Security Risks of Monoculture
2022-07-01 23:30:01Seven respected information security experts have released a paper pointing out that the ubiquity of the Microsoft operating system is a security risk. Worth reading.Facebook 2FA phish arrives just 28 minutes after scam domain created
2022-07-01 20:01:31The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.“Missing Cryptoqueen” hits the FBI’s Ten Most Wanted list
2022-07-01 16:49:58The "Missing Cryptoqueen" makes the American Top Ten... but not in a good way.S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
2022-06-30 18:57:04Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!Firefox 102 fixes address bar spoofing security hole (and helps with Follina!)
2022-06-29 18:11:55Firefox squashes a bug that helped phishers, and brings its own helping hand to Microsoft's "Follina" saga.Harmony blockchain loses nearly $100M due to hacked private keys
2022-06-27 18:14:53The crooks needed at least two private keys, each stored in two parts... but they got them anyway.FTC warns of LGBTQ+ extortion scams – be aware before you share!
2022-06-27 17:58:19It's a simple jingle and it's solid advice: "If in doubt, don't give it out!"OpenSSL issues a bugfix for the previous bugfix
2022-06-24 18:32:13Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
2022-06-23 18:08:42Latest epsiode - listen (or read) now!Capital One identity theft hacker finally gets convicted
2022-06-21 18:24:24It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!Interpol busts 2000 suspects in phone scamming takedown
2022-06-20 18:10:48Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast]
2022-06-16 18:52:55Lastest epsiode - listen now!Follina gets fixed – but it’s not listed in the Patch Tuesday patches!
2022-06-15 18:20:14We tried it out to make sure, so you don't have to.Murder suspect admits she tracked cheating partner with hidden AirTag
2022-06-14 18:49:36O! What a tangled web we weave, when first we practise to deceive.You’re invited! Join us for a live walkthrough of the “Follina” story…
2022-06-13 18:28:17Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
2022-06-09 18:07:36Latest episode - listen (or read) now!SSNDOB Market domains seized, identity theft “brokerage” shut down
2022-06-08 18:53:35The online identity "brokerage" SSNDOB Market didn't want people to be in any doubt what it was selling.Know your enemy! Learn how cybercrime adversaries get in…
2022-06-07 18:49:50Here's how 144 recent attacks actually went down in real life. Don't let this happen to you!Atlassian announces 0-day hole in Confluence Server – update now!
2022-06-03 18:59:18Zero-day announced - here's what you need to knowYet another zero-day (sort of) in Windows “search URL” handling
2022-06-02 19:39:57More trouble with special-purpose URLs on Windows.S3 Ep85: Now THAT’S what I call a Microsoft Office exploit! [Podcast]
2022-06-02 18:37:11Latest episode - listen now!Firefox 101 is out, this time with no 0-day scares (but update anyway!)
2022-06-01 14:31:19After an intriguing month of Firefox releases, here's one with a bit less drama, probably to the collective relief of Mozilla's coders.