Naked Security

Apple AirTag hacked again – free internet with no mobile data plan!

Naked Security Earlier this week we wrote about a jailbreak hack against Apple’s newly introduced AirTag product. In that story, the researcher @ghidraninja was able to modify the firmware on the AirTag itself, despite the anti-tampering protection implemented by Apple’s own AirTag firmware programming. But this “attack” (if that is the right word) is different, …

Apple AirTag hacked again – free internet with no mobile data plan! Read More »

Firefox for Android gets critical update to block cookie-stealing hole

Naked Security Usually, when browser updates come out, it’s obvious what to do if you’re running that browser on your laptop or desktop computer. But we often get questions from readers (questions that we can’t always answer) wondering what to do if they’re using that browser on their mobile phone, where version numbering is often …

Firefox for Android gets critical update to block cookie-stealing hole Read More »

Apple products hit by fourfecta of zero-day exploits – patch now!

Naked Security It’s only a week since Apple’s last product updates, but it’s already time to update again. As you probably know, Apple, unusually amongst major operating system and application producers, doesn’t have any sort of predictable schedule for its security patches. Unlike vendors such as Microsoft (monthly), Google Android (monthly) and Mozilla (every fourth …

Apple products hit by fourfecta of zero-day exploits – patch now! Read More »

Ransomware: don’t expect a full recovery, however much you pay

Naked Security When it comes to all the various types of malware out there, none has ever dominated the headlines quite as much as ransomware. Sure, several individual malware outbreaks have turned into truly global stories over the years. The LoveBug mass-mailing virus of 2000 springs to mind, which blasted itself into hundreds of millions …

Ransomware: don’t expect a full recovery, however much you pay Read More »

Chrome zero-day browser bug found – patch now!

Naked Security Google, whose Project Zero bug-hunting team is often surprisingly vocal when describing and discussing software vulnerabilities, has taken a very quiet approach to a just-patched bug in its Chrome browser. Full article

GnuPG crypto library can be pwned during decryption – patch now!

Naked Security Bug hunter Tavis Ormandy of Google’s Project Zero just discovered a dangerous bug in the GNU Privacy Guard team’s libgcrypt encryption software. The libgcrypt library is an open-source toolkit that anyone can use, but it’s probably best known as the encryption library used by the GNU Privacy Guard team’s own widely deployed GnuPG …

GnuPG crypto library can be pwned during decryption – patch now! Read More »

Europol announces bust of “world’s biggest” dark web marketplace

Naked Security You probably don’t need to be told what sort of products were on offer at an online retail site called DarkMarket. As you can imagine, it operated on the so-called dark web, and you’d have needed the Tor browser to access it, using a special web address ending in .onion. Onion addresses can …

Europol announces bust of “world’s biggest” dark web marketplace Read More »

Home schooling – how to stay secure

Naked Security Many pupils are starting their new school term from home rather than the classroom. For families with younger kids, home schooling is often the first time that their children have needed to use computers (rather than gaming consoles) in earnest. Whether you’re new to home schooling, going back to it after a break, or an old hand, it’s worth taking a moment to ensure …

Home schooling – how to stay secure Read More »

FBI “ransomware warning” for healthcare is a warning for everyone!

Naked Security You’ve probably heard or seen the news that the US CISA issued an alert this week with the unassuming identifier AA20-302A. CISA is short for Cybersecurity and Infrastructure Security Agency, and the AA20-302A report was a joint alert from CISA, the FBI and the HHS (US Department of Health and Human Services). Of …

FBI “ransomware warning” for healthcare is a warning for everyone! Read More »