Security Risks of Monoculture
2022-12-04 03:30:01Seven respected information security experts have released a paper pointing out that the ubiquity of the Microsoft operating system is a security risk. Worth reading.Apple pushes out iOS security update that’s more tight-lipped than ever
2022-12-02 21:02:43We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...LastPass admits to customer data breach caused by previous breach
2022-12-02 19:10:59Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.The CHRISTMA EXEC network worm – 35 years and counting!
2022-12-01 20:35:54"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]
2022-12-01 19:58:50Latest episode - listen now (or read if you prefer)...Serious Security: MD5 considered harmful – to the tune of $600,000
2022-11-30 19:58:49It's not just the hashing, by the way. It's the salting and the stretching, too!TikTok “Invisible Challenge” porn malware puts us all at risk
2022-11-29 19:58:21An injury to one is an injury to all. Especially if the other people are part of your social network.Chrome fixes 8th zero-day of 2022 – check your version now (Edge too!)
2022-11-28 19:42:53There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown
2022-11-25 19:17:25Those numbers or names that pop up when a call comes up? They're OK as a hint of who's calling, but THEY PROVE NOTHINGS3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]
2022-11-24 19:52:19Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach usMultimillion dollar CryptoRom scam sites seized, suspects arrested in US
2022-11-23 19:58:19Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers...How to hack an unpatched Exchange server with rogue PowerShell code
2022-11-22 19:54:04Review your servers, your patches and your authentication policies - there's a proof-of-concept outHow social media scammers buy time to steal your 2FA codes
2022-11-21 19:02:42The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fakeBlack Friday and retail season – watch out for PayPal “money request” scams
2022-11-17 20:45:56Don't let a keen eye for bargains lead you into risky online behaviour...S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
2022-11-17 19:52:27Latest episode - listen now! Cybersecurity news plus loads of great advice...Firefox fixes fullscreen fakery flaw – get the update now!
2022-11-16 19:51:21What's so bad about a web page going fullscreen without warning you first?Log4Shell-like code execution hole in popular Backstage dev tool
2022-11-15 19:49:49Good old "string templating", also known as "string interpolation", in the spotlight again...“Gucci Master” business email scammer Hushpuppi gets 11 years
2022-11-14 19:24:19Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...Dangerous SIM-swap lockscreen bypass – update Android now!
2022-11-11 19:59:12A bit like leaving the front door keys under the doormat...Emergency code execution patch from Apple – but not an 0-day
2022-11-10 20:49:12Not a zero-day, but important enough for a quick-fire patch to one system library...S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
2022-11-10 19:26:34Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!
2022-11-09 19:58:37In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?Silk Road drugs market hacker pleads guilty, faces 20 years inside
2022-11-08 19:58:57Jurisprudence isn't like arithmetic... two negatives never make a positive!Public URL scanning tools – when security leads to insecurity
2022-11-07 19:59:03Never make your users cry/By how you use an APITwitter Blue Badge email scams – Don’t fall for them!
2022-11-04 19:59:12That was the week that was...The OpenSSL security update story – how can you tell what needs fixing?
2022-11-03 20:44:19How to Hack! Finding OpenSSL library files and accurately identifying their version numbers...S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]
2022-11-03 19:51:27Listen now - latest episode - audio plus full transcript
