Paul Ducklin

United Kingdom

Contributor at Naked Security

Freelance Writer at Freelance

Duck is a passionate security proselytiser. (That's like an evangelist, but more so!)

Articles

What is 'Fast Flux', and why is the US government warning about it?

2 weeks ago | solcyber.com | Paul Ducklin |Charles P. Ho

Fast Flux considered harmfulThe news wires have been full of stories about a cyberthreat dubbed Fast Flux, a jargon term invented in the first decade of this century, when the technique was both new and unusual. The term has largely dropped out of common use in recent years, but now it’s back, with the same frisson of danger that it had when it was new.
Microsoft Patch Tuesday: What's all this about C:INETPUB?

2 weeks ago | solcyber.com | Paul Ducklin |Hwei Oh |John London

News wires abuzzNews wires are abuzz with stories that after you install this Tuesday’s Microsoft updates (the April 2025 Patch Tuesday security fixes), you end up with a weird directory (or folder, if you prefer), at the top level of the C: drive, called C:\INETPUB. If you’ve ever used Microsoft’s old-school web server IIS, short for Internet Information Services, you’ll recognize that directory name as the starting point for the web server’s files.
News in Brief: Patches from Apple fix privacy, code execution, lock screen bugs

4 weeks ago | solcyber.com | Paul Ducklin |Charles P. Ho |Hwei Oh

Updates in brief Apple’s latest round of updates are out, covering almost all supported products and operating system versions, including: macOS 13, 14 and 15 (respectively known as Ventura, Sonoma, and Sequoia) iPadOS 15, 16, 17 and 18 iOS 15, 16 and 18 The good news, in contrast to the recent emergency updates for macOS 15 and iOS 18 that came out three weeks ago, is that none of the listed bugs are tagged as zero-days, the name given to security holes that are found and exploited by...
News in Brief: 23andMe files for bankruptcy

1 month ago | solcyber.com | Paul Ducklin |Hwei Oh

Buyers wantedControversial DNA analytics company 23andMe, which gets its name from the fact that most people have 23 pairs of DNA-carrying chromosomes in their cells, is going bust. At its peak valuation just over four years ago, the company’s shares traded at about $320, but it’s been largely downhill from there, with shares listed today for less than a dollar each.
Credit card scams in the age of mobile phones (Part 2 of 2)

1 month ago | solcyber.com | Paul Ducklin |Hwei Oh

In the beginningIn 🔗 Part 1, we dug into the history of payment card fraud, right back to when credit card payments were done by hand in one of those zip-zap machines that actually imprinted the card’s data onto two carbon-paper payment slips, one for the customer and the other for the merchant.
How it works, and why it breaks

2 months ago | solcyber.com | Paul Ducklin |Charles P. Ho |Hwei Oh

Encryption at restEncryption has been an important part of our digital lives for many years now. All Apple iPhones, for instance, and most Android devices, are shipped with what’s known in the trade as FDE, short for full-disk encryption, already activated. The idea is simple and useful: anything, or more precisely almost anything, that you write to your device gets automatically encrypted on the way from the operating system to storage, and decrypted when it’s read back in.
What's in a name? How attacks and attackers get their tags (Part 2 of 2)

2 months ago | solcyber.com | Paul Ducklin |Scott McCrady

The trouble with namesIn 🔗 Part 1, we looked into two issues: how individual threats such as brand new malware strains get named, and how the terminology for various classes of cyberattack come about. Sometimes, threat names for malware – itself a very handy and self-descriptive name, neatly compressing the concept of malicious software into one word – provide at least some useful information about the threat itself.
WhatsApp zero-click zero-day attack: What to do?

2 months ago | solcyber.com | Paul Ducklin |David Emerson

This article was originally published here:https://pducklin.com/2025/02/03/whatsapp-zero-click-zero-day-what-to-do/0-click, 0-day, Oh dearWhatsApp owner Meta has apparently confirmed that a zero-day bug in the app has been exploited to compromise the phones of about 90 journalists. Zero-day bugs are security holes for which no security fix was available when the attack started, so that even the most diligent users and sysadmins could not have patched in advance.
What's in a name? How attacks and attackers get their tags.

2 months ago | solcyber.com | Paul Ducklin |Hwei Oh

A rose by any other nameThreat naming has been a troublesome issue since the very early days of hackers and malware. Not, perhaps, so troublesome that it has caused any sort of long-term crisis in threat research and threat response, but tricky enough that it has sometimes got in our way. And anything that buys cybercriminals even the tiniest bit of extra time, or amplifies their attacks even modestly, is worth thinking about.
Is it 'Pig Butchering' or 'Romance Baiting'?

Jan 22, 2025 | solcyber.com | Paul Ducklin |Hwei Oh |Charles P. Ho

What’s in a name? The digital cyber-vandals who churned out the first computer viruses liked to tag them with counter-cultural names that they could use for bragging rights. Sometimes, those names took hold because they were memorable, or because they were unavoidably woven into the visual fabric of the malware.