What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-18 17:59:00 | Irony alert! PHP fixes security flaw in input validation code (lien direct) | What's wrong with this sequence? 1. Step into the road 2. Check if it's safe 3. Keep on walki... | |||
|
2022-02-17 17:12:57 | S3 Ep70: Bitcoin, billing blunders, and 0-day after 0-day after 0-day [Podcast + Transcript] (lien direct) | Latest episode - listen and learn! | |||
|
2022-02-16 17:32:16 | VMWare fixes holes that could allow virtual machine escapes (lien direct) | Hats off to VMWare for not using weasel words: "When should you act?" Immediately... | |||
|
2022-02-15 16:17:45 | Google announces zero-day in Chrome browser – update now! (lien direct) | Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week" | |||
|
2022-02-14 22:38:58 | Adobe fixes zero-day exploit in e-commerce code: update now! (lien direct) | There's a remote code execution hole in Adobe e-commerce products - and cybercrooks are already exploiting it. | |||
|
2022-02-14 14:58:55 | Power company pays out $3 trillion compensation to astonished customer (lien direct) | More money than the UK's economy produces in a year! | |||
|
2022-02-11 14:25:40 | Apple zero-day drama for Macs, iPhones and iPads – patch now! (lien direct) | Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now... | Malware | ||
|
2022-02-10 01:15:56 | S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript] (lien direct) | Latest episode - listen now! | |||
|
2022-02-09 14:44:04 | Self-styled “Crocodile of Wall Street” arrested with husband over Bitcoin megaheist (lien direct) | The cops say they've recovered 80% of a $72 million cryptocoin heist... but the recovered funds alone are now worth over $4 billion! | |||
|
2022-02-08 16:34:30 | At last! Office macros from the internet to be blocked by default (lien direct) | It's been a long time coming, and we're not there yet, but at least Microsoft Office will be a bit safer against macro malware... | |||
|
2022-02-07 16:36:25 | Microsoft blocks web installation of its own App Installer files (lien direct) | It's a big deal when a vendor decides to block one of its own "features" for security reasons. Here's why we think it's a good idea. | |||
|
2022-02-04 17:38:40 | Wormhole cryptotrading company turns over $340,000,000 to criminals (lien direct) | It was the best of blockchains, it was the worst of blockchains... as Charles Dickens might have said. | |||
|
2022-02-03 16:20:49 | S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript] (lien direct) | Latest episode - listen now! | |||
|
2022-02-02 17:11:55 | Elementor WordPress plugin has a gaping security hole – update now (lien direct) | We shouldn't need to say, "Check your inputs!" these days, but we're saying it anyway. | |||
|
2022-02-01 17:59:08 | Linux kernel patches “performance can be harmful” bug in video driver (lien direct) | This bug is fiendishly hard to exploit - but if you patch, it won't be there to exploit at all. | |||
|
2022-01-31 17:58:28 | Website operator fined for using Google Fonts “the cloudy way” (lien direct) | Google Fonts are OK, it seems, but only if everyone keeps their own copy of the fonts they use. | |||
|
2022-01-28 23:58:51 | Coronavirus SMS scam offers home PCR testing devices – don\'t fall for it! (lien direct) | Free home PCR devices would be technological marvels, and really useful, too. But there aren't any... | |||
|
2022-01-28 15:34:14 | Happy Data Privacy Day – and we really do mean “happy” :-) (lien direct) | We give you some simple digital lifesytle tips that cost nothing. | |||
|
2022-01-27 17:57:06 | S3 Ep67: Tax scams, carder busts and crypto capers [Podcast + Transcript] (lien direct) | Latest episode - listen now! | |||
|
2022-01-27 14:09:53 | Apple patches Safari data leak (oh, and a zero-day) – patch now! (lien direct) | That infamous "supercookie" bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well. | |||
|
2022-01-26 17:58:32 | “PwnKit” security bug gets you root on most Linux distros – what to do (lien direct) | An elevation of privilege bug that could let a "mostly harmless" user give themselves a instant root shell | |||
|
2022-01-25 17:19:50 | Tax scam emails are alive and well as US tax season starts (lien direct) | If in doubt, don't give it out! (And don't forget that no reply is often a good reply.) | |||
|
2022-01-24 14:14:23 | Alleged carder gang mastermind and three acolytes under arrest in Russia (lien direct) | The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames. | |||
|
2022-01-21 16:25:27 | Cryptocoin broker Crypto.com says 2FA bypass led to $35m theft (lien direct) | The company has put out a brief security report that summarises the 'what', but not yet the 'how' or 'why'. | |||
|
2022-01-20 17:28:11 | S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript] (lien direct) | Latest epsiode - listen now! | |||
|
