We already know that Android handset makers don’t always deliver security updates in a timely way – Google has only recently started issuing regular security updates for its own Nexus devices. But the number of unsecure Android devices out there is truly astonishing, according to research from the UK’s University of Cambridge – 87% of...

Beleaguered taxi firm Uber has accidentally revealed the personal data of hundreds of its drivers, exposing names, social security numbers, pictures of drivers licenses, tax forms and other sensitive information. Initially spotted by one of its drivers on Tuesday evening, the leak was reported on a dedicated Uber message board as well as the far...

Nothing like the padlock icon showing in your browser window to put your mind at ease, eh? After all, that lock signifies that the site has a Transport Layer Security (TLS) certificate (TLS being the successor to Secure Sockets Layer, or SSL; it’s also referred to as SSL/TLS). The certificate authorities (CAs) that give out...

Nobody’s saying that adblockers cooked up for the newly adblocker-amenable iOS 9 Safari browser were monitoring encrypted traffic, including, say, bank login details or private emails. But they could, given that some of those apps installed root certificates that allowed them to carry out deep packet inspection in order to filter out ads. Given the...

Thanks to security researchers Charlie Miller and Chris Valasek, we already know that late-model cars are vulnerable to cyberattacks that can range from the annoying – say, an uncontrollably blasting horn – to the potentially lethal: slamming on a Prius’s brakes at high speeds, killing power steering with commands sent from a laptop, spoofing GPS,...

You’ve read the stories; the lurid tales of homes laid bare by unsecured baby monitors, smart TVs and unintentional backdoors; the kids with apps that lied; the social media scams; the crummy passwords… You saw them and you knew that somebody had to do something. You did something. You joined the legion of the unsung...

If you’re in the USA, it’s officially National Cyber Security Awareness Month, starting today, October 1, 2015. Here on Naked Security, we’ll refer to it more loosely just as CSAM, in the hope that Naked Security readers all over the world will join in. Of course, CSAM isn’t an invitation to take cybersecurity more seriously...

Given that I’m a sucker for online quizzes, I’m aware of the fact that when I’m angry, the villain I most resemble is Voldemort. I also know that if an artist were to promise me a novelty passport that features my machine-drawn portrait, replete with my name and an official-looking red stamp just like a...

Passwords? On Post-its? How retro! How circa Prince Williams! You’d think we’d all know better, particularly after such memorable incidents as when passwords were left on sticky notes glued in the background during a TV interview – an interview concerning a cyber-attack, of course – broadcast live on the French TV channel TV5 Monde this...

This week sees the 25th Virus Bulletin conference, which takes place in Prague from 30 September to 2 October. We spoke to Virus Bulletin’s editor, Martijn Grooten, about how threats have changed over the last 25 years. My colleagues and I have been very busy preparing for this week’s 25th annual Virus Bulletin International Conference, but on the occasion...