Advertisements don't have a great track record for safety and we are beginning to see more frequent abuse of search and mobile ads to deliver unwanted addons purporting to be legitimate tools. Be careful where you click and closely scrutinize software options before installation.
Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
Chet and Duck turn a week's worth of lost data, malware attacks, misleading apologies and shabby security into actions you can take to steer a safer course in your own organisation.
Here's our weekly "podcast with a purpose"...
Our colleagues at SophosLabs pointed us at a interesting item of malware the other day, namely a data-stealing Trojan aimed at Mac users.
Paul Ducklin looks at how the attack unfolds...
Why was this month's Java update a "must patch"? Should in-app purchases be allowed to target children? Is it a good idea to give Google control of your home?
Find out in 60 Second Security for 18 Jan 2014
Apple is understandably proud of the App Store - it has made lots and lots of money, with more or less no malware.
But not everyone has been entirely happy with Cupertino's acumen in application delivery...including the FTC.
What's the best way to deal with botnets? Should you use your bank's mobile app? Why all these data breaches? What about Patch Tuesday? Do you really *have* to update your Mac to Mavericks?
Listen as Chet and Duck dissect and explore the week's security stories...
How long does it take a trendy cloud company to apologise? Do you really need HTTPS for webmail? OS X Mavericks - should you stay or should you go? And who won our crossword competition?
60 Second Security - 11 Jan 2014.
Security researcher Ariel Sanchez recently published a fascinating report on the sort of security you can expect if you do your internet banking on an iPhone or iPad.
The answer, sadly, seems to be, "Very little."
Apple users are updating to OS X Mavericks in large numbers, but not fast enough. Corporate users in particular have been slow to upgrade, which could have serious security implications.
Chet and Duck help you to learn from recent security news, both good and bad.
In this episode: the massive Target breach; Microsoft's and Apple's attitude to updates; and how to respond to Google's recent changes to image rendering for Gmail users.
If the smartphone 'kill switch' legislation is passed, the carrier can remotely send a trigger to any lost or stolen device to 'brick' itself. With the phone effectively useless, this should be a far less appealing option for would-be thieves.
Apple just announced the first point update for its recently released OS X Mavericks.
Most of the fixes and enhancements are of the not-really-to-do-with-security sort, but the update includes a new version of Safari, with remote code execution patches.
Big players that already have a lot of skin in the game are going to be whispering into the ear of the US Commerce Department. Will privacy be trampled in this facial-scanning gold rush?
US President Barack Obama is stuck using a BlackBerry. He actually fought for the right to keep using it when he first got to office in 2009. Let's hope he still likes the gadget, because the powers that be obviously don't think Apple's security profile is president-worthy.
Apple pushed out iOS 7.0.4 last week, the fourth patch in two months.
Is iOS getting buggier, or is Apple simply publishing security fixes more promptly?
With the holiday season approaching and lots of super good deals being offered around the American Thanksgiving holiday, retailers aren't the only ones looking to make a buck.