Domain transfer #FAIL – man gets 20 years for gunpoint domain hijack
2018-06-19 14:41:44The owner of doitforstate.com was shot in the leg before shooting his assailant in the chest.How a Nigerian Prince scam victim got his money back after 10 years
2018-06-19 13:35:21The Nigerian prince never showed up but the victim's $110,000 did, eventually.Researchers claim Chrome bug bounty paid to the wrong people
2018-06-19 12:42:58Yubico has been drawn into a rare public spat over how the discovery of a security flaw affecting it products was credited.Firefox fixes critical buffer overflow
2018-06-18 15:09:11Version 60.0.2 of the resurgent Firefox browser fixes a critical security flaw in its SVG rendering code.Apple code signing flaw could have made Mac malware look legit
2018-06-18 14:37:50For years it was possible to fool some security software into thinking malicious code had been digitally signed by Apple.The “world’s worst” smart padlock – it’s EVEN WORSE than we thought
2018-06-18 13:21:02Remember last week's $99 IoT padlock that anyone could unlock in 2 seconds? Turns out you don't even need that long!Convicted! Anonymous Twitter troll not as anonymous as they thought
2018-06-18 12:34:04It's surprising how many trolls don't realise that if Twitter knows who they are, the police can find out too.Dark Web drug dealer betrayed by his beard, pleads guilty
2018-06-18 11:41:10The Dream Market's lustrously bearded 'OxyMonster' is facing a 20 year prison sentence.Monday review – the hot 21 stories of the week
2018-06-18 10:39:53From the growing list of routers affected by VPNFilter and the reason behind Bitcoin's priceplosion to Florida's year without gun background checks,SHOCK! HORROR! SURPRISE! Bitcoin priceplosion may have been market manipulation
2018-06-15 17:40:23Researchers claim that Bitcoin's 2017 price spike was built on little besides hot air and dodgy dealing.Apple iPhone’s USB Restricted Mode gives Feds a cracking headache
2018-06-15 17:08:00The next version of iOS looks set to block all communication through the lightning port if the phone hasn’t been unlocked for an hour.Football app tracks illegal broadcasts using your microphone and GPS
2018-06-15 13:30:02La Liga is asking users for their consent to turn on the new, eavesdroppy-feeling function, but many users aren't exactly thrilled.Forgotten your password? Don’t login at all! [Chet Chat Podcast 271]
2018-06-15 13:20:47Here's the latest episode of the Chet Chat podcast. Enjoy...The $99 digital padlock that kept crooks out… for 2 whole seconds
2018-06-14 16:45:08Thinking of designing a $99 digital padlock? Here's how NOT to do it.“Hey, Cortana, did Patch Tuesday fix a serious lock screen bug?”
2018-06-14 13:12:45This month's Update Tuesday includes fixes for 50 high-impact vulnerabilities in Microsoft Windows.Trial of two men accused of $20m hacked press release fraud begins
2018-06-14 12:13:54This is reportedly the first time criminal charges have been brought for a securities fraud scheme involving hacked inside information.Google locks out extensions that don’t come from its Chrome Web Store
2018-06-14 10:49:58Time's up for Chrome extensions from third-party sites.Tech pioneers: new copyright law a step towards an internet of surveillance and control
2018-06-13 14:16:11European copyright directive would be a step towards making the internet "a tool for the automated surveillance and control of its users"FBI arrests 74 in global Business Email Compromise takedown
2018-06-13 13:46:07After years of laughing in the face of victims BEC scammers have taken one on the chin.MP gets 600 rape threats in a night, wants an end to online anonymity
2018-06-13 13:06:33As a female MP Jess Phillips faces threats of violence and aggression every day.Serious Security: How three minor bugs make one major exploit
2018-06-13 12:15:12In this story, three webcam bugs that weren't critical one-by-one could be combined into an exploit giving total device takeover.6 million cards compromised in Dixons Carphone beach – act now!
