S2 Ep 13: Weird Android zero day and other tech fails – Naked Security podcast
2019-10-17 10:31:29Listen to the latest episode now!Pen testers find mystery black box connected to ship’s engines
2019-10-17 10:21:35It had an Ethernet connection to the ship LAN but was also connected to a Windows console on the bridge which was so bright at night the crew had covered it up.Robotic hand solves Rubik’s Cube by learning how to learn about it
2019-10-17 10:14:37The system figured out how to overcome little hurdles, like being nudged by a stuffed giraffe when trying to do important robot work.Hackers hack card details from BriansClub carding site
2019-10-17 10:06:06They stole 26 million credit cards from the massive black market site,Adobe fixes 46 critical bugs in patchfest
2019-10-17 09:54:55Adobe patched a total of 82 vulnerabilities across a range of products on Tuesday, including 46 critical bugs.Food writer Jack Monroe loses at least £5,000 in SIM-swap fraud
2019-10-16 10:53:52Her accounts were drained in spite of using 2FA, showing that SIM swaps can still circumvent what's a good security tool.Pitney Bowes and Groupe M6 join ransomware’s victim list
2019-10-16 10:25:50Two more large organisations find themselves struggling after a ransomware attack...Microsoft lets Xbox users censor what messages they see
2019-10-16 09:46:24Xbox gamers: fed up with seeing profanity in messages from other gamers? Microsoft has you covered.#FacebookLockout: Users who report fake/scam accounts locked out
2019-10-16 09:34:58Users report bad accounts, got presented with a request to verify ID, couldn't upload said ID, and got frozen out.Watch out for this latest LinkedIn phish that’s ‘sent’ by a friend
2019-10-15 20:02:41We recently showed you how crooks rip off social networking passwords - here's what they do with stolen accounts.Information Security Summit in Hong Kong
2019-10-15 12:28:51The 16th Information Security Summit will be held at the Hong Kong Convention and Exhibition Centre on 23 and 24 October. With the theme, "Over the Horizon Cyber Security",Update now! Windows users targeted by iTunes Software Updater zero-day
2019-10-15 12:06:07The flaw is a rare ‘unquoted path class’ described as "so thoroughly documented that you would expect programmers to be well aware..."Facebook’s Libra cryptocurrency loses all but one payment company
2019-10-15 12:00:01Gone: Mastercard, Visa, PayPal, eBay, Stripe, Mercado Pago. Of six payments firms first involved in Libra, just one, PayU, remains.Apple says Tencent isn’t snooping on your browsing habits
2019-10-15 10:46:27Apple was quick to allay user concerns this weekend after someone spotted that it was working with Chinese company Tencent to check its users' website requests for malicious URLs.350+ hackers hunt down missing people in first such hackathon
2019-10-15 10:42:33Organizers said 100 leads were generated every 10 minutes by contestants using OSINT - open-source intelligence such as online searches.Stalker found pop star by searching eyes’ reflections on Google Maps
2019-10-14 12:15:53A man confessed to stalking and attacking a young pop star by zooming in on the reflections in her eyes from selfies.Soldering spy chips inside firewalls is now a cheap hack, shows researcher
2019-10-14 12:01:04The tiny ATtiny85 chip doesn’t look like the next big cyberthreat facing the world,Computing enthusiast cracks ancient Unix code
2019-10-14 11:45:15Old passwords never die... they just become easier to decode.Hacker wants $300 for 250,000 records stolen from sex worker site
2019-10-14 11:33:42In spite of prostitution being legal in the Netherlands, this could lead to the same type of blackmail attempts/suicide from Ashley Madison.Monday review – the hot 20 stories of the week
2019-10-14 09:48:34From hackers bypassing 2FA to an Android zero day Google thought it had fixed - get yourself up to date with everything we've written in the last seven days.S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops – Naked Security Podcast
