Monthly Archives: March 2011
The second and third most popular browsers on the internet now support an enhanced security feature called HSTS. Read on to learn what HSTS is and how it provides an additional layer of security.
When Apple released their most recent patch for OS X, 10.6.7, they slipped in a little extra feature. This time they have updated XProtect, their basic anti-virus component, to detect one more unwanted Mac application.
A "serious cyber attack", similar to those we saw against France's finance ministry earlier this month, has hit the EU Commission and European External Action Service (EEAS).
If you got a call from a legitimate security source informing you that your website was infected, would you take action? I certainly would, which is why I am rather frustrated when we take time to reach out to an organisation about a web infection, and they deliberately choose to do nothing about it.
One week after the much publicized Rustock botnet command and control take down, and subsequent drop in spam volumes, SophosLabs can confirm Rustock has not come back from the dead.
Today, Microsoft issued a Security Advisory warning that fraudulent digital certificates were issued by the Comodo Certificate Authority. This could allow malicious spoofing of high profile websites, including Google, Yahoo! and Windows Live.
Nipping at the heels of Microsoft's Internet Explorer 9.0 launch just last week, we now welcome Mozilla's Firefox 4.0 into the fold. The new browser packs in a number of new features to improve browsing, security, and the ability to sync bookmarks, passwords and browsing history between computers and devices.
Adobe have just released an out-of-cycle patch to address a critical vulnerability (CVE-2011-0609) in Adobe Reader and Acrobat for Windows and Mac. Naked Security recommends that all users update now.
Theft of virtual currency has increased since many virtual items can be sold for real money. Learn more about how online gaming companies are trying to protect your virtual "ass"ets.
Yesterday, I had the pleasure of being invited to lecture Masters' students from the University of Birmingham as part of the Network Security module. The University has its very own train station, so my journey from Oxford was very smooth. Read more…
Large online retailer Play.com has emailed its customers yesterday admitting to a security breach in its marketing communications. Names and emails may have been compromised. Play.com claims the breach happened outside its walls, so presumably they use a third party marketing consultancy to manage part or all of its marketing activities.
This week's Chet Chat discusses the recent breach of RSA Security, advice from RIM on securing your BlackBerries post Pwn2Own and Google's speedy security updates to their Chrome web browser. Settle in for 10 minutes and keep up on the latest security news,
Apple has released version 10.6.7 of their OS X operating system for Macintosh computers. This update includes many security fixes, so if you are a Mac user, update now!
At last week's CanSecWest security conference in Vancouver Canada researchers showed methods they could use to compromise chip and PIN credit cards. Is backward compatibility creating security holes that reduce the security of your card?
Google has been fined €100,000 for using unauthorised data captured from unencrypted WiFi networks, according to French authority CNIL. The data captured is reported to include sensitive information such as usernames, passwords and even email exchanges revealing sensitive information about sexual orientation or health.
According to Bank Info Security, testimony on the major security breaches of the last 15 months was given before the House Homeland Security Committee by James Lewis, senior fellow at the CSIS.