Sophos Naked Security

Syndikovat obsah Naked Security
News, opinion, advice and research on computer security threats from Sophos
Aktualizace: 56 min 1 sek zpět

Slack admits to leaking hashed passwords for five years

8 Srpen, 2022 - 17:14
"When those invitations went out... somehow, your password hash went out with them."

Traffic Light Protocol for cybersecurity responders gets a revamp

5 Srpen, 2022 - 20:57
Traffic lights make a handy global metaphor for denoting the sensitivity of cybersecurity threat data - three colours that everyone knows.

GitHub blighted by “researcher” who created thousands of malicious projects

4 Srpen, 2022 - 20:06
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.

S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]

4 Srpen, 2022 - 19:52
Latest episode - listen now! (Or read if that's what you prefer.)

Post-quantum cryptography – new algorithm “gone in 60 minutes”

3 Srpen, 2022 - 20:55
And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.

Cryptocoin “token swapper” Nomad loses $200 million in coding blunder

2 Srpen, 2022 - 20:12
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.

GnuTLS patches memory mismanagement bug – update now!

1 Srpen, 2022 - 18:55
GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...

How to celebrate SysAdmin Day!

29 Červenec, 2022 - 20:37
I've just popped in to wish you all/The best SysAdmin Day!

S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

28 Červenec, 2022 - 20:47
Latest episode - listen now!

Critical Samba bug could let anyone become Domain Admin – patch now!

27 Červenec, 2022 - 23:15
It's a serious bug... but there's a fix for it, so you know exactly what to do!

Mild monthly security update from Firefox – but update anyway

27 Červenec, 2022 - 20:41
You're probably thinking we're going to say, "Don't delay/Do it today"... and that's exactly what we are saying!

T-Mobile to cough up $500 million over 2021 data breach

25 Červenec, 2022 - 20:20
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.

Office macro security: on-again-off-again feature now BACK ON AGAIN!

23 Červenec, 2022 - 20:10
20 years to turn it on, then 20 weeks to turn it off, then just 2 weeks to turn it back on again. That's progress!

Apple patches “0-day” browser bug fixed 2 weeks ago in Chrome, Edge

21 Červenec, 2022 - 22:38
One vendor's zero-day is another vendor's routine patch...

S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]

21 Červenec, 2022 - 20:25
Latest episode - listen, read or both!

Last member of Gozi malware troika arrives in US for criminal trial

20 Červenec, 2022 - 20:56
His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...

8 months on, US says Log4Shell will be around for “a decade or longer”

18 Červenec, 2022 - 18:57
When it comes to cybersecurity, ask not what everyone else can do for you...

7 cybersecurity tips for your summer vacation!

15 Červenec, 2022 - 20:23
Here you go - seven thoughtful cybersecurity tips to help you travel safely...

S3 Ep91: CodeRed, OpenSSL, Java bugs and Office macros [Podcast + Transcript]

14 Červenec, 2022 - 20:47
Latest episode - listen now! Great discussion, technical content, solid advice... all covered in plain English.

Facebook 2FA scammers return – this time in just 21 minutes

13 Červenec, 2022 - 20:46
Last time they arrived 28 minutes after lighting up their fake domain... this time it was just 21 minutes