OpenSSL fixes High Severity data-stealing bug – patch now!

7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...

21h

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!

1d

Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary about the "war on crypto" as we talk to him about his new book...

2d

Finnish psychotherapy extortion suspect arrested in France

Company transcribed ultra-personal conversations, didn't secure them. Criminal stole them, then extorted thousands of vulnerable patients.

2d

OpenSSH fixes double-free memory bug that’s pokable over the network

It's a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code...

5d

S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

Latest episode - listen now!

6d

Password-stealing “vulnerability” reported in KeePass – bug or feature?

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?

1w

GitHub code-signing certificates stolen (but will be revoked this week)

There was a breach, so the bad news isn't great, but the good news isn't too bad...

2w

Serious Security: The Samba logon bug caused by outdated crypto

Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!

2w

Hive ransomware servers shut down at last, says FBI

Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...

2w