What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-10 16:59:05 | APIC/EPIC! Intel chips leak secrets even the kernel shouldn\'t see… (lien direct) | If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it! | |||
|
2022-08-08 15:14:38 | Slack admits to leaking hashed passwords for five years (lien direct) | "When those invitations went out... somehow, your password hash went out with them." | |||
|
2022-08-03 23:06:28 | GitHub blighted by “researcher” who created thousands of malicious projects (lien direct) | If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards. | Malware | ||
|
2022-07-28 15:47:16 | S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text] (lien direct) | Latest episode - listen now! | |||
|
2022-07-25 16:20:53 | T-Mobile to cough up $500 million over 2021 data breach (lien direct) | Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach. | Data Breach | ||
|
2022-07-20 14:56:08 | Last member of Gozi malware troika arrives in US for criminal trial (lien direct) | His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned... | Malware | ||
|
2022-07-04 14:09:05 | Canadian cybercriminal pleads guilty to “NetWalker” attacks in US (lien direct) | Bust in Canada, now bust in the USA as well. | |||
|
2022-06-30 12:57:04 | S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript] (lien direct) | Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers! | |||
|
2022-06-29 16:11:55 | Firefox 102 fixes address bar spoofing security hole (and helps with Follina!) (lien direct) | Firefox squashes a bug that helped phishers, and brings its own helping hand to Microsoft's "Follina" saga. | |||
|
2022-06-27 18:14:53 | Harmony blockchain loses nearly $100M due to hacked private keys (lien direct) | The crooks needed at least two private keys, each stored in two parts... but they got them anyway. | |||
|
2022-06-27 14:58:19 | FTC warns of LGBTQ+ extortion scams – be aware before you share! (lien direct) | It's a simple jingle and it's solid advice: "If in doubt, don't give it out!" | |||
|
2022-06-24 15:32:13 | OpenSSL issues a bugfix for the previous bugfix (lien direct) | Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons. | |||
|
2022-06-23 11:08:42 | S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast] (lien direct) | Latest epsiode - listen now! | Data Breach | ||
|
2022-06-21 15:24:24 | Capital One identity theft hacker finally gets convicted (lien direct) | It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own! | Data Breach | ||
|
2022-06-20 18:10:48 | Interpol busts 2000 suspects in phone scamming takedown (lien direct) | Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples... | |||
|
2022-06-16 16:52:55 | S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast] (lien direct) | Lastest epsiode - listen now! | |||
|
2022-06-15 01:20:14 | Follina gets fixed – but it\'s not listed in the Patch Tuesday patches! (lien direct) | We tried it out to make sure, so you don't have to. | |||
|
2022-06-14 16:49:36 | Murder suspect admits she tracked cheating partner with hidden AirTag (lien direct) | O! What a tangled web we weave, when first we practise to deceive. | |||
|
2022-06-13 16:28:17 | You\'re invited! Join us for a live walkthrough of the “Follina” story… (lien direct) | Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can! | |||
|
2022-06-09 13:07:36 | S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript] (lien direct) | Latest episode - listen (or read) now! | |||
|
2022-06-08 14:53:35 | SSNDOB Market servers seized, identity theft “brokerage”” shut down (lien direct) | The online identity "brokerage" SSNDOB Market didn't want pople to be in any doubt what it was selling. | |||
|
2022-06-07 15:49:50 | Know your enemy! Learn how cybercrime adversaries get in… (lien direct) | Here's how 144 recent attacks actually went down in real life. Don't let this happen to you! | |||
|
2022-06-03 16:59:18 | Atlassian announces 0-day hole in Confluence Server – update soon! (lien direct) | Zero-day announced - here's what you need to know | |||
|
2022-06-02 15:37:11 | S3 Ep85: Now THAT\'S what I call a Microsoft Office exploit! [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-06-02 13:46:57 | Yet another zero-day (sort of) in Windows “search URL” handling (lien direct) | More trouble with special-purpose URLs on Windows. | |||
|
2022-06-01 14:31:19 | Firefox 101 is out, this time with no 0-day scares (but update anyway!) (lien direct) | After an intriguing month of Firefox releases, here's one with a bit less drama, probably to the collective relief of Mozilla's coders. | ★★ | ||
