Smart devices: using them safely in your home
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
Pages and Links
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
<div>Risk appetites; what are they, what’s their purpose, how do organisations go about defining them?</div>
<div>Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.</div>
<div>Why I'm trying desperately to stop saying 'it depends' when it comes to simple cyber security questions...</div>
<div>The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.</div>
<div>Andy P explains how the NCSC rolls out software updates without delays.</div>
<div>An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.</div>
<div>Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.</div>
<div>How setting up 2SV can help protect your online accounts, even if your password is stolen.</div>
<div>Highlighting guidance which will help you secure your servers</div>
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:British retail stalwart Marks & Spencer gets cyberedSouth Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymatIt’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backupsJuice jacking! No, really! Some researchers actually did it (so still not in the wild, then)Anti-DOGE whistleblower sure sounds like he has a po
Security leaders today face a harsh reality: traditional vulnerability management isn’t enough. Threat actors are evolving, attack surfaces are expanding, and organizations need a more proactive approach to stay ahead of risk. Latest research from Gartner, How to Grow Vulnerability Management Into Exposure Management, highlights the need for security teams to move beyond simply tracking vulnerabilities and embrace a more comprehensive approach to exposure management.At Rapid7, we are excited to
.png)
Control characters like SOH, STX, EOT and EOT were never meant to run your code - but in the world of modern terminal emulators, they sometimes do. In this post, I'll dive into the forgotten mechanics
The Human Algorithm is an immersive fever dream exploring the impact of artificial intelligence on human behaviour and cognition, and the more than human world. Maximalist in style, it’s crafted with digital and generative AI tools, weaving its narrative through text sampling that mirrors the learned intelligence and borrowed poetics of large language models. Digital approximations of contemporary philosophers, scientists, and theorists appear as interview subjects, their voices and likenesses c
British supermarket chain Co-op Food has confirmed to BleepingComputer via a statement that it has suffered limited operational disruption as it responds to a cyberattack. [...]
Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. [...]
Microsoft has confirmed that Windows 11 24H2 feature updates via Windows Server Update Services (WSUS) are being blocked after installing the April 2025 security updates. [...]
As AI brings about excitement and transformative potential, the report reveals that organizations are forging ahead with innovations despite increased security concerns, according to LevelBlue’s 2025 Futures Report. In fact, just 29% of executives surveyed say they are reluctant to implement AI tools and technologies because of cybersecurity ramifications. AI-powered threats Organizations expect AI-powered attacks, such as deepfakes and synthetic identity attacks, to rise in 2025, but many
More Scans for SMS Gateways and APIs Attackers are not just looking for SMS Gateways like the scans we reported on last week, but they are also actively scanning for other ways to use APIs and add on tools to send messages using other people s credentials.https://isc.sans.edu/diary/More%20Scans%20for%20SMS%20Gateways%20and%20APIs/31902AirBorne: AirPlay Vulnerabilities Researchers at Oligo revealed over 20 weaknesses they found in Apple s implementation of the AirPlay protocol. These vulnerabilit
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SAP NetWeaver flaw, tracked as CVE-2025-31324, to its Known Exploited Vulnerabilities (KEV) catalog.Last week, researchers warned that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-f