2018-06-13 11:51:26Dixons Carphone has revealed what it's calling an "attempt to compromise 5.9 million [payment] cards".Florida skips gun background checks for a year after employee forgets login
2018-06-12 14:52:42The Florida Department of Agriculture and Consumer Services stopped using the FBI's crime database in February 2016 because an employee couldn't log in.Bitcoin value tumbles as hackers loot CoinRail cryptocurrency exchange
2018-06-12 14:51:02Another Bitcoin robbery and another Bitcoin price fall - is correlation or causation?The Google Pixelbook power button is now a 2FA token
2018-06-12 14:36:50The Pixelbook's power button is a 2FA token, which is great, and almost nobody noticed, which isn't.Check your router – list of routers affected by VPNFilter just got bigger
2018-06-11 14:36:01The list of routers VPNFilter can infect now includes another 56 models from Asus, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE.When Ducks collide – an #Infosec18 retrospective [VIDEO]
2018-06-11 13:57:09Ever wondered what happens "off piste" at cybersecurity tradeshows?Google: We won’t cause “overall harm” with our AI
2018-06-11 11:16:02After the Project Maven-inspired employee revolt, Google has released a set of AI principles and said it's withdrawing from the contract.US Government’s biometric database worries privacy advocates
2018-06-11 11:03:27It is something few Americans will have heard of,Welcome to the non-neutral net: Day one
2018-06-11 10:51:53Come Monday morning, when this article posts, net neutrality looks set to be axed. What might the dawn of a net neutrality-free future hold?Monday review – the hot 21 stories of the week
2018-06-11 09:01:21From Cloudflare's DNS and DDoS mix up and the Zip Slip vulnerability to the Flash zero-day exploit, and more!WannaCry hero sinks deeper into trouble as new malware charges filed
2018-06-08 16:50:07The young Briton who emerged as the reluctant "WannaCry hero" in 2017 now faces yet more criminal charges over making and selling malware.Facebook bug may have made 14m users’ posts public
2018-06-08 14:45:22Facebook's been moving fast and breaking things again.Busted by a Facebook ‘friend’ who’s an undercover cop? It’s legal!
2018-06-08 14:40:49Friending somebody means assuming the risk that they're an undercover cop or informant.Bank of China Phishing Emails Warning
2018-06-08 13:37:26Users in Hong Kong have received email with Bank of China branding stating that they have a new message available through online banking with a link to "view" the message.Patches, toys, busts and awards (ahem, ours!) [Chet Chat Podcast 270]
2018-06-08 11:34:37Here's the latest Chet Chat podcast. Enjoy...Atlanta ransomware attack destroyed years of police dashcam video
2018-06-08 11:17:48Loss of dashcam footage could compromise investigations, including those concerned with driving under the influence (DUI) cases.Flash zero-day exploit. Act now!
2018-06-07 18:14:32A newly discovered flaw in the Flash Player is being exploited in the wild - update Flash, or remove it.Hackable CloudPets pulled from Target, Walmart, Amazon and more
2018-06-07 11:04:29The stuffed toys are stuffed with security problems that we've known about for over a year.Oh the irony! When cybercriminals are rubbish at cybersecurity
2018-06-07 10:47:20The Owari DDoS botnet, built by knocking over weakly-secured Internet of Things (IoT) devices, has had a bad week.Norman the AI bot reads Reddit, becomes “psychopath”
2018-06-07 10:25:42You say tomato. I say tomahto. "Norman" would likely see a traffic fatality splattered on the asphalt.The Zip Slip vulnerability – what you need to know
2018-06-06 14:55:36Thousands of projects have been affected by a painful programming lapse.Apple says no to Facebook’s tracking
2018-06-06 14:11:10Apple will stop Facebook and advertisers from tracking users across multiple sites (cross-site tracking),Blocking facial recognition surveillance using AI
2018-06-06 12:22:30If AI is increasingly able to recognise and classify faces, then the only way to counter this creeping surveillance is to use another AI to defeat it. Thanks to the University of Toronto,Microsoft faces wrath of developers after GitHub acquisition
2018-06-06 11:25:56Microsoft's come a long way in the past 10 years, since former chief Steve Ballmer called open-source a malignant cancer.We won! Naked Security awarded Best Security Video Blog
2018-06-06 10:46:29In a glittering (well, we were in jeans, in a pub) awards ceremony we won Best Security Video Blog at the European Security Blogger Awards.Bizarre Chrome and Firefox flaw exposed Facebook details
2018-06-05 11:07:53Researchers have discovered a weakness in the way Chrome and Firefox interact with CSS3 that could have caused them to leak usernames,Facebook defends practice of giving deep data access to device makers
2018-06-05 10:40:35They're not "outsiders," Facebook says. They're part of Facebook, helping to make Facebook play nicely with their devices.Google says fix for ‘weird’ 1975 text message bug is on the way
