Big Microsoft data breach – 250 million records exposed
2020-01-22 17:42:47Microsoft has today announced a data breach that affected one of its customer databases.Ubisoft sues DDoS-for-hire operators for ruining game play
2020-01-22 11:39:14The network of sites and services run by the alleged operators target the Rainbow Six Siege game, selling attacks to cheating players.NIST’s new privacy rules – what you need to know
2020-01-22 10:56:40How do you ensure you're compliant with privacy regulations? NIST has released a Privacy Framework to help you get your house in order.Regus spills data of 900 staff on Trello board set to ‘public’
2020-01-22 10:44:23Another company has ended up accidentally spilling sensitive data from business collaboration tool Trello.Nobody boogies quite like you
2020-01-22 10:38:05Our unique dancing style can be used by a machine-learning model to ID us, regardless of musical genre. Unless it's Metal. We all headbang.Citrix ships patches as vulnerable servers come under attack
2020-01-21 12:32:31Citrix has issued its first set of patches fixing a nasty vulnerability that's been hanging over some of its biggest products.China and US top user data requests in Apple transparency report
2020-01-21 11:53:00Most of the US and China's requests had to do with investigations into fraud, suspected account access and phishing.What do online file sharers want with 70,000 Tinder images?
2020-01-21 10:50:32A researcher has discovered thousands of Tinder users' images publicly available for free online.FBI seizes credentials-for-sale site WeLeakInfo.com
2020-01-20 12:21:18The FBI has seized the domain for WeLeakInfo.com, a site that sold breached data records, after a multinational effort by law enforcement.FBI to inform election officials about hacking attempts
2020-01-20 11:58:29The FBI has announced that it will tell local election officials when hackers try to infiltrate their systems.Teen entered ‘dark rabbit hole of suicidal content’ online
2020-01-20 11:49:07Molly Russell's grieving father has backed a psychiatrists' report, saying that tech companies must be forced to hand over anonymized data.Facebook and Instagram ban alleged ‘brainwashing’ service
2020-01-20 10:57:18The Spinner personalises “subconscious influencing” for a specific target.Monday review – the hot 27 stories of the week
2020-01-20 10:16:22From nasty snakes to rickrolling the NSA, get up to date with everything we've written in the last seven days - it's weekly roundup time.5 tips to avoid spear-phishing attacks
2020-01-17 17:48:41Our tips will help you boost your resistance to phishing, even when the crooks make a determined effort to reel you in.Oracle’s January 2020 update patches 334 security flaws
2020-01-17 11:31:27The January 2020 update featured a joint record of 334 patches, matching an identical number released in July 2018.Google will now accept your iPhone as an authentication key
2020-01-17 11:13:19Google has updated its Smart Lock to let iOS users security-dongle-ize their iPhones.Facial recognition is real-life ‘Black Mirror’ stuff, Ocasio-Cortez says
2020-01-17 10:59:27"People think they're going to put on a cute filter and have puppy dog ears, and not realize that that data's being collected."EDRi’s guidelines call for more ethical websites
2020-01-17 10:42:40Recommendations cover areas including security and privacy while listing alternatives to free online services that slurp your users' data.NSA and Github ‘rickrolled’ using Windows CryptoAPI bug
2020-01-16 17:42:09We said, "Assume that someone will find out how to do it pretty soon," and that's exactly what happened.S2 Ep23: Snake ransomware, VPN holes and phone spying – Naked Security Podcast
2020-01-16 16:43:32New episode - listen now!Update now! Popular WordPress plugins have password bypass flaws
2020-01-16 13:47:38Researchers have discovered bad authentication bypass vulnerabilities affecting two WordPress plugins which should be patched as soon as possible.Apps are sharing more of your data with ad industry than you may think
2020-01-16 13:43:44Apps like Grindr, Tinder and Happn are (over-)sharing data about sexuality, religion, and location with a shadowy network of data brokers.Google to kill third-party Chrome cookies in two years
