Skip to content

Putting the X in X-Ops – Naked Security

The concept of “Ops” teams has evolved over time, starting with DevOps, then moving to SecOps, and finally to DevSecOps. In a recent podcast episode on Naked Security, Paul Ducklin interviews Matt Holdcroft, a cybersecurity expert at Sophos, about the importance of getting these teams to work together and prioritize cybersecurity. Holdcroft’s journey in the… 

What was Steve Jobs’s first job? – Naked Security

DOUG.  …it also involved a multitude of other cybercrimes. This individual, a 22-year-old from the UK, was involved in SIM swapping attacks, where he would manipulate mobile phone carriers to transfer victims’ phone numbers to his control. With access to their phone numbers, he would then take over their online accounts, including social media, email, and… 

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own – Naked Security

Australian Prime Minister Anthony Albanese has advised people to turn off their mobile phones for five minutes every day as a cybersecurity measure. While it is unclear why the PM suggests this precise timing, it is speculated that turning off phones at night for five minutes can stop any spyware that may be running in… 

Beware bad passwords as attackers co-opt Linux servers into cybercrime – Naked Security

Researchers at AhnLab, a Korean anti-malware business, have warned of an old-school cyber-attack where cybercriminals guess their way into Linux shell servers and use them as jumping-off points for further attacks. This attack not only costs money through unexpected electricity bills, but also tarnishes the reputation of the victim by leaving investigative fingers from downstream… 

Are password rules like running through rain? – Naked Security

The Naked Security podcast, hosted by Doug Aamoth and Paul Ducklin, covers a range of topics related to cybersecurity. The most recent episode started with a discussion of the history of core memory, which was invented by Jay Forrester at MIT in 1949. The technology, which uses tiny magnetic cores to store data, was popular… 

Gozi banking malware “IT chief” finally jailed after more than 10 years – Naked Security

The Gozi Troika, a group of cybercriminals, have finally been brought to justice after a long and winding road of arrests and convictions. The three men were originally charged in 2013 for malware-related crimes that began in the late 2000s. Mihai Ionut Paunescu of Romania, Deniss Čalovskis of Latvia, and Nikita Kuzmin of Russia were… 

PyPI open-source code repository deals with manic malware maelstrom – Naked Security

Public source code repositories, such as Sourceforge, GitHub, and PyPI, are a great resource for free operating systems, applications, programming libraries, and developers’ toolkits. They can save time and provide access to other people’s expertise. However, they also come with cybersecurity challenges, such as popular packages suddenly vanishing, packages being actively hijacked for evil purposes,… 

Apple takes “tight-lipped” to a whole new level – Naked Security

The Naked Security podcast recently discussed the issue of passwords, botnets, and malware on Macs. The podcast is hosted by Doug Aamoth and Paul Ducklin, who discuss various cybersecurity topics. The podcast began with a segment on This Week in Tech History and discussed the release of BASIC, a popular programming language. The hosts then… 

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram – Naked Security

A data-stealing-as-a-service toolkit called Atomic macOS Stealer (AMOS) has been found being advertised on an underground Telegram channel. This toolkit was specifically built to target Mac users and can steal passwords, files, comprehensive system information, and secret data from eight different browsers and dozens of cryptowallets. The malware comes with an online AMOS cloud portal…