VMWare’s VMware Cloud Director has a security flaw that researchers believe could be exploited to compromise multiple customer accounts using the same cloud infrastructure.
Monthly Archives: June 2020
Amtrak breached, some customers’ logins and PII potentially exposed
The US rail service hasn’t disclosed the number of passengers affected in a 16 April breach.
We won! Naked Security scoops “Legends of security” award
We’re absolutely delighted – delighted and proud! – to report that we won not one but two awards at last night’s European Security Blogger Awards 2020.
The mystery of the expiring Sectigo web certificate
If you’re getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.
Hacker posts database stolen from Dark Net free hosting provider DH
Some 7,600 dark-web sites were obliterated in an attack on the most popular provider of .onion free hosting services, Daniel’s Hosting.
Crime agency turns to Google ads to deter teen DDoS hackers
The UK’s National Crime Agency has hit on a simple way to stop teens from being sucked into cybercrime – using Google Ads.
No password required! “Sign in with Apple” account takeover flaw patched
A bug bounty hunter found a way to login using “Sign in with Apple”… but without the part where you have to put in a password.
Github uncovers malicious scanner targeting developers
GitHub has uncovered a form of malware that spreads via infected repositories on its system.
Facebook to verify identities on accounts that churn out viral posts
Hopefully it’s a COVID-19 version of what it did post-2016 elections, when it required verification of those buying political or issue ads.