DOUG. Emergency Apple patches, justice for the 2020 Twitter hack, and “Turn off your phones, please!” All that, and more, on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast, everybody. I am Doug Aamoth; he is Paul Ducklin. Paul, how do you do? DUCK. I’m very well, Douglas. And just to be clear, when we […]
![Stop calling every breach “sophisticated”! [Audio + Text] – Naked Security](https://exoticdigitalaccess.co.ke/wp-content/uploads/2023/02/eniac-1200.png)
The birth of ENIAC. A “sophisticated attack” (someone got phished). A cryptographic hack enabled by a security warning. Valentine’s Day Patch Tuesday. Apple closes spyware-sized 0-day hole. DOUG. Patching bugs, hacking Reddit, and the early days of computing. All that, and more, on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast, everybody. I am […]
![Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text] – Naked Security](https://exoticdigitalaccess.co.ke/wp-content/uploads/2022/12/s3-ep113-1200.png)
DOUG. Wireless spyware, credit card skimming, and patches galore. All that, and more, on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast, everybody. I am Doug Aamoth; he is Paul Ducklin. Paul, how do you do? DUCK. I’m very well, Doug. Cold, but well. DOUG. It’s freezing here too, and everyone is sick… but that’s December […]
An emergency Chrome update that Google announced on Thanksgiving Day addresses an actively exploited zero-day in the popular browser. Tracked as CVE-2022-4135, the high-severity vulnerability is described as a heap buffer overflow in Chrome’s GPU component. “Google is aware that an exploit for CVE-2022-4135 exists in the wild,” the internet giant notes. A National Vulnerability […]
Google has just patched Chrome’s eighth zero-day hole of the year so far. Zero-days are bugs for which there were zero days you could have updated proactively… …because cybercriminals not only found the bug first, but also figured out how to exploit it for nefarious purposes before a patch was prepared and published. So, the […]
Just under two months ago, some worrying bug news broke: a pair of zero-day vulnerabilities were announced in Microsoft Exchange. As we advised at the time, these vulnerabilities, officially designated CVE-2022-41040 and CVE-2022-41082: [were] two zero-days that [could] be chained together, with the first bug used remotely to open enough of a hole to trigger […]