2020-01-16 13:20:59Google doesn't want to block third-party cookies in Chrome right now. It has promised to make them obsolete later, though. Wait - what?College students call for ban on facial recognition on campus
2020-01-16 12:57:59Fight for the Future is building on its success in pressuring concert promoters to back off of plans to use the technology at festivals.Microsoft fixes critical bugs in CryptoAPI, RD Gateway and .NET
2020-01-15 12:10:33Here are the most serious bugs from Microsoft's Patch Tuesday - Including CryptoAPI and RCE flaws in Windows Remote Desktop Gateway.Malicious npm package taken down after Microsoft warning
2020-01-15 11:32:56Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).Peekaboo Moments baby-recording app has a bad database booboo
2020-01-15 11:05:46No need to wait until you've gurgled out of your mother's womb to experience the joys of having your privacy breached.Apple says no to unlocking shooter’s phone; AG and Trump lash back
2020-01-15 10:52:19Attorney General Barr and President Trump are demanding Apple unlock the mass shooter's iPhone. Apple replies: You can't break just 1 phone.Serious Microsoft crypto vulnerability – patch right now
2020-01-14 23:07:10It's a big one. Don't wait around, get your updates right now!Windows 7 computers will no longer be patched after today
2020-01-14 15:58:49Today's the day. The balloon goes up. The ship goes down. The patches fall behind. The crooks pull ahead.Fleeceware is back in Google Play – massive fees for not much at all
2020-01-14 15:45:36The apps itself isn't malicious - the treachery lies in the payment model.‘Cable Haunt’ vulnerability exposes 200 million cable modem users
2020-01-14 11:41:45A fortnight in to 2020 and we have the first security flaw to be given its own name: Cable Haunt - complete with eye-catching logo.Google tests biometric authentication for Android autofill
2020-01-14 11:31:33Google is testing out a feature to make Android's built-in password manager safer.Lottery hacker gets 9 months for his £5 cut of the loot
2020-01-14 11:18:57We don't care how little you made from your crimes, the judge said. We care that you went after an outfit that gives a ton to charities.Microsoft now reviewing Skype audio in ‘secure’ places (not China)
2020-01-14 10:51:15A former contractor in Beijing: “It sounds a bit crazy now [...] that they gave me the URL, a username and password sent over email.”Snake alert! This ransomware is not a game…
2020-01-13 14:03:19Looks like the Snake ransomware was created especially for network-wide attacks.Powerful GPG collision attack spells the end for SHA-1
2020-01-13 13:54:29New research has heightened an already urgent call to abandon SHA-1, a cryptographic algorithm still used in many popular online services.Reddit bans ‘impersonation,’ but satire and parody are still OK
2020-01-13 11:23:12Relax: Nic Cage deepfakes aren't going anywhere. It's only "maliciously misleading" impersonations that are now verboten.Google urged to tame privacy-killing Android bloatware
2020-01-13 11:18:24A letter sent to the Google CEO by Privacy International claims bloatware has allowed a privacy and security hole to open almost unnoticed.Lawmakers look to spread COPPA out to cover kids up to 16
2020-01-13 11:14:48If that bill passes, you can say bye-bye to YouTube, says one content creator.Monday review – the hot 19 stories of the week
2020-01-13 10:31:31From a Firefox zero-day to a military ban on TikTok - and everything in between. It's the weekly security roundup.Is the Y2K bug alive after all?
2020-01-10 16:55:29One way to patch the millennium bug was to move it, rather than actually to fix it... are we looking at Y2.02K?Hackers use system weakness to rattle doors on Citrix systems
2020-01-10 11:02:10Attackers are using a serious bug in Citrix products to scan the internet for weaknesses, according to experts.Ransomware pounces on California schools, Las Vegas trounces attack
2020-01-10 10:43:29We'll have one serving of whatever Las Vegas is eating and wish Pittsburg Unified School District good luck with getting unstuck.Fake-review purge: Facebook boots 188 groups, eBay bans 140 shills
2020-01-10 10:06:00After a poke from the UK's watchdog, the companies promised to beef up filters to strain out those who write, buy and sell fluffy nonsense.Browser zero day: Update your Firefox right now!
