Articles by Chester Wisniewski
With the holiday season approaching and lots of super good deals being offered around the American Thanksgiving holiday, retailers aren't the only ones looking to make a buck.
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
Researcher Vladimir Katalov explained how documents and backups stored in Apple's iCloud can be accessed bypassing Apple's two-factor authentication, even when enabled, last week at the Hack in the Box conference in Malaysia.
This special Chet Chat is an interview with Robert Slade, author and security expert, on what you can do for your friends and family to help them stay safer for National Cyber Security Awareness Month.
Oracle has released its quarterly software update fixing more than 100 security vulnerabilities in its products. Java is at risk from more than 50 flaws, so it is time to update immediately if you still use it.
In the third part of Sophos Security Chet Chat 118, Chet interviews Vanja Svajcer to explain the rise of potentially unwanted applications on Android, what they are and how we might deal with them.
More coverage from the Virus Bulletin 2013 Conference in Berlin, Germany. Today's topics include Android botnets, malware abusing legitimate applications and defining the types of apps we allow on our phones.
Chester Wisniewski writes to us from Virus Bulletin 2013 in Berlin, Germany to share the latest research on malicious documents, bot herders and foos ball.
Sophos has a larger than normal presense this week at the Virus Bulletin Conference in Berlin, Germany. Research presented includes bot nets, rootkits, Android and even techniques we can use to better protect others.
The Mozilla Foundation released Firefox, Thunderbird and SeaMonkey version 24.0, fixing 17 vulnerabilities.
Microsoft has published an out of band security advisory for users of Internet Explorer to warn about a new zero-day attack being used in the wild. IE users are advised to use Microsoft's Fix it or EMET tool to protect against exploitation until a permanent fix is released.
Oracle is about to release a new "feature" in its Java Runtime Environment (JRE) that allows enterprises (or anyone else) to turn off security features for backward compatibility.
As cloud services become more pervasive criminals continue to try and convince corporate users to surrender their identities.
Google Docs is the latest target, so look out!
The Syrian Electronic Army attacked an internet domain name provider today taking down for a short time the websites of The New York Times and Twitter for some users,
Microsoft has had to recall an update released yesterday for Exchange Server 2013. Nothing catastrophic, but a difficult balancing act for admins considering the fixed vulnerabilities were publicly disclosed.
Patch Tuesday for August 2013 includes three critical fixes and five important ones. The focus for this month is certainly the Internet Explorer cumulative patch which fixes 11 vulnerabilities and all versions, including 11 beta.
Microsoft fixed 34 vulnerabilities in products ranging from Windows, Internet Explorer and .NET to Lync, Visual Studio and Silverlight. Not to be left behind, Adobe launched fixes for Flash, Shockwave and Cold Fusion. Settle into your air-conditioned server rooms and start testing!