A recently-disclosed vulnerability in the Docker containerisation platform is being exploited by cybercriminals to mine the Monero (XMR) cryptocurrency on hundreds of servers.
Monthly Archives: March 2019
Backdoored GitHub accounts spewed secret sneakerbot software
Researchers have uncovered a network of GitHub accounts containing backdoored versions of legitimate software.
Serious Chrome zero-day – Google says update “right this minute”
When a security expert on the Chrome team says, “update your Chrome installs… like right this minute” – well, here’s how to check!
Google reveals BuggyCow macOS security flaw
Google’s Project Zero researchers have revealed a “high severity” macOS security flaw nicknamed ‘BuggyCow’ which Apple appears to be in no rush to patch.
Leaky ski helmet speakers expose conversations and data
Chips 2.0 speakers are the perfect accessory for any on-trend skier. There’s just one problem: Everyone else can listen in too.
Google Photos disables sharing on Android TV
Two models of Android TVs showed a stream of strangers’ Google accounts, along with profile pics, though not the actual photos.
Ep. 022 – Plaintext passwords, cryptocoin criminality and the Momo monstrosity [PODCAST]
Here’s the latest episode of the Naked Security podcast – listen now!
Facebook criticised for misuse of phone numbers provided for security
Facebook admits it’s using numbers supplied for 2FA for more than security, and you can’t turn it off.
Companies are flying blind on cybersecurity
IT managers are flying blind in the battle to protect their companies from cyber attacks, according to a new Sophos survey.
Comcast security nightmare: default ‘0000’ PIN on everybody’s account
It didn’t require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customers… and phone hijackers.