September 12, 2023

A 59-CVE Patch Tuesday with something for nearly everyone

A wide-ranging month includes four patches you may have applied in August, as well an item of particular end-user interest

Threat Research

February 14, 2023

A diverse set of fixes in February’s Patch Tuesday release

Patches for Power BI, PEAP, PostScript, Exchange, and 3D Builder

Threat Research

November 09, 2022

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?

Naked Security

October 10, 2022

Serious Security: OAuth 2 and why Microsoft is finally forcing you into it

Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it.

Naked Security

October 06, 2022

S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]

Latest episode - listen and learn now (or read and revise, if the written word is your thing)...

Naked Security

October 01, 2022

S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text]

Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...

Naked Security

September 30, 2022

URGENT! Microsoft Exchange double zero-day – “like ProxyShell, only different”

Double-play 0-day in Exchange - what you need to know, and what you can do

Naked Security

November 25, 2021

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

Latest episode - listen now! Solid cybersecurity advice in plain English.

Naked Security

November 23, 2021

Check your patches – public exploit now out for critical Exchange bug

It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.

Naked Security