Author Archives: Paul Ducklin

Megaupload duo will go to prison at last, but Kim Dotcom fights on…

Posted on June 19, 2023 by Paul Ducklin

One, sadly, has died, and two are heading to prison, but for Kim Dotcom, the saga goes on… Continue reading Megaupload duo will go to prison at last, but Kim Dotcom fights on…→

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Posted on June 15, 2023 by Paul Ducklin

Twice more unto the breach… patch being tested, in the meantime, shut down web access. Continue reading MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”→

S3 Ep139: Are password rules like running through rain?

Posted on June 15, 2023 by Paul Ducklin

Latest episode – listen now! (Full transcript inside.) Continue reading S3 Ep139: Are password rules like running through rain?→

Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes

Posted on June 13, 2023 by Paul Ducklin

No zero-days this month, if you ignore the Edge RCE hole patched last week Continue reading Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes→

Gozi banking malware “IT chief” finally jailed after more than 10 years

Posted on June 13, 2023 by Paul Ducklin

Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end… Continue reading Gozi banking malware “IT chief” finally jailed after more than 10 years→

More MOVEit mitigations: new patches published for further protection

Posted on June 9, 2023 by Paul Ducklin

Good news… more patches, this time available proactively Continue reading More MOVEit mitigations: new patches published for further protection→

Thoughts on scheduled password changes (don’t call them rotations!)

Posted on June 9, 2023 by Paul Ducklin

Does swapping your password regularly make it a better password? Continue reading Thoughts on scheduled password changes (don’t call them rotations!)→

S3 Ep138: I like to MOVEit, MOVEit

Posted on June 8, 2023 by Paul Ducklin

Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available…) Continue reading S3 Ep138: I like to MOVEit, MOVEit→

Firefox 114 is out: No 0-days, but one fascinating “teachable moment” bug

Posted on June 7, 2023 by Paul Ducklin

With the right (or wrong, if you’re on the right side of the fence) timing… Continue reading Firefox 114 is out: No 0-days, but one fascinating “teachable moment” bug→

Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now

Posted on June 6, 2023 by Paul Ducklin

Chrome 0-day patched now, Edge patch coming soon. Continue reading Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now→