2020-01-09 14:00:06Firefox has issues an emergency 72.0.1 patch to fix a zero day vulnerability.S2 Ep22: Word doc stops fraud, bye bye Python 2, latest from the ransomware swamp – Naked Security Podcast
2020-01-09 12:25:50We discuss the latest cybersecurity news and advice in our latest podcast. Listen now!Apple’s scanning iCloud photos for child abuse images
2020-01-09 12:22:36It isn't new, all the tech giants do it, and your privacy's intact - unless you're dealing in illegal imagery with telltale hashing.Google voice Assistant gets new privacy ‘undo’ commands
2020-01-09 12:02:58Google’s controversial voice Assistant is getting a series of new commands designed to work like privacy-centric ‘undo’ buttons.FBI asks Apple to help it unlock iPhones of naval base shooter
2020-01-09 11:41:31This could signal a renewed war between Apple and law enforcement over breaking encryption.Google’s Project Zero highlights patch quality with policy tweak
2020-01-09 11:26:07Google's Project Zero bug-hunting team has tweaked its 90-day responsible disclosure policy to help improve the quality and adoption of vendor patches.REvil ransomware exploiting VPN flaws made public last April
2020-01-08 12:39:53Researchers report flaws, vendors issue patches, organisations apply them - and everyone lives happily ever after. Right? Wrong!YouTube to treat all kid-aimed videos like they’re COPPA-liable
2020-01-08 12:29:40The FTC can fine content creators up to $42,530 per violation - even though they don't collect, receive, nor have access to kids' data.US warns of Iranian cyber threat
2020-01-08 11:40:47The DHS has issued three warnings in the last few days encouraging people to be on alert for physical and cyber attacks from Iran.Facebook bans deepfakes, but not cheapfakes or shallowfakes
2020-01-08 11:20:02Quick-n-sleazy edits are still OK, such as the 75% slowdown that made Nancy Pelosi slur or the edit that turned Joe Biden into a racist.Google suspends Xiaomi from Home Hub over camera privacy glitch
2020-01-07 12:51:23A user reported to Google that he was seeing images from other people's devices.‘Maze’ ransomware threatens data exposure unless $6m ransom paid
2020-01-07 12:35:29US cable and wire manufacturer, Southwire, last week filed a civil suit against Maze’s mysterious makers in Georgia Federal court.IT exec sets up fake biz to scam his employer out of $6m
2020-01-07 11:45:41He cooked up an IT vendor, its invoices, its vapor-gear, and the phantom employees who never showed up to do all those services.US military branches ban TikTok following Pentagon’s warning
2020-01-07 11:11:55The latest attempt to prove it's not under China's thumb: TikTok's first transparency report.Don’t fall for the “Start your 2020 with a gift from us” scam…
2020-01-06 17:09:22There is no free Macbook. There IS no free Macbook. There is NO free Macbook.Monday review – the hot stories of the holidays
2020-01-06 10:40:25From 'Greta Thunberg' malware to Python 3, get yourself up to date with everything we've written since Christmas.Python is dead. Long live Python!
2020-01-03 19:56:31Is Python 2 *really* dead. Or is it just shagged out after a long squawk?Cryptocurrency exchange Poloniex issues password reset warning
2020-01-03 17:54:38Yes, there was a breach. But it's an old one that the crooks are trying to use again.Celebrity addresses posted online in New Year’s Honours List leak
2019-12-30 19:29:39Too much information.Monday review – the hot 12 stories of the week
2019-12-30 12:32:20From smartphone tracking to "climate change" malware, get up to date with everything we've written in the last week.7 types of virus – a short glossary of contemporary cyberbadness
2019-12-28 21:30:37Here's a short list of 7 malware categories we hope you never encounter. Sadly, it's not an exhaustive list... but it's a helpful start.Christmas malware uses “Support Greta Thunberg” as a lure
2019-12-27 20:43:15You're invited to a climate demonstration... but to find the time and place, you need to open an attachment. Don't do it!Apple iCloud “data dump” extortionist avoids prison
2019-12-26 19:20:21He claimed to have logins for millions of iCloud accounts, and told Apple he'd shut them all down unless he received a payoff.Happy Holidays – and big thanks to everyone who’s working today!
2019-12-25 19:30:38Yes. there's a message in the Christmas tree.Sextortionists return for Christmas – price goes down, threats go up
2019-12-24 20:30:02This follow-up sextortion demand, timed to align with Christmas, has a much more aggressive and menacing tone that last week's version.What a decade! Our baddest stories and biggest lessons, year by year…
2019-12-24 12:38:22From the bizarre, through the crazy, all the way to the outright impossible - there's still plenty to learn from all of these stories.Serious Security: The decade-ending “Y2K bug” that wasn’t
2019-12-23 17:43:20We explain why you really need to RTFM. Even if TFM is very long and complicated and you are very experienced.Smartphone location data can be used to identify and track anyone
2019-12-23 13:29:18In today’s smartphone economy, hiding your location has become a major challenge.Congress passes anti-robocall bill
2019-12-23 13:20:16A bill to punish robocallers has finished its passage through Congress and is expected to become law any day now.Facebook will stop mining contacts with your 2FA number
2019-12-23 11:03:45Facebook clearly likes to use as much of your personal data as it feels it can,Monday review – the hot 25 stories of the week
2019-12-23 10:51:08From porn scam emails to the ransomware that seized New Orleans, get up to date with everything we've written in the last week.Secure your laptop gift with half price Sophos Home Premium
2019-12-23 10:36:46Want 50% off Sophos Home? You can get it here!Man jailed for $122 million scam that fooled Google and Facebook
2019-12-23 10:35:28Lithuanian Evaldas Rimasauskas has been sentenced to five years in jail for successfully defrauding two US companies out of $122 million.
