Sophos Naked Security

Syndikovat obsah Naked Security
News, opinion, advice and research on computer security threats from Sophos
Aktualizace: 13 min 5 sek zpět

LastPass admits to customer data breach caused by previous breach

11 hodin 2 min zpět
Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.

The CHRISTMA EXEC network worm – 35 years and counting!

1 Prosinec, 2022 - 21:35
"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...

S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]

1 Prosinec, 2022 - 20:58
Latest episode - listen now (or read if you prefer)...

Serious Security: MD5 considered harmful – to the tune of $600,000

30 Listopad, 2022 - 20:58
It's not just the hashing, by the way. It's the salting and the stretching, too!

TikTok “Invisible Challenge” porn malware puts us all at risk

29 Listopad, 2022 - 20:58
An injury to one is an injury to all. Especially if the other people are part of your social network.

Chrome fixes 8th zero-day of 2022 – check your version now (Edge too!)

28 Listopad, 2022 - 20:42
There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!

Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown

25 Listopad, 2022 - 20:17
Those numbers or names that pop up when a call comes up? They're OK as a hint of who's calling, but THEY PROVE NOTHING

S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]

24 Listopad, 2022 - 20:52
Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us

Multimillion dollar CryptoRom scam sites seized, suspects arrested in US

23 Listopad, 2022 - 20:58
Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers...

How to hack an unpatched Exchange server with rogue PowerShell code

22 Listopad, 2022 - 20:54
Review your servers, your patches and your authentication policies - there's a proof-of-concept out

How social media scammers buy time to steal your 2FA codes

21 Listopad, 2022 - 20:02
The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fake

Black Friday and retail season – watch out for PayPal “money request” scams

17 Listopad, 2022 - 21:45
Don't let a keen eye for bargains lead you into risky online behaviour...

S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]

17 Listopad, 2022 - 20:52
Latest episode - listen now! Cybersecurity news plus loads of great advice...

Firefox fixes fullscreen fakery flaw – get the update now!

16 Listopad, 2022 - 20:51
What's so bad about a web page going fullscreen without warning you first?

Log4Shell-like code execution hole in popular Backstage dev tool

15 Listopad, 2022 - 20:49
Good old "string templating", also known as "string interpolation", in the spotlight again...

“Gucci Master” business email scammer Hushpuppi gets 11 years

14 Listopad, 2022 - 20:24
Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...

Dangerous SIM-swap lockscreen bypass – update Android now!

11 Listopad, 2022 - 20:59
A bit like leaving the front door keys under the doormat...

Emergency code execution patch from Apple – but not an 0-day

10 Listopad, 2022 - 21:49
Not a zero-day, but important enough for a quick-fire patch to one system library...

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

10 Listopad, 2022 - 20:26
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

9 Listopad, 2022 - 20:58
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?