What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-29 16:15:20 | GitHub issues final report on supply-chain source code intrusions (lien direct) | Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency. | |||
|
2022-04-28 13:18:25 | S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast] (lien direct) | Latest episode - listen now! | Ransomware | ||
|
2022-04-27 15:22:43 | Ransomware Survey 2022 – like the Curate\'s Egg, “good in parts” (lien direct) | You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look! | Ransomware | ||
|
2022-04-25 16:58:37 | Phishing goes KISS: Don\'t let plain and simple messages catch you out! (lien direct) | Sometimes we receive phishing tricks that we grudgingly have to admit are better than average, just because they're uncomplicated. | |||
|
2022-04-22 15:15:58 | QNAP warns of new bugs in its Network Attached Storage devices (lien direct) | Here's what you need to know - plus some sensible advice for all the devices on your home or small biz network! | |||
|
2022-04-21 13:41:12 | S3 Ep79: Chrome hole, a bad place for a cybersecurity holiday, and cryptododginess [Podcast] (lien direct) | Do you know your Adam Osborne from your John Osbourne? Your Z80 from your 6502? Latest episode - listen now! | |||
|
2022-04-20 16:43:05 | Critical cryptographic Java security blunder patched – update now! (lien direct) | Either know the private key and use it scrupulously in your digital signature calculation.... or just send a bunch of zeros instead. | |||
|
2022-04-19 16:00:45 | Beanstalk cryptocurrency heist: scammer votes himself all the money (lien direct) | Voting safeguards based on commuity collateral don't work if one person can use a momentary loan to "become" 75% of the community. | |||
|
2022-04-16 00:33:41 | Yet another Chrome zero-day emergency update – patch now! (lien direct) | The third emergency Chrome 0-day in three months - the first one was exploited by North Korea, so you might as well get this one ASAP. | |||
|
2022-04-14 13:39:52 | S3 Ep78: Darkweb hydra, Ruby, quantum computing, and a robot revolution [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-04-13 15:52:57 | US cryptocurrency coder gets 5 years for North Korea sanctions busting (lien direct) | Cryptocurrency expert didn't take "No" for an answer when the US authorities said he couldn't pursue cryptocoin opps in North Korea. | |||
|
2022-04-12 16:58:35 | Five critical bugs fixed in automatic hospital robot control system (lien direct) | Fortunately, we're not talking about a robot revolution, or about hospital AI run amuck. But these bugs could lead to ransomware, or worse... | Guideline | ||
|
2022-04-11 16:58:13 | OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default (lien direct) | Useful quantum computers might not actually be possible. But what if they are? And what if they arrive, say, tomorrow? | |||
|
2022-04-08 15:38:52 | Popular Ruby Asciidoc toolkit patched against critical vuln – get the update now! (lien direct) | A rogue line-continuation character can trick the code into validating just the second half of the line, but executing all of it. | |||
|
2022-04-07 12:24:59 | S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast] (lien direct) | Latest episode - listen now! Cybersecurity news and advice in plain English. | |||
|
2022-04-06 16:22:33 | Serious Security: Darkweb drugs market Hydra taken offline by German police (lien direct) | Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English... | |||
|
2022-04-05 16:21:07 | Firefox 99 is out – no major bugs, but update anyway! (lien direct) | Firefox's four-weekly updates just dropped - here's what you need to know. | |||
|
2022-04-05 14:44:20 | Google\'s monthly Android updates patch numerous “get root” holes (lien direct) | Get the update now... if it's available for your phone. Here's how to check. | |||
|
2022-04-04 21:36:27 | LAPSUS$ hacks continue despite two UK hacker suspects in court (lien direct) | Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them? | |||
|
2022-03-31 23:38:39 | Apple pushes out two emergency 0-day updates – get \'em now! (lien direct) | More Apple zero-days - mobile devices, laptops and desktops affected. Update now! | |||
|
2022-03-31 16:59:26 | Two different “VMware Spring” bugs at large – we cut through the confusion (lien direct) | Whoever came up with the name "Spring4Shell" didn't help at all... we cut through the Spring Bug confusion | |||
|
2022-03-31 13:38:35 | S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-03-30 16:38:07 | “VMWare Spring Cloud” Java bug gives instant remote code execution – update now! (lien direct) | Easy unauthenticated remote code execution - PoC code already out | |||
|
2022-03-30 15:10:07 | World Backup Day: 5 data recovery tips for everyone! (lien direct) | The only backup you will ever regret is the one you didn't make | |||