2019-10-11 15:58:13Listen to the latest episode now!Most Americans don’t have a clue what https:// means
2019-10-11 11:21:40...and wouldn't know 2FA from a hole in the ground, according to Pew Research.Hackers bypassing some types of 2FA security FBI warns
2019-10-11 11:13:06Some types of 2FA security can no longer be guaranteed to keep the bad guys out, the FBI warned US companies.Facebook flags thousands of kids as interested in gambling, booze
2019-10-11 11:12:38According to a new report, its algorithmic labelling may expose minors to age-inappropriate, targeted advertising.Apple removes app that tracks Hong Kong police and protestors
2019-10-11 10:54:03Apple was under fire this week after banning an app that tracked the location of both police and protesters in Hong Kong on a live map.Twitter used 2FA phone numbers for targeted advertising
2019-10-10 11:44:31Twitter may have “inadvertently” handed phone and email data from some users to advertisers as part of its Tailored Audiences system that targets users’ feeds with ads.California outlaws facial recognition in police bodycams
2019-10-10 11:40:29The bill was introduced by Phil Ting: one of 26 state lawmakers misidentified as suspects in an ACLU test of the technology.Job seekers are scrubbing clean their social media accounts
2019-10-10 10:04:24Most people nowadays are quite aware that hiring managers put their social media postings under a microscope, a new survey finds.October Patch Tuesday: Microsoft fixes critical remote desktop bug
2019-10-09 12:14:46Microsoft fixed 59 vulnerabilities in October's Patch Tuesday, including several critical remote code execution (RCE) flaws.Deepfakes have doubled, overwhelmingly targeting women
2019-10-09 11:19:18Deepfake tech has push-button apps and service portals. Can code commodification do the same for detection, so women can actually afford it?Copy-and-paste sharing on Stack Overflow spreads insecure code
2019-10-09 10:45:30It’s the time-saving technique employed by many coders - copy and paste code from crowd-sourcing 'Q&A' websites.TOMS hacker tells people to log off and enjoy a screenless day
2019-10-09 10:09:06TOMS seems like a really nice shoe company, and it just got hacked in a really nice way. But it's still a hack.Signal immediately fixed FaceTime-style eavesdropping bug
2019-10-08 11:25:17Remember the FaceTime bug that allowed a caller to eavesdrop on your phone? Researchers just discovered another - this time in Signal.GPS tracker from stalked woman’s car led to indictment of 20 mobsters
2019-10-08 11:14:59Girlfriend found it, girlfriend popped it onto a city bus, gadget got found, multiyear investigation got launched, 20 got indicted.Nationwide facial recognition ID program underway in France
2019-10-08 10:36:10It's coming next month, in spite of a lawsuit and the data regulator's protests about lack of consent, data security and privacy.Facebook’s Libra cryptocurrency dealt blow by PayPal’s departure
2019-10-08 09:37:20PayPal abruptly announced that it was leaving the Libra Association.Android devices hit by zero-day exploit Google thought it had patched
2019-10-07 11:41:15Android smartphones are vulnerable to a zero-day exploit that Google thought it had patched for good two years ago.Facebook urged by governments to halt end-to-end encryption plans
2019-10-07 11:31:35The US, UK and Australian governments last week officially urged Facebook to halt its plans for end-to-end encryption.Social media platforms can be forced to delete illegal content worldwide
2019-10-07 11:05:57The EU's top court ruled that platforms like Facebook can be ordered to proactively seek out and delete all copies of illegal content.Wi-Fi signals let researchers ID people through walls from their gait
2019-10-07 10:36:22Police could set up transceivers outside a building and compare spectrograms of suspects walking vs. crime scene footage.Monday review – the hot 22 stories of the week
2019-10-07 09:55:54From the hacker's folks who whisked away his stolen crypto to the O.MG! evil lightning cable - and all the top security stories in between.S2 Ep11: Fleeceware, Chrome bug and the sextortion scam that won’t die – Naked Security Podcast