2018-06-05 09:14:04As of Monday, you could still see recent texts by searching on the string "the1975..com".Apple lifts two-month ban on Telegram updates in iOS store
2018-06-04 11:01:57Apple was blocking updates globally since Russian authorities ordered the company to remove the encrypted messaging app from the App Store.Cloudflare mistakes own 1.1.1.1 DNS for DDoS attack
2018-06-04 10:49:54When is a DDoS attack not a DDoS attack? When it's caused by your own recently-launched DNS service.Facebook faces furious shareholders at annual meeting
2018-06-04 10:42:08They accused execs of human rights violations, compared Zuckerberg to Vladimir Putin, and challenged his "corporate dictatorship."Going to Infosec Europe? Grab yourself a goody bag
2018-06-04 09:01:36Use the phrase that pays and grab a bag of goodies for free!Monday review – the hot 20 stories of the week
2018-06-04 08:50:46From Android apps sending unencrypted data and the 1 good reason to get the iOS 11.4 update to Wayback Machine ‘unarchives’ spying website,Artist rigs up Google Assistant to (sometimes) fire a gun on command
2018-06-01 12:09:22"A robot may not injure a human being or, through inaction, allow a human being to come to harm." But,Doctor sues patient for $1m over bad online reviews
2018-06-01 12:01:49The patient claims to have gone for a free checkup, and came out with a $427 bill, plus a $1300 bill to her insurance company.SpamCannibal comes back to life, starts spam-blocking everyone
2018-06-01 11:29:10SpamCannibal returns from the dead to fail all spam queries sent to it - essentially telling you to "block the world".We found 1 good reason to get the iOS 11.4 update – rogue message handling
2018-05-31 18:13:42We're going entirely on deduction here, but our iPhone seems to be handling "messages of death" more safely after we updated to iOS 11.4.How to set up 2FA on eBay – go do it now!
2018-05-31 17:01:21Thankfully, since we first reported on it, eBay has binned its cumbersome 2FA procedure and replaced it a much easier process.European Commission “doesn’t plan to comply with GDPR” – well, sort of
2018-05-31 14:17:44Apparently, due to legal weirdness, GDPR doesn't apply to the EC itself. What to do? Shout at the bureaucrats or be cool about it?Hoax alert! Starbucks is NOT inviting you to test its shatterproof windows
2018-05-31 12:18:04Need a jolt? Leave the rocks at home, and bring cash instead. The hoaxsters are full of dark caramel whipped cream crappuccino!Apple’s iOS 11.4 security update arrives in an iCloud of silence
2018-05-31 11:38:31We updated to iOS 11.4, because that's our habit - but Apple still isn't saying what was fixed yet. How we wish Apple wouldn't do that!Acoustic attacks can blue-screen computers
2018-05-31 10:30:53New research has discovered hard drives can be vulnerable to sonic interference.Nuisance call bosses, get your wallets ready!
2018-05-31 10:03:12Currently, only businesses themselves are liable for the fines, so the directors declare bankruptcy and then play whack-a-mole.Forget VPNfilter – here’s BACKLASH, a networking hack from way, way back
2018-05-30 23:29:23With a name like BACKLASH, you might think this hack comes from the era of mechanical devices, with gears and pulleys. You'd be right!California tests digital license plates. Is tracking cars next?
2018-05-30 11:56:52Beyond potential police surveillance, the plates could be as susceptible to hacking as other wireless and IoT technologies.Despacito YouTube video hack – teenagers charged
2018-05-30 11:26:12Web defacement is supposed to be an old-fashioned type of hack, but it probably didn’t look that way to YouTube viewers on 10 April.Facebook to be blocked in Papua New Guinea for one month
2018-05-30 10:53:35The plan: figure out how it affects people; ID users behind fake accounts, fake news & porn posts;Tor exit node admin acquitted of aiding terrorism
2018-05-30 10:37:11As the administrator of a Tor exit node, it could have been anyone who used his IP address.Facebook battles tiny startup over privacy accusations
2018-05-30 10:18:56Is there no end to Facebook’s petty humiliations? It is now the turn of an obscure startup called Six4Three to cause the company trouble.Are your Android apps sending unencrypted data?
2018-05-29 11:47:35This simple setup will help you discover if you've got leaky apps.Wayback Machine ‘unarchives’ spying website
2018-05-29 11:40:53Who is archiving the web, and what happens when people ask for information to be ‘un-archived’? We may have just found out.Your Firefox account can now be secured with 2FA
2018-05-29 10:49:20Mozilla is rolling out support for two-factor (or two-step) authentication for anyone who has a Firefox account.Tuesday review – the hot 22 stories of the week
2018-05-29 09:44:33From the ticking time bomb lurking on your router and Chrome dropping 'secure' label to the forgotten site that attracted hacks and fines,Ghostery’s goofy GDPR gaffe – someone’s in trouble come Monday!
