Author Archives: Paul Ducklin

Apple zero-day drama for Macs, iPhones and iPads – patch now!

Posted on February 11, 2022 by Paul Ducklin

Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now… Continue reading Apple zero-day drama for Macs, iPhones and iPads – patch now!→

S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]

Posted on February 10, 2022 by Paul Ducklin

Latest episode – listen now! Continue reading S3 Ep69: WordPress woes, Wormhole holes, and a Microsoft change of heart [Podcast + Transcript]→

At last! Office macros from the internet to be blocked by default

Posted on February 8, 2022 by Paul Ducklin

It’s been a long time coming, and we’re not there yet, but at least Microsoft Office will be a bit safer against macro malware… Continue reading At last! Office macros from the internet to be blocked by default→

Microsoft blocks web installation of its own App Installer files

Posted on February 7, 2022 by Paul Ducklin

It’s a big deal when a vendor decides to block one of its own “features” for security reasons. Here’s why we think it’s a good idea. Continue reading Microsoft blocks web installation of its own App Installer files→

Wormhole cryptotrading company turns over $340,000,000 to criminals

Posted on February 4, 2022 by Paul Ducklin

It was the best of blockchains, it was the worst of blockchains… as Charles Dickens might have said. Continue reading Wormhole cryptotrading company turns over $340,000,000 to criminals→

S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]

Posted on February 3, 2022 by Paul Ducklin

Latest episode – listen now! Continue reading S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]→

Elementor WordPress plugin has a gaping security hole – update now

Posted on February 2, 2022 by Paul Ducklin

We shouldn’t need to say, “Check your inputs!” these days, but we’re saying it anyway. Continue reading Elementor WordPress plugin has a gaping security hole – update now→

Linux kernel patches “performance can be harmful” bug in video driver

Posted on February 1, 2022 by Paul Ducklin

This bug is fiendishly hard to exploit – but if you patch, it won’t be there to exploit at all. Continue reading Linux kernel patches “performance can be harmful” bug in video driver→

Website operator fined for using Google Fonts “the cloudy way”

Posted on January 31, 2022 by Paul Ducklin

Google Fonts are OK, it seems, but only if everyone keeps their own copy of the fonts they use. Continue reading Website operator fined for using Google Fonts “the cloudy way”→

Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!

Posted on January 28, 2022 by Paul Ducklin

Free home PCR devices would be technological marvels, and really useful, too. But there aren’t any… Continue reading Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!→