2019-10-04 14:40:04Listen to the latest episode of our podcast now.Buying a new laptop? Here’s how to secure it
2019-10-04 14:35:00Getting the basics right gives you a lot of protection. Here's how.WhatsApp vulnerability could compromise Android smartphones
2019-10-04 12:10:03A researcher has released details of a WhatsApp flaw that could be used to compromise the app and the mobile device the app is running on.£3 billion Safari iPhone privacy lawsuit given go-ahead
2019-10-04 11:36:48A UK class action lawsuit against Google, that represents around 5 million iPhone users, can go ahead, according to the UK Court of Appeal.Hacker’s parents sentenced for selling his cryptocurrency
2019-10-04 10:45:02"You misguidedly tried to help your son" by moving his cryptocurrency, but it "didn't help him at all," a judge said.Google brings Incognito mode to Maps
2019-10-04 10:14:21It's good, but also a perfect opportunity for us to remember that Incognito mode doesn't translate to "I'm invisible!"No federal privacy law will make it in the US this year, sources say
2019-10-03 12:19:55Without one, the companies that collect our data will likely face compliance with California's take-no-prisoners law,PDF encryption standard weaknesses uncovered
2019-10-03 12:12:48Researchers have discovered weaknesses in PDF encryption which could be exploited to reveal the plaintext contents of a file to an attacker.Google’s Password Manager now checks for breached credentials
2019-10-03 11:56:21Google has taken the next step in its strategy to secure users' passwords.Ransomware attacks paralyze, and sometimes crush, hospitals
2019-10-03 10:46:08New attacks on the perennially besieged sector have crippled hospitals in the US and Australia and caused one health clinic to shut down.Exim suffers another ‘critical’ remote code execution flaw
2019-10-02 12:28:02This latest Exim flaw could lead to at least a denial of service crash in the software but also the possibility of remote code execution.O.MG! Evil Lightning cable about to hit mass distribution
2019-10-02 12:27:19This malicious O.MG Lightning cable has come a long way, with extensive work on the kinds of payload it can deliver.218 million Words With Friends players lose data to hackers
2019-10-02 12:20:10The serial hacker GnosticPlayers is claiming to have ransacked Zynga's user data - including names, emails and passwords.Ex-Yahoo engineer pleads guilty to hacking 6,000 accounts
2019-10-02 10:41:17Reyes Daniel Ruiz went after younger women's accounts, including those of his personal friends and work colleagues, he admitted.Cloudflare adds VPN features to 1.1.1.1 privacy app
2019-10-01 13:07:47As promised in April, Cloudflare has finally launched Warp,Hacking 2020 voting systems is a ‘piece of cake’
2019-10-01 11:31:59That's how Senator Wyden described the results of DefCon's Voting Village,China’s 500 megapixel camera is capable of mega-facial-recognition
2019-10-01 10:31:34The 'super camera' can identifying people dozens of meters away using facial recognition.Darknet hosting provider in underground NATO bunker busted
2019-10-01 09:41:45Police overcame not only digital defenses of the "bulletproof" provider CyberBunker but also barbed wire fences and surveillance cams.AVAR Cyber Conclave held in Bengaluru
2019-09-30 22:59:48The Association of Anti-Virus Asia Researchers (AVAR) held a Cyber Conclave in Bengaluru, India on 24th September 2019.Checkm8 jailbreak and AltStore put cracks in Apple’s walled garden
2019-09-30 14:57:37People are taking different tacks to get around Apple's tightly controlled phone rules.Social media manipulation as a political tool is spreading
2019-09-30 13:05:39Researchers say 'cyber troops' in 70 countries are using it to automate suppression, mount smear campaigns, or spread disinformation.Outlook on the web bans a further 38 file types
2019-09-30 11:56:21Outlook on the web bans a further 38 file typesIs the era of social media Likes over?
