Articles by Paul Ducklin
Anatomy of a change - Google announces it will double its SSL key sizes
Google just announced that its secure web pages will be ditching 1024-bit RSA keys in favour of 2048 bits.
We look at the lessons to be learned from whats, the whys and the wherefores of this change...
Patching your business, Yahoo breach, Google Glass, DDoS-for-hire - 60 Sec Security [VIDEO]
Our 60 Second Security videos are back!
We're aiming for a weekly roundup that's quick, fun and useful.
But there is a serious side: security anecdotes to use in your own "elevator advocacy."
Sophos RED scoops "Protector Award" at this year's AusCERT conference
We're proud to say that at this evening's 2013 Information Security awards at the AusCERT conference in Australia, Sophos scooped the "Protector Award" with its Sophos RED product.
Paul Ducklin says, "Well done" to the techies behind the technology...
Three wireless security myths - busted! [VIDEO]
Last year Sophos looked at Wi-Fi security in London and Sydney and the results weren't fantastic.
So we thought it was time to make a short revision video, just in time for 2013 Cyber Security Awareness Week in New Zealand.
SSCC 109 - Laptop theft, money mules, LulzSec, Microsoft and more [PODCAST]
Episode #109 of our popular Chet Chat podcast series is out.
Chet and Duck are back with their almost entirely reverent opinions on the latest computer security issues.
AusSHIRT 2013 - the #sophospuzzle instructions in full
The AusCERT 2013 conference has started, so the AusSHIRT 2013 #sophospuzzle is officially live.
See if you can transform the code on the T-shirt and win a prize!
(You don't have to be at the conference to enter.)
Inside the "PlugX" malware with SophosLabs - a fascinating journey into a malware factory...
Join SophosLabs Principal Researcher Gabor Szappanos as he takes you on a fascinating journey into the latest "product" from the PlugX malware factory.
Get ready for the next #sophospuzzle - coming soon to a T-shirt near you
It's almost time for the annual AusCERT conference in Queensland, Australia.
And for everyone who's asked, the answer is, "Yes! There's a #sophospuzzle!"
No, you don't have to be there to join in...
And the winner of the World War Two steganography competition is...
Last week, we ran a competition around a steganographic code that was used by the British during the Second Word War.
Take a secret military message, and wrap it up into a believable "letter home"... it's harder than it sounds!
Mozilla pushes out new Firefox and Thunderbird: 8 security advisories, 3 critical fixes
Not to be outdone by Microsoft and Adobe's Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today.
There are no bated-breath patches for in-the-wild exploits, but 3 of the 8 security fixes are deemed "critical".
Bloomberg accused of "snooping" on customers for journalistic gain
A brouhaha is brewing after claims late last week that financial media giant Bloomberg had been using its proprietary data terminals to snoop on its customers.
Intriguingly, the Bloomberg fuss is as much about what you *didn't* say or search for as what you did...
Is your laptop still unencrypted? Perhaps 7 seconds of CCTV might change your mind...
Here's a video that might make you think twice about taking your laptop out into the world unencrypted.
This is "data theft" in the most literal sense...
May Patch Tuesday coming up - Microsoft still not sure if latest 0-day fix will make the cut
Microsoft's Patch Tuesday for May 2013 will be published in the coming week.
Paul Ducklin points out what to prepare for...
An unholy alliance - Fake Anti-Virus, meet Bogus Support Call!
What happens when a scammer decides to marry fake anti-virus and bogus support calls?
Paul Ducklin has a bit of a weekend chuckle at the result...
"Casher crew" from global $45m cyberheist busted in New York - 1 dead, 7 face trial
When you think of cybercrime, you probably imagine a hacker sitting far from his victims, breaking in digitally from a distance.
But when it comes to cashing out the proceeds of your crime, it's a question of "Go where the money is...and go there often."
Snapchat images that have "disappeared forever" stay right on your phone...
Snapchat claims to let you share even "ugly selfies" because once they're viewed they "disappear forever."
US-based computer forensics geek Richard Hickman thought he'd find out how true that claim was...
Microsoft rushes out CVE-2013-1347 "Fix it" for the latest Internet Explorer zero-day
The recent and widely reported US Dept of Labor website hack turned out to be a zero-day exploit against IE.
Good news! Microsoft just published an emergency "Fix it" patch against the vulnerability...
Name.com suffers breach, credit card data accessed, encryption in place (phew!)
Domain registrar and web hosting company Name.com, part of the Demand Media group, has suffered a data breach.
Crooks have apparently made off with data up to and including credit card numbers...but it sounds as though everything was encrypted, which is a silver lining.
SSCC 108 - WW2 crypto, Bitcoin mining, internet cameras, password breaches [PODCAST]
Chester calls home from Interop in Las Vegas to record the latest episode of the Sophos Security Chet Chat.
Join Chester and guest Paul Ducklin in their regular quarter-hour podcast as they laugh about (and lament) the latest goings-on in the world of computer security.
British cryptographic hacking from WW2 - how well would *you* have done?
If you were taken prisoner and wanted to send messages home under your captors' noses, what would you do?
Find out how a Royal Navy officer did just that during WW2, and have a go yourself at hiding a secret message in an innocent-sounding letter home!
