Clik here to view.
SSCC 112 - Keyjacking, Facebook and Opera breaches, Apple's WPA passwords...
Here you are! Episode #112 of the Sophos Security Chet Chat podcast. News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular...
View ArticleClik here to view.
Google's $6m SMS spam suit nearing payout time
A class action lawsuit brought against Google for mass SMS spamming is drawing to a close, with a final hearing last week upholding the $6 million compensation fund agreed a year ago.
View ArticleClik here to view.
Cryptocat 'encrypted' group chats may have been crackable for 7 months
The Cryptocat project is apologizing and urging users to update immediately. Founder and developer Nadim Kobeissi took to a live stream to address questions from a show in Germany. Lias Vaas...
View ArticleClik here to view.
Keyjacking, Ubisoft data breach, Apple QuickTime holes - 60 Sec Security [VIDEO]
Here's the first 60 Second Security video of July, looking into some of the intriguing and interesting security stories of the past week. Neatly compressed into a minute of video, why not give it a whirl?
View ArticleClik here to view.
Branch office security in the spotlight...
The ideal solution for branch offices is some kind of VPN, or virtual private network. But setting up a VPN in the first place creates something of a paradox: how do you securely set up a branch office...
View ArticleClik here to view.
Far-reaching fixes for Patch Tuesday - Server Core 2012, IE 10, Lync 2013 all...
Six out of Microsoft's seven pre-announced Patch Tuesday updates are deemed critical. Even Server Core 2012 will need patching and rebooting...
View ArticleClik here to view.
Monday review - the hot 16 stories of the week
Catch up with everything we've written in the last seven days - it's weekly roundup time.
View ArticleClik here to view.
Facebook post results in prison for trash-talking teen
Subsequent "LOL" and J/K" messages apparently didn't mitigate the alarm caused by then-18-year-old Justin Carter's post about blowing up a kindergarten.
View ArticleClik here to view.
Who is SophosLabs: Joanne Garvey, Threat Researcher
In the second post in our ‘Who is SophosLabs’ series, threat researcher Joanne Garvey reveals how she protects her information online, why she has no time for hobbies, and her fascination with chaos...
View ArticleClik here to view.
Anatomy of a pseudorandom number generator - visualising Cryptocat's buggy PRNG
Paul Ducklin digs into one of the cryptographic flaws recently found in Cryptocat, a secure messaging application. Don't worry if you aren't a statistician or a computer scientist...Duck doesn't get...
View ArticleClik here to view.
Some US states strengthen data breach notification laws, others ignore them
Vermont and North Dakota have recently bolstered their data breach notification laws to cover more organizations and additional types of personal information. Meanwhile Michigan lost 49,000 people's...
View ArticleClik here to view.
Nintendo cracks after month-long, 15.5 million-strong hacker bombardment
Out of that splatter, 24,000 bogus login tries struck the jackpot, exposing names, addresses, phone numbers and other personal details of corresponding Club Nintendo customers.
View ArticleClik here to view.
July 2013 Patch Tuesday – Windows, IE, Flash, Shockwave and ColdFusion
Microsoft fixed 34 vulnerabilities in products ranging from Windows, Internet Explorer and .NET to Lync, Visual Studio and Silverlight. Not to be left behind, Adobe launched fixes for Flash, Shockwave...
View ArticleClik here to view.
“Catch me if you can” – Twitter-taunter and wanted fraudster nabbed in Mexico
Wanda Lee Ann Podgurski, who was convicted of insurance and disability fraud, was captured in Mexico after tweeting 'Catch me if you can.' I guess she never read about how law enforcement often don't...
View ArticleClik here to view.
Did brainless flaw in US Emergency Alert System lead to epic zombie attack...
Emergency broadcast systems come packed with vulnerabilities, the most severe of which is the public disclosure of the default private root SSH key, a security firm has disclosed. Such flaws well may...
View ArticleClik here to view.
Anatomy of a security hole - Google's "Android Master Key" debacle explained
This month's "computer security elephant in the room" story is the news of a gaping security hole in Android application security. Paul Ducklin gives you a visual explanation of what the problem is all...
View ArticleClik here to view.
WhatsApp users, ignore messages from 'Priyanka' - it's a worm
What's up with WhatsApp? A worm is changing contact group names to "Priyanka" as it crawls through, and sometimes renames all contact names in worst-case scenarios.
View ArticleClik here to view.
'Virtual Lolita' bot imitates a schoolgirl to trap chatroom paedophiles
The robot uses the advanced decision-making techniques of game theory to string along subjects to determine whether they're hanging out in chatrooms to prey on children.
View ArticleClik here to view.
Microsoft to pay first bug bounty for Internet Explorer hole
So far, so good with the new program, says Microsoft security expert Katie Moussouris. They're getting more bugs earlier and hearing from researchers who've never rung them before.
View ArticleClik here to view.
Practical IT: How to plan against threats to your business
How can you make sure your business is proactively protecting against threats? Ross McKerchar takes a look...
View Article