|
2022-03-29 16:37:38 | Zlib data compressor fixes 17-year-old security bug – patch, errr, now (lien direct) | This code is venerable! Sirely all the bugs must be out by now? | ★★ | ||
|
2022-03-28 14:18:59 | Google Chrome patches mysterious new zero-day bug – update now (lien direct) | CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now! | |||
|
2022-03-25 01:48:28 | UK police arrest 7 hacking suspects – have they bust the LAPSUS$ gang? (lien direct) | Seven alleged hackers have been arrested in the UK. But who are they, and which hacking crew are they from? | |||
|
2022-03-24 13:49:08 | S3 Ep75: Okta hack, CryptoRom, OpenSSL, and CafePress [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-03-23 17:58:05 | Serious Security: DEADBOLT – the ransomware that goes straight for for your backups (lien direct) | Some tips on how to keep your network safe - even (or perhaps especially!) if you think you're safe already. | Ransomware | ||
|
2022-03-21 16:55:43 | Web vendor CafePress fined $500,000 for giving cybersecurity a low value (lien direct) | Just because you're the victim of a cybercrime doesn't let you off your cybersecurity obligations | |||
|
2022-03-18 17:59:17 | OpenSSL patches infinite-loop DoS bug in certificate verification (lien direct) | When it comes to writing loops in your code... never sit on the fence! | |||
|
2022-03-17 13:32:02 | S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-03-16 15:49:29 | Beware bogus Betas – cryptocoin scammers abuse Apple\'s TestFlight system (lien direct) | "Install this moneymaking app" - this one is so special that it isn't available on Google Play or the App Store! | |||
|
2022-03-16 01:22:19 | “Russian actors bypass 2FA” warning – what happened and how to avoid it (lien direct) | Don't leave old accounts lying around where someone sketchy could reactivate them. | |||
|
2022-03-15 16:36:04 | Apple patches 87 security holes – from iPhones and Macs to Windows (lien direct) | Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows. | |||
|
2022-03-14 23:59:05 | Happy #PiDay – even if you aren\'t in North America! (lien direct) | There is a cybersecurity angle here - but you will need to read right to the end to find it :-) | |||
|
2022-03-14 17:51:20 | Cryptocoin ATMs ruled illegal – “Shut down at once”, says regulator (lien direct) | If you live in the UK and hadn't yet heard of cryptocoin ATMs... it's too late now! | ★★★ | ||
|
2022-03-11 14:59:16 | Alleged Kaseya ransomware attacker arrives in Texas for trial (lien direct) | The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded... | Ransomware | ★★★ | |
|
2022-03-10 16:37:01 | S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast] (lien direct) | Latest episode - listen now! | Ransomware | ||
|
2022-03-08 17:37:00 | “Dirty Pipe” Linux kernel bug lets anyone to write to any file (lien direct) | Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack. | Guideline | ||
|
2022-03-07 12:47:44 | Adafruit suffers GitHub data breach – don\'t let this happen to you (lien direct) | Training data stashed in GitHub by mistake... unfortunately, it was *real* data | Data Breach | ||
|
2022-03-05 19:06:09 | Firefox patches two in-the-wild exploits – update now! (lien direct) | Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now! | |||
|
2022-03-03 14:04:50 | S3 Ep72: AirTag stalking, web server coding woes and Instascams [Podcast + Transcript] (lien direct) | Latest episode - listen now (or read it, if that's your preference)... | |||
|
2022-03-02 16:33:45 | Ransomware with a difference: “Derestrict your software, or else!” (lien direct) | "Change your code to improve cryptomining"... or we'll dump 1TB of stolen secrets. | |||
|
2022-02-28 17:56:20 | Instagram scammers as busy as ever: passwords and 2FA codes at risk (lien direct) | Instagram scams don't seem to be dying out - we're seeing more variety and trickiness than ever... | |||
|
2022-02-25 17:59:11 | Did we learn nothing from Y2K? Why are some coders still stuck on two digit numbers? (lien direct) | Calling all website coders: Y2K was then. V1H is now! | |||
|
2022-02-24 16:51:41 | S3 Ep71: VMware escapes, PHP holes, WP plugin woes, and scary scams [Podcast] (lien direct) | Latest episode - listen now! | |||
|
2022-02-23 17:59:12 | Apple AirTag anti-stalking protection bypassed by researchers (lien direct) | Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags. | |||
|
2022-02-22 17:26:37 | WordPress backup plugin maker Updraft says “You should update”… (lien direct) | A straight-talking bug report written in plain English by an actual expert - there's a teachable moment in this cybersecurity story! | |||
|
2022-02-21 17:59:02 | French cybercriminals using sextortion scams with no text or links (lien direct) | You'd spot this one a mile away... but what about your friends or family? |
To see everything:
Our RSS (filtrered)
