by Paul Ducklin Over on our sister site, Sophos News, we’ve just published some fascinating and informative insights into cybercriminals… …answering the truly practical question, “How do they do it?” In theory, the crooks can (and do) use any and all of thousands of different attack techniques, in any combination they like. In real life, however, good risk management says […]
Read moreby Paul Ducklin We monitor a range of email addresses related to Naked Security, so we receieve a regular (a word we are using here to mean “unrelenting”) supply of real-world spams and scams. Some of our email addresses are obviously directly associated with various Sophos-related social media accounts; others are more general business-oriented addresses; and […]
Read more22 NOV 2021 0Malware, Phishing Previous: Github cookie leakage – thousands of Firefox cookie files uploaded by mistake by Paul Ducklin As we’ve explained before, the opposite (or perhaps we mean the inverse) of Black Friday wouldn’t be White Friday, it would be Red Friday. The word “black” in the context of the big retail surge that typically follows […]
Read more18 NOV 2021 2Data loss Previous: S3 Ep59: Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase [Podcast] by Paul Ducklin Remember when people used to upload their SSH keys onto Github and similar code sharing sites by mistake? Two years ago, we wrote about the fact that incautious software developers had uploaded hundreds of thousands of private […]
Read more17 NOV 2021 0Apple, Privacy Previous: The self-driving smart suitcase… that the person behind you can hijack! by Paul Ducklin Tommy Mysk and Talal Haj Bakry describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating […]
Read more16 NOV 2021 0IoT Previous: Emotet malware: “The report of my death was an exaggeration” by Paul Ducklin The Internet of Things (IoT) has become infamous for providing us, in a worrying number of cases, with three outcomes: Connected products that we didn’t know we needed. Connected products that we purchased anyway. Connected products that ended up disconnected in a […]
Read more