Articles by Paul Ducklin
It's once again time for our quarterly Spampionship charts.
We looked at the sending countries for all our spam in the first three months of 2014, and turned the figures into a League Table - the sort of league you *don't* want to win!
SSCC 143 - Heartbleed revisited, cybercrooks busted, failed malware cleanup censured by FTC [PODCAST]
From the latest Heartbleed revelations to various successes by law enforcement, Sophos experts Chester Wisniewski and Paul Ducklin take you through the big computer security stories of the week.
Be entertained as you learn from the news, all in our regular quarter-hour podcast format.
Oracle's quarterly Patch Tuesday updates are out.
Java gets 37 fixes, 35 of them what Oracle calls "Remote Exploit without Authentication".
The silver lining? No Heartbleed bug in Java Standard Edition...
The second annual European Security Blogger Awards are coming up soon, and we're up for a prize in two categories.
We'd love you to vote for us!
(This time you don't have to vote in every category.)
How hard is Heartbleed recovery? How hard does Google Play try to keep the garbage out? And how hard are you trying to get over XP?
60 Second Security has the answers in a short, fun security video.
Because of the global password reset pandemic caused by Heartbleed, lots of Naked Security readers have asked, "Wouldn't 2FA have helped?"
Paul Ducklin takes a look...
Chet and Duck explain what you can do about the big ticket security news items of the past week.
The epic "Heartbleed" bug in OpenSSL, the last patches ever for XP and Office 2003, and Apple's attitude to updates and support all come under the microscope.
We'd like to urge any of you who are thinking of sending out "heartbleed" password reset emails: *please avoid those login links*.
Help us to help everyone get geared up to avoid phishing attacks.
There is one important reason why you might not want to rush out and change all your passwords on all your services right this minute, and it's a sort-of Catch-22.
Paul Ducklin explains...
An information disclosure vulnerability has been found, and promptly patched, in OpenSSL.
Paul Ducklin takes a look at what went wrong in the code...
Don't get too excited.
If you're one of those XP users who thinks that Microsoft should support you forever, for nothing, this isn't for you.
But there *are* free Windows licences up for grabs.
The date's been in our diaries since 2007.
But even with seven years to prepare for it, you'll be forgiven for approaching the April 2014 Patch Tuesday with a bit of a lump in your throat.
How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?
Find out in 60 Second Security. the security news video that only takes a minute...
In all the excitement over the End of Windows XP and next Tuesday's Ultimate Update...
...we sort of forgot to write about Apple.
Here's the scoop on the lates OS X Safari browser update, patching 27 vulnerabilities.
When we write about spams and spammers, it's usually as part of a security warning.
But from time to time, we write about them simply because they've made us laugh.
This is one of those times...
A war of words that started out as a fairly stinging criticism of Amazon has mellowed out into praise for the cloud services behemoth.
It seems that Amazon is checking mobile apps for security risks, and heaping advice on developers who have wandered off the straight and narrow...
Chet and Duck get together once again to look at the week's news with their usual blend of humor, insight and informed intensity....
Take a listen to the latest episode of our weekly quarter-hour podcast!