Sophos

The mobile phone bugs that Google kept quiet, just in case. The mysterious case of ATM video uploads. When redacted data springs back to life. https://nakedsecurity.sophos.com/dangerous-android-phone-0-day-bugs-revealed https://nakedsecurity.sophos.com/bitcoin-atm-customers-hacked-by-video-upload https://nakedsecurity.sophos.com/google-pixel-phones-had-a-serious-data-leakage-bug https://nakedsecurity.sophos.com/windows-11-also-vulnerable-to-acropalypse With Paul Ducklin and Chester Wisniewski Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter:...

The price of fast fashion. Firefox fixes. Feature creep fail curtailed in Patch Tuesday updates. https://nakedsecurity.sophos.com/shein-shopping-app-goes-rogue https://nakedsecurity.sophos.com/firefox-111-patches-11-holes https://nakedsecurity.sophos.com/microsoft-fixes-two-0-days With Paul Ducklin and Chester Wisniewski Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)

Memories of Michelangelo (the virus, not the artist). Data leakage bugs in TPM 2.0. Ransomware bust, ransomware warning, and anti-ransomware advice. https://nakedsecurity.sophos.com/serious-security-tpm-2-0-vulns https://nakedsecurity.sophos.com/doppelpaymer-ransomware-supsects-arrested https://nakedsecurity.sophos.com/feds-warn-about-right-royal-ransomware With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)

How Woz nearly gave away the Apple I. Rogue software packages. Rogue network "administrators". Rogue keyloggers. Rogue authenticators. https://nakedsecurity.sophos.com/npm-javascript-packages-abused-to-create-scambait https://nakedsecurity.sophos.com/dutch-police-arrest-three-cyberextortion-suspects https://nakedsecurity.sophos.com/lastpass-the-crooks-used-a-keylogger https://nakedsecurity.sophos.com/beware-rogue-2fa-apps-in-app-store-and-google-play With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)

The first search warrant for computer storage. GoDaddy breach. Twitter surprise. Coinbase kerfuffle. The hidden cost of success. https://nakedsecurity.sophos.com/godaddy-admits-crooks-hit-us-with-malware https://nakedsecurity.sophos.com/twitter-tells-users-pay-up https://nakedsecurity.sophos.com/coinbase-breached-by-social-engineers With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)

The birth of ENIAC. A "sophisticated attack" (read: someone got phished). A cryptographic hack enabled by a security warning. Valetine's Day Patch Tuesday. Apple closes spyware-sized 0-day hole. https://nakedsecurity.sophos.com/reddit-admits-it-was-hacked- https://nakedsecurity.sophos.com/serious-security-gnutls-follows-openssl https://nakedsecurity.sophos.com/microsoft-patch-tuesday-36-rce-bugs https://nakedsecurity.sophos.com/apple-fixes-zero-day-spyware-implant-bug With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got...

Crypto crimelords. VMware, OpenSSH and OpenSSL. Breacher busted. Is that a bug or a feature? https://nakedsecurity.sophos.com/tracers-in-the-dark https://nakedsecurity.sophos.com/using-vmware-worried-about-esxi-ransomware https://nakedsecurity.sophos.com/openssh-fixes-double-free-memory-bug https://nakedsecurity.sophos.com/openssl-fixes-high-severity-data-stealing-bug https://nakedsecurity.sophos.com/finnish-psychotherapy-extortion-suspect-arrested https://nakedsecurity.sophos.com/password-stealing-vulnerability-reported-in-keypass With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity)

Do we really need a "war against cryptography" - codes and ciphers that the government can easily crack if it thinks there's an emergency - to cement our collective online security? Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary on...

The mighty CPU that wasn't. Hive ransomware takedown. Dutch data crime suspect busted. Samba finally gets rid of MD5. GitHub admits to an intrusion. Storing passwords securely. https://nakedsecurity.sophos.com/hive-ransomware-servers-shut-down https://nakedsecurity.sophos.com/dutch-suspect-locked-up https://nakedsecurity.sophos.com/serious-security-the-samba-logon-bug https://nakedsecurity.sophos.com/github-code-signing-certificates-stolen With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to...

The programming language almost called Oak. GoTo admits to more breach woes. T-Mobile spills 37 million records. Apple patches everything, even iOS 12. And Google mAkES tYpOs for sECurity. https://nakedsecurity.sophos.com/goto-admits-customer-cloud-backups-stolen https://nakedsecurity.sophos.com/t-mobile-admits-to-37000000-customer-records-stolen https://nakedsecurity.sophos.com/apple-patches-are-out-old-iphones https://nakedsecurity.sophos.com/serious-security-how-deliberate-typos-might-improve-dns With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got...

The HAPPY99 virus reminds us that less is more. Trouble with JSON Web Tokens. Investment scammers busted in Europe. The LifeLock "breach" that wasn't. https://nakedsecurity.sophos.com/popular-jwt-cloud-security-library-patches https://nakedsecurity.sophos.com/multi-million-investment-scammers-busted https://nakedsecurity.sophos.com/serious-security-unravelling-the-nortonlifelock-hack With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity...

Two stories from the underground. Bank scammers busted. The crypto-crack that wasn't. And the end of two Windows eras at the same time. https://nakedsecurity.sophos.com/inside-a-scammers-lair-ukraine-busts-40 https://nakedsecurity.sophos.com/rsa-crypto-cracked-or-perhaps-not https://nakedsecurity.sophos.com/microsoft-patch-tuesday-one-0-day With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)

The ground-breaking HP-35 digital calculator. Last straw for LastPass? Congress takes on quantum computing. 33 1/3-year-old cybersecurity lessons. Machine learning supply chain attack. https://www.hpmuseum.org/hp35.htm https://nakedsecurity.sophos.com/lastpass-finally-admits-they-did-steal-your-password-vaults https://nakedsecurity.sophos.com/us-passes-the-quantum-computing-cybersecurity-preparedness-act https://nakedsecurity.sophos.com/naked-security-33-1-3-cybersecurity-predictions-for-2023 https://nakedsecurity.sophos.com/pytorch-machine-learning-toolkit-pwned With Doug Aamoth and Paul Ducklin Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: @NakedSecurity (https://twitter.com/nakedsecurity)

Once more unto the breach, dear friends, once more! Paul Duckliin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Original music by Edith...

Join world-renowned Sophos expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode, recorded during our recent Security SOS Week 2022. When it comes to fighting cybercrime, Fraser truly is a "specialist in everything", and he also...