Want to know more about this topic or about us? Contact us!
by Paul Ducklin Apple’s brand new AirTag product got hacked already. Things you can learn from Colonial Pipeline’s ransomware misfortune. Why Dell patched a bunch of driver bugs going back more than a decade. And the “Is it you in the video?” scam just keeps on coming back. With Kimberly . . . Read more
by Paul Ducklin Apple recently announced a tracking device that it calls the AirTag, a new competitor in the “smart label” product category. The AirTag is a round button about the size of a key fob that you can attach to a suitcase, laptop or, indeed, to your keys, to . . . Read more
by Paul Ducklin Regular readers of Naked Security will know that one of the truisms we like to trot out about cybersecurity is the wryly self-contradictory reminder that you should “Never say never.” Indeed, when it comes to programming, the only time that you should ever say, “This will never . . . Read more
by Paul Ducklin We look into Apple’s recent emergency updates that closed off four in-the-wild browser bugs. We explain how the infamous “Flubot” home delivery scam works and how to stop it. We investigate a recent security bug that threatened the PHP ecosystem. With Doug Aamoth and Paul Ducklin. Intro . . . Read more
by Paul Ducklin Usually, when browser updates come out, it’s obvious what to do if you’re running that browser on your laptop or desktop computer. But we often get questions from readers (questions that we can’t always answer) wondering what to do if they’re using that browser on their mobile . . . Read more
by Paul Ducklin Researchers at SentinelLabs say that they found various exploitable bugs in one of Dell’s Windows kernel drivers, which they reported back in December 2020. There were five related bugs, now collectively dubbed CVE-2021-21551. Dell has now issued a patch for these vulnerabilities (the official update is dated . . . Read more
by Paul Ducklin It’s only a week since Apple’s last product updates, but it’s already time to update again. As you probably know, Apple, unusually amongst major operating system and application producers, doesn’t have any sort of predictable schedule for its security patches. Unlike vendors such as Microsoft (monthly), Google . . . Read more
by Paul Ducklin Swiss cybersecurity researchers recently found security holes in Composer, the software tool that programming teams use to access Packagist, the PHP ecosystems’s major online repository of PHP software modules. These bugs could have allowed cybercriminals to poison the Packagist system itself, thus tainting the very watering hole . . . Read more
by Paul Ducklin We investigate whether AirDrop is really as dangerous as researchers claimed. We discuss the pestiferous problem of fake Linux bugs submitted as an academic exercise. We review the latest Sophos Ransomware Report and uncover uncomfortable truths about paying up. With Kimberly Truong, Doug Aamoth and Paul Ducklin. . . . Read more
by Paul Ducklin If you have a PC or laptop with an Nvidia graphics card (colloquially known as a GPU, short for graphics processing unit), make sure you’ve installed any of the company’s April 2021 updates that you need. GPU cards affected by the bugs include those branded GeForce, RTX, . . . Read more