Paul Ducklin on Muck Rack

Paul Ducklin

United Kingdom
As seen in: Naked Security, TechRadar, Sophos, The Australian, The Standard (Kenya), ZDNet.de, FT Sri Lanka, CXOtoday, Global Security Mag (France), Silicon.de, APN News and
Duck is a passionate security proselytiser. (That's like an evangelist, but more so!)
Is this you? As a journalist, you can create a free Muck Rack account to customize your profile, list your contact preferences, and upload a portfolio of your best work. Claim your profile

Get in touch with Paul

Contact Paul, search articles and posts on X, monitor coverage, and track replies from one place.

Learn more about Muck Rack

Actions

Share this page

Is this you?

As a journalist, you can create a free Muck Rack account to customize your profile, list your contact preferences, and upload a portfolio of your best work.
Claim your profile

Articles

BitLocker, Defender, zero-days, and bragging rights: More MS nightmares

|
By Paul Ducklin
| solcyber.com
Zero-days and bragging rights Microsoft-hating cybersecurity hacker and researcher Nightmare Eclipse is back with more zero-days, the jargon term for security bugs that are known and documented before any patches are available. That term comes from the 20th-century world of computer game cracking, when avid gamers competed to crack and pirate the latest game releases as soon as possible after they came out, often as much for bragging rights as to help their chums play the game without paying.
Open in Who Shared Issue with article?

Netlogon bug threatens Windows domain controllers: A rational review of the risk

|
By Paul Ducklin
| solcyber.com
More Windows wobbliness Another week, another Windows security hole that’s turning up all over the news and social media. This one is CVE-2026-41089, a stack-based buffer overflow vulnerability officially headlined by Microsoft itself as Windows Netlogon Remote Code Execution (RCE) Vulnerability. Microsoft gave it a CVSS (common vulnerability scoring system) rating of 9.8/10, tagged it as Critical, and, as the bug headline above makes clear, described it as a potential RCE.
Open in Who Shared Issue with article?

Microsoft versus Full Disclosure: The ongoing Nightmare Eclipse saga

|
By Paul Ducklin
| solcyber.com
Bug reporting rules Microsoft continues to experience a very public confrontation with a security researcher who refuses to play by Microsoft’s own bug reporting rules.
Open in Who Shared Issue with article?
See all 4,349 licensed articles (4,354 Total)
 •  Privacy  •  Terms  •  Security and Legal  •   •   •   • 

© 2026 Muck Rack

SOC 2® Certified