2019-09-30 10:21:07Instagram's testing a program to hide the Likes that have created a toxic cyberbullying environment. Now, Facebook is as well.Monday review – the hot 24 stories of the week
2019-09-30 09:43:30From the fleeceware apps ripping off consumers to Microsoft's emergency IE patch - and everything in between. It's weekly roundup time.‘Fleeceware’ Play store apps quietly charging up to $250
2019-09-27 13:16:56SophosLabs researchers discovered at least 15 apps with millions of downloads charging extraordinary prices right under the Google's nose.Apple users, patch now! The ‘bug that got away’ has been fixed
2019-09-27 13:13:21Apple has now patched the patch that Google said didn't patch the hole it was supposed to.Chrome cripples movie studio Mac Pros
2019-09-27 12:54:59A few days ago, movie editors started reporting that Mac Pros running Avid software were crashing throughout Hollywood.Google made thousands of deepfakes to aid detection efforts
2019-09-27 12:40:25It's an arms race: as detection methods improve, deepfake-generating algorithms are quickly updated to correct the flaws.Match knowingly puts people at risk from scammers, FTC charges
2019-09-27 10:37:48Match.com allegedly put users on its free version at risk - by not filtering out communications that it knew were from fake accounts.S2 Ep10: Emotet’s back, mutant WannaCry and Insta scam – Naked Security Podcast
2019-09-26 13:21:06Here's the latest Naked Security podcast - listen now!Hackers are infecting WordPress sites via a defunct plug-in
2019-09-26 10:37:03If you're a Wordpress admin using a plug-in called Rich Reviews, you'll want to uninstall it. Now.Russian pleads guilty in massive JPMorgan hacking scheme
2019-09-26 10:27:06Andrei Tyurin is the first to be convicted in one of the largest thefts of customer data from a single US financial institution in history.Update ColdFusion now! Emergency patch for critical flaws
2019-09-26 10:16:54Adobe has rushed out fixes for three vulnerabilities in its ColdFusion web development platform,Vimeo sued for storing faceprints of people without their say-so
2019-09-26 09:47:25The suit was filed under BIPA,Microsoft rushes out fix for Internet Explorer zero-day
2019-09-25 11:48:58Microsoft has rushed to patch two flaws affecting IE versions 9 to 11, one of which the company says is being exploited in real attacks.Google wins landmark case: Right to be forgotten only applies in EU
2019-09-25 10:55:04Yes, people have the right to be forgotten, but only if they're European, the top EU court ruled on Tuesday.Patch released for Windows-pwning VPN bug
2019-09-25 10:34:17VPN vendor Forcepoint has patched a security flaw that could have given attackers unfettered access to its users' Windows computers.Twitter’s new policy bans financial scams
2019-09-25 10:30:59“Oh no! However shall I give away Bitcoin to all my followers?” sobbed a bunch of crooks.Instagram phish poses as copyright infringement warning – don’t click!
2019-09-24 14:51:39Your Instagram account has value to the crooks - so they're coming up with some cunning tricks to get at your passsword.YouTube ‘influencers’ get 2FA tokens phished
2019-09-24 14:50:29100K or so creators in the YouTube car community were targeted by a phishing campaign that captured 2FA codes.Facebook has booted tens of thousands of data-grabbing apps
2019-09-24 11:09:47400 developers have been naughty with user data, noncompliant with policy, and/or have ignored Facebook's audit, it says.Apple restricts adblocking extensions
2019-09-24 10:29:26Apple has turned off the ability for adblocking companies to use their own blocking mechanisms in Safari.Jira development and ticketing software hit by critical flaws
2019-09-24 10:10:40Admins have a spot of patching work on their hands after the company released updates addressing two critical flaws.Google pulls more fake adblockers from Chrome Web Store
2019-09-23 12:47:31Google has again been reprimanded for not spotting fake extensions impersonating popular brands in its Chrome Web Store.Investors accuse FedEx of lying, stock dumping after NotPetya attack
2019-09-23 11:36:45This is the second such suit, with shareholders asking why execs sold $40m+ of their shares while downplaying the ransomware attack.Could EarEcho change the way we authenticate our phones?
