NEWS & Updates


    Know your enemy! Learn how cybercrime adversaries get in…

    by Paul Ducklin Over on our sister site, Sophos News, we’ve just published some fascinating and informative insights into cybercriminals… …answering the truly practical question, “How do they do it?” In theory, the crooks can (and do) use any and all of thousands of different attack techniques, in any combination they like. In real life, however, good risk management says […]

    Read more

    Instagram scammers as busy as ever: passwords and 2FA codes at risk

    by Paul Ducklin We monitor a range of email addresses related to Naked Security, so we receieve a regular (a word we are using here to mean “unrelenting”) supply of real-world spams and scams. Some of our email addresses are obviously directly associated with various Sophos-related social media accounts; others are more general business-oriented addresses; and […]

    Read more

    Black Friday and Cyber Monday – here’s what you REALLY need to do!

    22 NOV 2021 0Malware, Phishing Previous: Github cookie leakage – thousands of Firefox cookie files uploaded by mistake by Paul Ducklin   As we’ve explained before, the opposite (or perhaps we mean the inverse) of Black Friday wouldn’t be White Friday, it would be Red Friday. The word “black” in the context of the big retail surge that typically follows […]

    Read more

    Github cookie leakage – thousands of Firefox cookie files uploaded by mistakeHello

    18 NOV 2021 2Data loss Previous: S3 Ep59: Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase [Podcast] by Paul Ducklin   Remember when people used to upload their SSH keys onto Github and similar code sharing sites by mistake? Two years ago, we wrote about the fact that incautious software developers had uploaded hundreds of thousands of private […]

    Read more

    Apple’s Privacy Protection feature – watch out if you have a Watch!

    17 NOV 2021 0Apple, Privacy Previous: The self-driving smart suitcase… that the person behind you can hijack! by Paul Ducklin   Tommy Mysk and Talal Haj Bakry describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating […]

    Read more

    The self-driving smart suitcase… that the person behind you can hijack!

    16 NOV 2021 0IoT Previous: Emotet malware: “The report of my death was an exaggeration” by Paul Ducklin   The Internet of Things (IoT) has become infamous for providing us, in a worrying number of cases, with three outcomes: Connected products that we didn’t know we needed. Connected products that we purchased anyway. Connected products that ended up disconnected in a […]

    Read more