News aggregator

Just in time… Cybersecurity experts this week fighting over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification just because APT on Linux also does the same. Just today, a security researcher revealed details of a critical remote code execution flaw in Linux APT, exploitation of which could have been mitigated if the

A researcher has found that websites can use some extensions to bypass security policies, execute code, and even install other extensions.

Location data extracted from the athletic hitman's Garmin GPS watch and TomTom sat nav led to his conviction in two gangland murders.

WhatsApp has capped the number of people you can forward messages to, after India was seized by rumour-inspired mob lynchings.

The Democratic National Committee has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018.

The French data protection watchdog CNIL has issued its first fine of €50 million (around $57 million) under the European Union's new General Data Protection Regulation (GDPR) law that came into force in May last year. The fine has been levied on Google for "lack of transparency, inadequate information and lack of valid consent regarding the ads personalization," the CNIL (National Data

Since most security tools also keep an eye on the network traffic to detect malicious IP addresses, attackers are increasingly adopting infrastructure of legitimate services in their attacks to hide their malicious activities. Cybersecurity researchers have now spotted a new malware attack campaign linked to the notorious DarkHydrus APT group that uses Google Drive as its command-and-control (

Get a grip.

The latest privacy glitch, which went unnoticed for over four years, may trigger yet another EU privacy probe.

A Chilean Senator has taken to Twitter with alarming news – the company running the country’s ATM network suffered a serious cyberattack.

Oklahoma’s Department of Securities (ODS) exposed 3TB of files in plain text containing sensitive data on the public internet this month.

The Apple CEO wants the FTC to set up a data-broker clearinghouse so people can see the data that companies have collected on them.

From WhatsApps that aren't meant for you to the highly promising USB-C authentication, and everything in between. It's weekly roundup time.

A Russian hacker indicted by a United States court for his involvement in online ad fraud schemes that defrauded multiple American companies out of tens of millions of dollars pleaded not guilty on Friday in a courtroom in Brooklyn, New York. Aleksandr Zhukov, 38, was arrested in November last year by Bulgarian authorities after the U.S. issued an international warrant against him, and was

Here's a fascinating history of cryptography that has plenty to teach you - and you don't need a degree in mathematics to follow along!

Have I Been Pwned? (HIBP) has revealed a huge cache of breached email addresses and passwords, which it has named Collection #1.

Android apps that want access to your call and SMS data now have to pass muster with Google's team of reviewers.

...or that they can edit the (often inaccurate) pigeon-holes Facebook likes to put us in, a study found.

Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research team, infecting thousands of Android users who have

Here's the latest Naked Security podcast - enjoy!