2018-05-27 01:03:19Ever CCed an email you were supposed to BCC? Sure you have! But we bet it wasn't your company's "look how good we are at GDPR" email...FBI issues VPNFilter malware warning, says “REBOOT NOW” [PODCAST]
2018-05-26 11:29:35The FBI just issued a VPNFilter malware warning saying, "Reboot your routers now!" But why? And will it help?Facebook 2FA no longer needs a phone number: here’s how to set it up
2018-05-25 13:57:35One more excuse for not using 2FA bites the dust.Facebook’s counterintuitive way to combat nonconsensual porn
2018-05-25 12:34:08"Upload your nudes to stop revenge porn" might sound crazy but it actually makes sense.Does your BMW need a security patch?
2018-05-25 11:56:59Researchers have found 14 security vulnerabilities affecting BMW i Series, X Series, 3 Series, 5 Series and 7 Series.Trump’s blocking of Twitter users declared unconstitutional
2018-05-25 11:10:46The president is banned from blocking users and could face legal action if he doesn't lift current blocks.2 million stolen identities used to make fake net neutrality comments
2018-05-24 14:08:18Most crucially, two of those identities were senators who are now demanding the FCC find out who's behind the bots and the identity theft.Office 365 will automatically block Flash and Silverlight
2018-05-24 13:47:36If you are one of the small number of Office 365 users who enjoyed embedding Flash, Shockwave or Silverlight content inside files,Phishing Attack Aimed at Hong Kong Taxpayers
2018-05-24 13:31:17Phishing emails claiming to be from Hong Kong's Inland Revenue Department (IRD) have been received by a number of people in Hong Kong. The message, with sender's address taxnfo@ird.gov.hk referred to changes in the 2018-2019 budget,FBI admits to inflating number of crime-related devices it can’t crack
2018-05-24 13:25:04Investigators can't get into 7,775 devices? Nah, the FBI admits: it's more like 1,200... or 2000... pending an audit, it's not really sure.VPNFilter router malware – what to do? [VIDEO]
2018-05-24 12:04:33Learn how to deal with the VPNFilter malware currently plaguing 500,000 home routers worldwide.VPNFilter – is a malware timebomb lurking on your router?
2018-05-23 13:55:21A Cisco paper reports on zombie malware that has apparently infected more than half-a-million home routers.Surprise! Student receives $36,000 Google bug bounty for RCE flaw
2018-05-23 12:38:21What's the only thing better than a bug bounty reward? A bug bounty reward you weren't expecting. Especially one that's worth $36,337.Google in court over ‘clandestine tracking’ of 4.4m iPhone users
2018-05-23 12:14:00The search giant could be looking at a giant fine of up to $4.3b.Server? What server? Site forgotten for 12 years attracts hacks, fines
2018-05-22 16:17:19The University of Greenwich might not have noticed the website but hackers did.TeenSafe phone monitoring app leaks teens’ iCloud logins in plaintext
2018-05-22 14:44:07The "secure" monitoring app is used by over a million parents.Please vote for Naked Security at the European Blogger Awards 2018!
2018-05-22 11:49:16We've been nominated in 8 categories at the European Blogger Awards 2018... but we need your help to win!DrayTek router user? Patch now to keep the crooks out…
2018-05-22 11:30:38DrayTek has announced a security hole in its Vigor range of routers.Mugshots.com’s alleged owners arrested for extortion
2018-05-22 11:03:15Mugshots.com publishes people's mugshots and extorts a removal fee.Guilty! Anti-anti-virus crook convicted, could spend decades in jail
2018-05-22 09:17:58Scan4you crook is looking at a maximum penalty of 35 yearsFacebook conspiracy theories after Android app tries to “get root”
2018-05-21 17:41:16Facebook's Android app suddenly started making a bid for superuser access. Conspiracy theories popped up like fungi. (It's now fixed.)Real-time cellphone location data leaked for all major US carriers
2018-05-21 11:43:20From the carriers to LocationSmart to 3Cinteractive to Securus:Chrome drops ‘secure’ label for HTTPS websites
2018-05-21 11:24:22When it comes to browser security, how important are the address bar icons and labels that tell users about a site’s security status? For Google at least,Monday review – the hot 20 stories of the week
2018-05-21 09:21:55From Nest turning up the heat on password reuse and the Red Hat vulnerability to the Chili's PoS breach, and more!
