonchalant way. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Windows XP (fondly?!) remembered. Clearview AI courts controversy again. DEADBOLT ransomware crooks get counterhacked . Women cryptologists commemorated in US. How to measure randomness . Deconstructing Apple's latest security bulletins . Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Coolest videogame ever. Zoom thinks everyone's a developer . The Patch Tuesday that wasn't . A data breach coverup . Log4Shell all over again . And the Office cryptofail that Microsoft won't fix. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
What goes up... must come down. Ransomware criminal avoids a life sentence . Former CSO convicted over Uber megabreach coverup . WhatsApp fights rip-off rogue apps . The Countess of Computer Science . Could a weird email brick your iPhone ? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Naked Security meets Sophos X-Ops ! Duck and Chet dig into OAuth 2.0, a well-known protocol for authorization. Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it. Original music by Edith Mudge
A fridge-sized calculator made with transistors (really). ProxyNotShell situation reviewed. Romance and BEC scammer gets 25 years in the slammer. Is there an answer to nuisance callers ? Is the answer voicemail? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Chester Wisniewski gives you actionable advice on how to deal with two actively exploited Exchange zero-days that suddenly burst into the news. Learn who's affected and how, find out what you can do while waiting for Microsoft's patches, and plan your threat hunting in case the worst happens to you. Original music by Edith Mudge...
What's the real deal with LAPSUS$ ? How did Optus get hacked? Was there really a WhatsApp 0-day? What if "deleted" data comes back from the dead to haunt you? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
Security SOS Week 2022 - check it out ! The very first Android. Firefox 105 is out. Uber hacked... by LAPSUS$ ? LastPass talks about its breach . Are two disks better than one? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
Chester Wisniewski explains what we can learn from Uber's latest cybsecurity crisis : "Just because a big company didn't have the security they should doesn't mean you can't." Original music by Edith Mudge
Second Cosmic Rocket (not a band!) Microsoft 0-day . Apple 0-days. Good logging habits. Browser-in-the-browser trickery. DEADBOLT ransomware. Again. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity...
The bug that was a moth. Was there really a TikTok breach? Peter Eckersley : Code In Peace. Chrome and Edge fix a zero-day . Apple updates iOS 12 for the first time in a year. App icons: the difference between sprockets and cogs. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
The Computer Misuse Act, back in 1990. JavaScript supply-chain bug hunting. Jumping airgaps . "The Sanitizer" comes to Chrome . LastPass breach provokes password manager puzzlement . Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
Start me up. The R&B dance classic that crashed computers. Bitcoin ATM skimming (no malware required). Multiple browser zero-days . Was your iPhone pwned ? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
Chester attends DEF CON from afar. Zoom fixes an 0-day. An APIC leak that isn't EPIC. $10m for dobbing in Conti criminals. Cybersecurity in hospitals. Ransomware in triplicate . Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
Memories of the Blaster worm. Slack leaked password hashes for FIVE YEARS. Github showered with malware. Traffic lights and cybersecurity. Post-quantum cryptography. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
Queen Victoria goes online. A nasty bug in Samba. Smiles for SysAdmins. A crypto-as-in-cryptography bug. A crypto-as-in-currency disaster. And is $200 million just chump change these days? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity...
