Naked Security

Security specialist John Shier tells you the "news you can really use" - how to boost your cybersecurity based on real-world advice from the 2023 Sophos Threat Report.

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Microsoft's tilt at the MP3 marketplace. Apple's not-a-zero-day emergency. Cracking the lock on Android phones. Browser-in-the-Browser revisited. The Emmenthal cheese attack. Business Email Compromise and how to prevent it.

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Radio waves so mysterious they're known only as X-Rays. Were there six 0-days or only four? The cops that found $3 billion in a popcorn tin. Blue badge confusion. When URL scanning goes wrong. Tracking down every last unpatched file. Why even unlikely exploits can earn "high" severity levels.

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

The man who put Boole in Boolean. OpenSSL's bated-breath update. Apple's zero-day finally settled. New Chrome zero-day. SHA-3 code gets a patch. Extreme extortion via stolen medical data. Data breach response the nonchalant way.

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Windows XP (fondly?!) remembered. Clearview AI courts controversy again. DEADBOLT ransomware crooks get counterhacked. Women cryptologists commemorated in US. How to measure randomness. Deconstructing Apple's latest security bulletins.

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Coolest videogame ever. Zoom thinks everyone's a developer. The Patch Tuesday that wasn't. A data breach coverup. Log4Shell all over again. And the Office cryptofail that Microsoft won't fix.

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

What goes up... must come down. Ransomware criminal avoids a life sentence. Former CSO convicted over Uber megabreach coverup. WhatsApp fights rip-off rogue apps. The Countess of Computer Science. Could a weird email brick your iPhone?

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Naked Security meets Sophos X-Ops! Duck and Chet dig into OAuth 2.0, a well-known protocol for authorization. Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.

Original music by Edith Mudge

A fridge-sized calculator made with transistors (really). ProxyNotShell situation reviewed. Romance and BEC scammer gets 25 years in the slammer. Is there an answer to nuisance callers? Is the answer voicemail?

Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Chester Wisniewski gives you actionable advice on how to deal with two actively exploited Exchange zero-days that suddenly burst into the news. Learn who's affected and how, find out what you can do while waiting for Microsoft's patches, and plan your threat hunting in case the worst happens to you.

Original music by Edith Mudge