The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.
Monthly Archives: April 2020
Patch now! Microsoft issues unexpected Office fix
You might not have heard of FBX files… but the latest Office versions support them, so don’t neglect this patch!
Shadow Broker leaked NSA files point to unknown APT group
A security researcher claims to have unearthed a previously-unknown APT group after reading the NSA files leaked by the Shadow Brokers in 2016.
AI helps experts find thousands of child sexual abuse imagery keywords
For years, abusers have used complex keywords to covertly talk about imagery, but analysts have sussed out much of the secret code.
iPhone zero day – don’t panic! Here’s what you need to know
A mobile phone forensics outfit looking into real-world attacks going back more than two years has uncovered two Apple Mail app bugs.
Trove of RubyGems malware highlights software supply chain issues
Ruby developers beware: a would-be cryptocurrency thief is out to get at your digital wallet, and they’re using typosquatting code to do it.
Password-free database of exercise app Kinomap leaks 42m user records
It’s like a cloud of personal information breathed out in a plume by a database that didn’t bother to wear a mask.
S2 Ep36: Rogue Chrome extensions, Signal fears and Darth Vader – Naked Security podcast
We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!
Porn scammers making $100,000 a month from sextortion emails
SophosLabs worked through five months’ worth of “porn scam” emails and followed the money. Learn what they found…
309 million Facebook users’ phone numbers (and more) found online
First, 267m records were exposed & sold for 0.0002 cents each on the Dark Web. It was taken down but got reposted with yet more records.