2019-09-23 10:09:10Researchers have discovered a way to use wireless earbuds as a biometric authentication system.Two charged with tech-support scamming the elderly for $10m
2019-09-23 09:55:01The tech-support scammers were allegedly part of a network of crooks in the US and India who conned about 7,500 victims.WannaCry – and why it never went away
2019-09-23 09:28:04WannaCry still hasn't died out, more than two years after the original attack. We went live to find out why...Monday review – the hot 22 stories of the week
2019-09-23 09:24:13From the Simjacker phone hack to IBM's cloud-based quantum computer - and everything in between. It's the weekly security roundup.China Cybersecurity Week and International Anti Virus Conference
2019-09-20 13:07:14The sixth China Cybersecurity Week was launched on Monday 16 September in Tianjin. It is an annual week-long campaign that promotes national awareness on cybersecurity. After the opening ceremony,Server-squashing zero-day published for phpMyAdmin tool
2019-09-20 12:22:50A researcher has just published a zero-day security bug in one of the web's most popular database administration software packages.IBM’s new 53-qubit quantum ‘mainframe’ is live in the cloud
2019-09-20 12:10:59IBM has boosted its growing stable of quantum computers with a new 53-quantum bit (qubit) device,Report: Use of AI surveillance is growing around the world
2019-09-20 11:47:38It's not just China: at least 75 out of 176 countries globally are actively using AI technologies for surveillance purposes, research shows.Facebook Libra rejected by France as “dangerous”
2019-09-20 10:57:29France finance minister: Libra won't be allowed onto European soil.Air Force to offer up a satellite to hackers at Defcon 2020
2019-09-19 14:42:48This year, the Air Force presented vetted hackers with a plane's subsystem, which they duly tore up. Next year, it will be a satellite.Researchers find 737 million medical images exposed on the internet
2019-09-19 12:45:21Of the 2,300 archiving systems looked at, 590 were accessible from the internet, exposing 24 million medical records from 52 countries.US files suit against Snowden to keep book profits out of his hands
2019-09-19 12:32:44The government, alleging that Snowden violated NDAs with the CIA and NSA, isn't looking to stop the book's publication or distribution.S2 Ep9: DDoSes, privacy and network hacks – Naked Security Podcast
2019-09-19 12:15:40The latest Naked Security Podcast is live - listen now!No surprises in the top 25 most dangerous software errors
2019-09-19 08:58:17An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today - with some old familiar names topping the list.WannaCry – the worm that just won’t die
2019-09-18 12:58:52WannaCry never went away - it just became less obvious.Is $100 million enough to save the web from ads?
2019-09-18 12:33:50Mozilla, Creative Commons and Coil are teaming up to launch a $100m fund to drive out advertising and advocate privacy across the web.Leaky database spills data on 20 million Ecuadorians and businesses
2019-09-18 12:21:46Included are deep details on 7 million minors, one grownup named Julian Assange, and perhaps a few million deceased Ecuadorians.Common storage and router devices are still hopelessly broken
2019-09-18 11:26:29Don’t be lulled into a false sense of security by that shiny new router or network-attached storage (NAS) device - the chances are that it’s no more secure than its predecessors.Teenage gamer jailed over lethal swatting
2019-09-18 10:57:19Casey Viner got into a spat over a $1.50 wager in a Call of Duty World War II game that led to the fatal shooting of an innocent man.Robocalls now flooding US phones with 200m calls per day
2019-09-17 11:24:15According to a new report, nearly 30% of all US calls placed in the first half of 2019 were garbage, as in, nuisance, scam or fraud calls.Former hacker warns against password reuse
2019-09-17 11:07:48Kyle Milliken is back from jail, and he has some advice for you: Do. Not. Reuse. Your. Passwords.US Treasury targets North Korean hacking groups
2019-09-17 10:49:50The US has formally sanctioned the Lazarus Group and offshoots Bluenoroff and Andariel, which are allegedly acting on behalf of the DPRK.Teen music hacker arrested in UK for stealing bands’ unreleased music
2019-09-17 09:36:10If he's guilty, he'll face the music. Heh.
