BWAIN – WindowsTechs.com

S3 Ep146: Tell us about that breach! (If you want to.)

Posted on August 3, 2023 by Paul Ducklin

Serious security stories explained clearly in plain English – listen now. (Full transcript available.) Continue reading S3 Ep146: Tell us about that breach! (If you want to.)→

S3 Ep145: Bugs With Impressive Names!

Posted on July 27, 2023 by Paul Ducklin

Fascinating fun (with a serious and educational side) – listen now! Full transcript available inside. Continue reading S3 Ep145: Bugs With Impressive Names!→

Patch now! SIGRED – the wormable hole in your Windows servers

Posted on July 15, 2020 by Paul Ducklin

The bug can definitely crash your Windows DNS servers, and it could end up being used for much worse than that. Please patch now! Continue reading Patch now! SIGRED – the wormable hole in your Windows servers→

Intel patches graphics drivers and offers new LVI flaw mitigations

Posted on March 12, 2020 by John E Dunn

Intel’s March security updates reached its customers this week and the dominant theme is the bundle of flaws affecting Graphics drivers. Continue reading Intel patches graphics drivers and offers new LVI flaw mitigations→

Intel promises fix after researchers reveal ‘CacheOut’ CPU flaws

Posted on January 29, 2020 by John E Dunn

Forget the infamous Meltdown and Spectre chip flaws from 2018, the problem that’s tying down Intel’s patching team these days is a more recent class of side channel vulnerabilities known collectively as ZombieLoad. Continue reading Intel promises fix after researchers reveal ‘CacheOut’ CPU flaws→

Plundervolt – stealing secrets by starving your computer of voltage

Posted on December 16, 2019 by Paul Ducklin

Turns out that if you drop your CPU voltage just enough, it makes mistakes that could let you sneak in where you shouldn’t. Continue reading Plundervolt – stealing secrets by starving your computer of voltage→

The Zip Slip vulnerability – what you need to know

Posted on June 6, 2018 by Mark Stockley

Research by security firm Snyk has revealed that thousands of projects may be affected by a serious vulnerability, one so simple you’ll need to put a cushion on your desk before you read any further (in case of involuntary headdesk injury). … Continue reading The Zip Slip vulnerability – what you need to know→

Hole in Tor causes TorMoil, update now

Posted on November 6, 2017 by Paul Ducklin

A bug could let crooks trick you into revealing your IP number Continue reading Hole in Tor causes TorMoil, update now→

“Orpheus’ Lyre” – where it came from, and what to do [VIDEO]

Posted on July 20, 2017 by Naked Security writer

From how the “Orpheus’ Lyre” bug got its weird name all the way to what we can learn from it. No jargon, just plain English. Enjoy… Continue reading “Orpheus’ Lyre” – where it came from, and what to do [VIDEO]→

Psssst! Want to get paid to use 2FA? [Chet Chat Podcast 247]

Posted on July 24, 2016 by Paul Ducklin

Security experts John Shier and Paul Ducklin team up for the latest episode of our weekly podcast. Enjoy! Continue reading Psssst! Want to get paid to use 2FA? [Chet Chat Podcast 247]→