Author Archives: Paul Ducklin

S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]

Posted on April 7, 2022 by Paul Ducklin

Latest episode – listen now! Cybersecurity news and advice in plain English. Continue reading S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]→

Serious Security: Darkweb drugs market Hydra taken offline by German police

Posted on April 6, 2022 by Paul Ducklin

Why are Tor sites hard to locate and therefore difficult to take down? We explain in plain English… Continue reading Serious Security: Darkweb drugs market Hydra taken offline by German police→

Firefox 99 is out – no major bugs, but update anyway!

Posted on April 5, 2022 by Paul Ducklin

Firefox’s four-weekly updates just dropped – here’s what you need to know. Continue reading Firefox 99 is out – no major bugs, but update anyway!→

Google’s monthly Android updates patch numerous “get root” holes

Posted on April 5, 2022 by Paul Ducklin

Get the update now… if it’s available for your phone. Here’s how to check. Continue reading Google’s monthly Android updates patch numerous “get root” holes→

LAPSUS$ hacks continue despite two UK hacker suspects in court

Posted on April 4, 2022 by Paul Ducklin

Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them? Continue reading LAPSUS$ hacks continue despite two UK hacker suspects in court→

Apple pushes out two emergency 0-day updates – get ’em now!

Posted on March 31, 2022 by Paul Ducklin

More Apple zero-days – mobile devices, laptops and desktops affected. Update now! Continue reading Apple pushes out two emergency 0-day updates – get ’em now!→

Two different “VMware Spring” bugs at large – we cut through the confusion

Posted on March 31, 2022 by Paul Ducklin

Whoever came up with the name “Spring4Shell” didn’t help at all… we cut through the Spring Bug confusion Continue reading Two different “VMware Spring” bugs at large – we cut through the confusion→

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

Posted on March 31, 2022 by Paul Ducklin

Latest episode – listen now! Continue reading S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]→

“VMware Spring Cloud” Java bug gives instant remote code execution – update now!

Posted on March 30, 2022 by Paul Ducklin

Easy unauthenticated remote code execution – PoC code already out Continue reading “VMware Spring Cloud” Java bug gives instant remote code execution – update now!→

World Backup Day: 5 data recovery tips for everyone!

Posted on March 30, 2022 by Paul Ducklin

The only backup you will ever regret is the one you didn’t make Continue reading World Backup Day: 5 data recovery tips for everyone!→