Featured

(get it in RSS or Atom)

POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

60ss-video-250

The week's security news, turned into an entertaining lesson, turned into a 1-minute video.

Enjoy...

Hackers who threaten national security could face life sentences

Hackers who threaten national security could face life sentences

Where damage to human welfare or national security is deemed serious enough, the proposed amendment to the UK's Computer Misuse Act 1990 could mean life in jail for hackers, and some experts believe the changes could be used to target whistleblowers.

Has the "Sandworm" zero-day exploit burrowed back to the surface?

sand-2-250

You may have noticed that Microsoft recently published a Security Advisory that sounds a lot like the "Sandworm" vulnerability all over again.

Paul Ducklin explains...

Twitter invites us to say goodbye to passwords, use Digits instead

Digits

Twitter's new credentials handling scheme is called Digits, and it's hoping that mobile app developers use it to enable their users to sign in with their phone numbers as identifiers, along with one-time passwords SMSed to the phones.

How to kill a troll

How to kill a troll

A new Pew study confirms what we already know: online harassment is a widespread disease afflicting the internet. Ignoring trolls and hoping they'll go away is actually quite effective, survey respondents said.

Then again, how about fighting back, instead? Change is possible, be it enabled by troll-blocking software, societal shift that sees trolling evolve into a stigma, or, if all else fails, calling their mothers.

Do we really need strong passwords?

Short password

The idea that computer users should use long, complex passwords is one of computer security's sacred cows.

But is is really necessary?

Mark Stockley investigates...

Google goes beyond two-step verification with new USB Security Key

Google 2SV

Google's adding support for a physical USB second factor that will first verify the login site as being a true Google website, not a fake site pretending to be Google, before it hands over a cryptographic signature.

SSCC 170 - Is the best time to shop at a store right after it has a breach? [PODCAST]

chet-chat-logo-featured-250

Here's the latest episode of our weekly security podcast.

Join Sophos experts Chester Wisniewski, John Shier and Paul Ducklin as they turn news into advice...

OS X Yosemite Wi-Fi problems - can you help us solve them?

yos-wifi-250

Most early adopters of OS X Yosemite are enjoying a refreshingly clean new look with a bunch of updated applications.

But for a few, it's a Wi-Fi network merry-go-round...

Woman charged with planting spyware on cop's phone

Phone. Image courtesy of Shutterstock

A woman has been charged after eavesdropping on "sensitive law enforcement communications" by tapping the mobile phone of her police officer ex.

Is your phone line a '6-figure liability waiting to happen'?

The company telephone: A '6-figure liability waiting to happen'

Premium-rate service scams are sticking businesses - particularly small ones using local carriers - with outrageous phone bills, to the tune of $4.73 billion globally for 2013. Many businesses aren't even aware that they can be stuck paying the bill (or fighting it in court).

UK considering imprisoning 'cowardly, venomous trolls' for up to 2 years

UK considering imprisoning 'cowardly, venomous trolls' for up to 2 years

Justice Secretary Chris Grayling said that new laws would quadruple the current maximum six-month term and show his determination to "take a stand against a baying cyber-mob".

Apple pushes out iOS 8.1 - kills the mobile POODLE and closes some, ahem, "backdoors"

8dot1-250

The marquee vulnerablity fixed in iOS 8.1 is, as you might expect, POODLE.

But there are other cryptographic fixes in iOS 8.1 that are equally important...because cryptography is notoriously hard to get right first time.

Facebook prowls the internet looking for your password

Facebook prowls the internet looking for your password

Facebook explains that it's keeping its eye out for credentials - email, password combinations - dropped on sites after data breaches, running them against its own users' credentials to see if password reuse is going to land its users in trouble.

FBI Director James Comey says Apple and Google go "too far" with default encryption

FBI Director James Comey says Apple and Google go "too far" with default encryption

FBI Director James Comey says Apple and Google go too far with default encryption settings on mobile devices, including the iPhone 6 and Nexus 6 running on Android 5.0 Lollipop.

Does the FBI really have a legal right to exploit encryption backdoors to pursue suspects?

Whisper CTO trashes reports that it tracks even those users who turn off geolocation

Whisper CTO trashes reports that it tracks even those users who turn off geolocation

Supposedly anonymous social media app Whisper actually tracks some users - particularly newsworthy ones - even after they've specifically opted out of geolocation, according to reports.

Facebook: Dear DEA, please don't set up fake profiles to trap criminals

Dislike. Image courtesy of Shutterstock

Facebook CSO Joe Sullivan sent a letter to the DEA on Friday in which he explained how law enforcement agencies need to play by the same rules as the rest of us and not lie about who they are.

Four online romance scammers jailed - don't get sucked in to Advance Fee Fraud!

Advance Fee Fraud, or AFF, is an age-old scam that goes back at least to the 16th century.

Here are some resources you can use to help vulnerable friends and family keep out of the clutches of online romance scammers...

"Oops! I'm sorry about that" - 60 Sec Security [VIDEO]

60ss-video-250

Here it is - this week's 60 Second Security video.

News that will amuse, and it only takes a minute...

Apple kills the POODLE – also fixes Shellshock in case you forgot

poosdle-osx-250

Apple just shipped OS X 10.10 Yosemite - including a fix for the POODLE vulnerability.

Mavericks and Mountain Lion also got updates to kill the POODLE.

As for Lion, now three releases off the pace...bad news.