Author Archives: Paul Ducklin

Gamers update! Nvidia patches GPU driver kernel escalation bugs

Posted on April 28, 2021 by Paul Ducklin

Patch early, patch often. Here’s why it’s worth it. Continue reading Gamers update! Nvidia patches GPU driver kernel escalation bugs→

Ransomware: don’t expect a full recovery, however much you pay

Posted on April 27, 2021 by Paul Ducklin

Turns out the ransomware crooks aren’t that good at keeping their promises… Continue reading Ransomware: don’t expect a full recovery, however much you pay→

Naked Security Live – Just how (un)safe is AirDrop?

Posted on April 26, 2021 by Paul Ducklin

Here’s the latest Naked Security talk – watch now! Continue reading Naked Security Live – Just how (un)safe is AirDrop?→

Apple AirDrop has “significant privacy leak”, say German researchers

Posted on April 23, 2021 by Paul Ducklin

Researchers say they reported what they consider to be a privacy hole to Apple in 2019, but never heard back. They worked on a fix anyway. Continue reading Apple AirDrop has “significant privacy leak”, say German researchers→

Linux team in public bust-up over fake “patches” to introduce bugs

Posted on April 22, 2021 by Paul Ducklin

Embarrassed overreaction or righteous indignation? An academic research group has provoked the Linux crew to ban their whole university! Continue reading Linux team in public bust-up over fake “patches” to introduce bugs→

S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns [Podcast]

Posted on April 22, 2021 by Paul Ducklin

Latest episode – listen now! Continue reading S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns [Podcast]→

When cryptography attacks – how TLS helps malware hide in plain sight

Posted on April 21, 2021 by Paul Ducklin

No IT technology feels quite as much of a double-edged sword as encryption. Continue reading When cryptography attacks – how TLS helps malware hide in plain sight→

Firefox 88 patches bugs and kills off a sneaky JavaScript tracking trick

Posted on April 20, 2021 by Paul Ducklin

What’s in a window name? Turns out that it could be a sneaky tracking code, so Firefox has put a stop to that. Continue reading Firefox 88 patches bugs and kills off a sneaky JavaScript tracking trick→

Naked Security Live – To hack or not to hack?

Posted on April 19, 2021 by Paul Ducklin

Latest video – watch now! We look at the recent FBI “webshell hacking” controversy from both sides. Continue reading Naked Security Live – To hack or not to hack?→

Serious Security: Rowhammer is back, but now it’s called SMASH

Posted on April 19, 2021 by Paul Ducklin

Simply put: reading from RAM in your program could write to RAM in someone else’s Continue reading Serious Security: Rowhammer is back, but now it’s called SMASH→