|
2022-05-30 23:01:55 | Mysterious “Follina” zero-day hole in Office – what to do? (lien direct) | News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help! | |||
|
2022-05-30 16:59:12 | Beware the Smish! Home delivery scams with a professional feel… (lien direct) | Home delivery scams are getting leaner, and meaner, and more likely to "look about right". Here's an example to show you what we mean... | |||
|
2022-05-27 11:17:15 | S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-05-26 12:41:02 | Who\'s watching your webcam? The Screencastify Chrome extension story… (lien direct) | When you really need to make exceptions in cybersecurity, specify them as explicitly as you can. | |||
|
2022-05-24 23:04:17 | Poisoned Python and PHP packages purloin passwords for AWS access (lien direct) | More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself. | |||
|
2022-05-23 13:01:58 | Clearview AI face-matching service fined a lot less than expected (lien direct) | The fine has finally gone through... but it's less than 45% of what was originally proposed. | |||
|
2022-05-20 23:47:31 | Mozilla patches Wednesday\'s Pwn2Own double-exploit… on Friday! (lien direct) | That was quick! 48 hours from exploit report to published patch. | |||
|
2022-05-20 22:35:09 | Microsoft patches the Patch Tuesday patch that broke authentication (lien direct) | Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway? | ★★ | ||
|
2022-05-20 14:03:54 | US Government says: Patch VMware right now, or get off our network (lien direct) | Find and patch. Right now. If you can't patch, get it off the network. Right now! Oh, and show us what you did to comply. | |||
|
2022-05-19 13:56:58 | S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast] (lien direct) | Latest episode - listen now! | Patching | ||
|
2022-05-18 13:04:06 | Pwn2Own hacking schedule released – Windows and Linux are top targets (lien direct) | What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly? | |||
|
2022-05-17 09:30:25 | Apple patches zero-day kernel hole and much more – update now! (lien direct) | You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions. | Vulnerability | ||
|
2022-05-15 21:53:47 | Firefox out-of-band update to 100.0.1 – just in time for Pwn2Own? (lien direct) | A new point-release of Firefox. Not unusual, but the timing of this one is interesting, with Pwn2Own coming up in a few days. | |||
|
2022-05-13 15:31:56 | (Déjà vu) He sold cracked passwords for a living – now he\'s serving 4 years in prison (lien direct) | Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough... | |||
|
2022-05-13 15:31:56 | He cracked passwords for a living – now he\'s serving 4 years in prison (lien direct) | Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough... | |||
|
2022-05-12 15:46:08 | S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast] (lien direct) | Latest episode - lots to learn - plain English - fun with a serious side - listen now! | ★★★ | ||
|
2022-05-12 15:08:53 | Serious Security: Learning from curl\'s latest bug update (lien direct) | Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world. | ★★ | ||
|
2022-05-10 16:59:39 | Colonial Pipeline facing $1,000,000 fine for poor recovery plans (lien direct) | How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here's some real-life advice... | ★★★ | ||
|
2022-05-09 15:41:04 | RubyGems supply chain rip-and-replace bug fixed – check your logs! (lien direct) | Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself "Frank". | ★★★ | ||
|
2022-05-06 16:59:16 | You didn\'t leave enough space between ROSE and AND, and AND and CROWN (lien direct) | What weird Google Docs bug connects the words THEREFORE, AND, SECONDLY, WHY, BUT and BESIDES? | ★★ | ||
|
2022-05-05 14:16:18 | S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-05-05 01:06:58 | World Password Day – the 1960s just called and gave you your passwords back (lien direct) | Yes, passwords are going away. No, it won't happen tomorrow. So it's still worth knowing the basics of picking proper passwords. | |||
|
2022-05-04 15:54:17 | Android monthly updates are out – critical bugs found in critical places! (lien direct) | Android May 2022 updates are out - with some critical fixes in some critical places. Learn more... | |||
|
2022-05-03 16:42:06 | Firefox hits 100*, fixes bugs… but no new zero-days this month (lien direct) | Despite concerns that some websites might break when Chromium and then Firefox reached version 100, the web still seems to be intact. |
To see everything:
Our RSS (filtrered)
