S3 Ep113: Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text]

Return o’ the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Want to know more about this topic or about us? Contact us!
Return o’ the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
An injury to one is an injury to all. Especially if the other people are part of your social network.
If you spew projects laced with hidden malware into an open source repository, don’t waste your time telling us “no harm done” afterwards.
More supply chain trouble – this time with clear examples so you can learn how to spot this stuff yourself.
Learn how to find out which apps you’ve given access rights to, and how to revoke those rights immediately in an emergency.
Latest episode -listen to it or read it now!
Two popular open source JavaScript packages recently got “hacked” in a smbolic gesture by the original project creator.
Everyone remembers this year’s big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.
by Paul Ducklin We look into Apple’s recent emergency updates that closed off four in-the-wild browser bugs. We explain how the infamous “Flubot” home delivery scam works and how to stop it. We investigate a recent security bug that threatened the PHP ecosystem. With Doug Aamoth and Paul Ducklin. Intro . . . Read more
by Paul Ducklin Swiss cybersecurity researchers recently found security holes in Composer, the software tool that programming teams use to access Packagist, the PHP ecosystems’s major online repository of PHP software modules. These bugs could have allowed cybercriminals to poison the Packagist system itself, thus tainting the very watering hole . . . Read more