Researchers have revealed how malicious Thunderbolt and PCI Express (PCIe) peripherals could be used to compromise computers running macOS, Windows, Linux and FreeBSD.
US House and Senate debate new data privacy law
A steady stream of hair-raising revelations about the treatment of users’ data by Facebook, et al. is pushing Congress to do *something.*
US pushed Russian troll factory offline during US midterm elections
The US blocked internet access to Russian trolls who, they say, were trying to spread FUD.
Ep.021 – Leaked calls, a social media virus and passwords exposed [PODCAST]
Here’s the latest Naked Security podcast – enjoy!
Nvidia patches eight security flaws in graphics products
Chip maker Nvidia has released a security update, fixing eight CVE flaws in its Windows and Linux graphics display drivers.
Researchers break e-signatures in 22 common PDF viewers
Researchers have discovered a flaw in some PDF document viewers that allows new content to be added to documents without breaking the electronic signatures.
Police bust their own radio shop manager for dodgy software updates
Police allege that he updated radios with fraudulent software from a radio enthusiast who allegedly hacked encrypted radios for drug cartels.
Millions of utilities customers’ passwords stored in plain text
Plain-text, unencrypted passwords were sent instead of having users reset them. There was no breach, the firm claims, but how would it know?
Mozilla fears encryption law could turn its employees into insider threats
Mozilla has told the Australian government that its anti-encryption laws could turn its own employees into insider threats.
ICANN demands DNSSEC to combat DNS hijacking
DNS security is under serious threat from cyberattackers and domain overseer ICANN wants internet companies to do something about it.