Viry a Červi

Martin Gottesfeld said he wishes he “had done more” than knock out BCH’s network for at least two weeks.

Today, we publish a VB2018 paper by Google researcher Maddie Stone in which she looks at one of the most interesting anti-analysis native libraries in the Android ecosystem. We also release the recording of Maddie's presentation.

Read more

USB-C Authentication could banish USB threats forever, but it might also mean you're tied to buying ‘approved’ accessories.

The imposter claimed to be the Facebook exec and said he'd shot his wife, tied up his kids and planted pipe bombs “all over the place.”

From vulnerable 2FA codes to phishing to critical flaws for Adobe Acrobat and Reader, and everything in between. It's weekly roundup time.

Bloke binned at Blackfriars for blasting botnet to bork broadband

A Surrey man has been jailed for 32 months after admitting to launching distributed denial-of-service (DDoS) attacks against an African telco.…

Plus, Vita boot ROM caper, TCL caught slinging Android malware, etc

Roundup  This week we saw a Huawei official cuffed (again), telcos caught selling tracking data (again) and Microsoft patching dozens of bugs (again).…

Here's the latest Naked Security podcast - enjoy!

Could someone slide a note on identity-theft protection under the door? Helloooo?

With the partial US government shutdown showing no signs of letting up any time soon, senators are pressing treasury and tax officials on cybersecurity.…

Fool me once, shame on, shame on you. Fool me, you can't get fooled again*, OK

US cellphone networks have promised – again – that they will stop selling records of their subscribers' whereabouts to anyone willing to cough up cash.…

The app was developed by legitimate Chinese manufacturing giant TCL.

The latest malware from TA505 has been seen targeting banks, retailers and restaurants with two different versions.

As the shutdown continues into its 21st day, dozens of .gov websites haven't renewed their TLS certificates.

A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means.

Did he really blow the whistle on security fears? tribunal asked

A former vice president of medical app Your.MD has claimed "false information could be fed into the diagnostic system" as a result of security failings in the software's backend.…

Former Polish security agency exec also under arrest

Polish authorities have reportedly arrested Huawei's sales director and an ex-security agency staffer on allegations of spying.…

Old Twitter posts could reveal more about you than you think, according to researchers, even if you didn’t explicitly mention it.

A researcher has published a tool called Modlishka, capable of phishing 2FA codes sent by SMS or authentication apps.

A trader believes he could easily have obtained admin access to the site and potentially have stolen the funds of its 600,000 users.

Christian Rodriguez says he set up secure VoIP communications for the cartel: a system whose encryption keys he wound up giving to the FBI.