2022-01-18 17:23:20 | Serious Security: Apple Safari leaks private data via database API – what you need to know (lien direct) | There's a tiny data leakage bug in the WebKit browser engine... but it could act as a "supercookie" identifier for your browsing | |||
|
2022-01-17 14:13:36 | Romance scammer who targeted 670 women gets 28 months in jail (lien direct) | Found love online? Sending them money? Friends and family warning you it could be a scam? Don't be too quick to dismiss their concerns... | |||
|
2022-01-14 17:58:59 | Serious Security: Linux full-disk encryption bug fixed – patch now! (lien direct) | Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it. | |||
|
2022-01-14 14:48:53 | REvil ransomware crew allegedly busted in Russia, says FSB (lien direct) | The Russian Federal Security Bureau has just published a report about the investigation and arrest of the infamous "REvil" ransomware crew. | Ransomware | ||
|
2022-01-13 15:26:28 | S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript] (lien direct) | Latest episode -listen to it or read it now! | |||
|
2022-01-12 16:24:35 | Wormable Windows HTTP hole – what you need to know (lien direct) | One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability". | |||
|
2022-01-11 17:42:31 | Home routers with NetUSB support could have critical kernel hole (lien direct) | Got a router that supports USB access across the network? You might need a kernel update... | |||
|
2022-01-11 00:54:23 | JavaScript developer destroys own projects in supply chain “lesson” (lien direct) | Two popular open source JavaScript packages recently got "hacked" in a smbolic gesture by the original project creator. | |||
|
2022-01-08 02:53:13 | Honda cars in flashback to 2002 – “Can\'t Get You Out Of My Head” (lien direct) | Where were YOU on the night of 17 May 2002? And what about the day after that? | |||
|
2022-01-07 16:32:23 | Log4Shell-like security hole found in popular Java SQL database engine H2 (lien direct) | "It's Log4Shell, Jim, but not as we know it." How to find and fix a JNDI-based vuln in the H2 Database Engine. | |||
|
2022-01-06 13:44:44 | S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript] (lien direct) | We're back for 2022 - listen now! | |||
|
2022-01-05 16:37:54 | FTC threatens “legal action” over unpatched Log4j and other vulns (lien direct) | Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory! | Equifax Equifax | ||
|
2022-01-04 17:23:56 | Apple Home software bug could lock you out of your iPhone (lien direct) | The finder of this bug insists it "poses a serious risk". We're not so sure, but we recommend you take steps to avoid it anyway. | |||
|
2021-12-30 14:40:50 | Instagram copyright infringment scams – don\'t get sucked in! (lien direct) | We deconstructed a copyright phish so you don't have to. Be warned: the crooks are getting better at these scams... | |||
|
2021-12-29 16:12:03 | Log4Shell vulnerability Number Four: “Much ado about something” (lien direct) | It's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one. | Vulnerability | ||
|
2021-12-24 17:44:09 | SFW! The Top N Cybersecurity Stories of 2021 (for small positive integer values of N) (lien direct) | Happy Holidays! Our Top N stories, all totally SFW! | |||
|
2021-12-23 17:58:34 | The cool retro phone with a REAL DIAL… plus plenty of IoT problems (lien direct) | You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity. | |||
|
2021-12-22 17:57:02 | Plundered bitcoins recovered by FBI – all 3,879-and-one-sixth of them! (lien direct) | Phew! An audacious crime... that didn't work out. | |||
|
2021-12-21 17:57:39 | Apache\'s other product: Critical bugs in \'httpd\' web server, patch now! (lien direct) | The Apache web server just got an update - this one is nothing to do with Log4j! | |||
|
2021-12-20 13:20:19 | Log4Shell: The Movie… a short, safe visual tour for work and home (lien direct) | Be happy that your sysadmins are taking one (three, actually!) for the team right now... here's why! | |||
|
2021-12-17 17:57:52 | Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble (lien direct) | Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter! | |||
|
2021-12-16 17:41:40 | S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript] (lien direct) | Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.) | |||
|
2021-12-14 12:55:30 | Apple security updates are out – and not a Log4Shell mention in sight (lien direct) | Get 'em while they're hot! | |||
|
2021-12-13 00:41:01 | Log4Shell explained – how it works, why you need to know, and how to fix it (lien direct) | Find out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you! | Vulnerability | ||
|
2021-12-10 16:22:03 | “Log4Shell” Java vulnerability – how to safeguard your servers (lien direct) | Just when you thought it was safe to relax for the weekend... a critical bug showed up in Apache's Log4j product | Vulnerability |
To see everything:
Our RSS (filtrered)
