Join the dynamic duo for another entertaining quarter-hour on security.
There's Patch Tuesday, the impending end of XP, Advanced Persistent Threatitis, and some astonishing statistics about CryptoLocker.
In my day job as a tester of anti-malware solutions, I often get asked the same question: how do I plan to test against Advanced Persistent Threats, aka APTs? These threats are very different from your everyday malware, and testing protection against them turns out to be a very different kind of task.
SophosLabs expert Gabor Szappanos has written a highly-recommended report entitled "Advanced Persistent Threats - the new normal?"
Szappi explains how exploits once seen only in APTs are appearing ever more widely in money-making malware, and why that puts us all at ever greater risk.
"We are watching you / Don't close your eyes," they wrote on the site, which conceivably might have been scary if they'd actually managed to hack their (presumably) intended target, Yorkshire Bank.
XP is counting down - are you ready? Would you pay the CryptoLocker crooks? And should you use Full Disk Encryption?
Find out in just a minute...watch 60 Sec Security for 08 March 2014!
An annual survey on computer security issues run by a UK university was published last week. Its stats on the prevalence of ransomware, and how many people give in to the crooks and pay the ransom, raised some eyebrows.
The US jam and jelly maker is just the latest fly to get stuck in the same web that ensnared dozens of companies last year, including some of the world's largest data brokers and at least one credit card processor.
What about support for OS X Lion and Mountain Lion? Can a rootkit be a blessing in disguise? Will federal US data breach laws make things better or worse?
Chester and Duck once again aim their entertaining expertise at the security news of the week...
The Gameover botnet gang has been trying new techniques lately: most recently comes the introduction of a kernel-mode rootkit called Necurs, making the malware harder to find and remove.
Senior Researcher James Wyke of SophosLabs investigates...
A new Google Chrome browser extension lets email senders using Google accounts see when recipients open email, who exactly opened the email, and where the recipient is located. And sorry, but no, recipients don't have a say in the matter whatsoever, since we don't have to sign up for the extension to have it blab about us.
Do you use a mobile device? (Of course you do!)
Read Sophos researcher Vanja Svajcer's paper, "Mobile Security Threat Report," and check out our expert tips for keeping the crooks away...
Let's hope that somebody in South Korea remembers that malware doesn't respect borders. Stuxnet escaped from its original cage to bite a whole bunch of countries not originally on the hit list, plus it spawned its nasty son, Duqu.
Another Flash emergency already? More SEA hacking? Why have the password "changeme" if you don't? How big a fine for a 20,000,000 record breach?
It'll only take you a minute to find out!
Adobe has just updated its Flash product for the second time this month, pushing out an emergency patch for an attack that has been seen in the wild.
It's nearly time for the annual RSA conference in San Francisco.
If you'll be in the area, why not grab a free Expo pass and drop by to say "Hello"?
Researchers have found a trove of information on a file-sharing site that could allow attackers to breach electronic medical records and payment information from healthcare providers such as nursing homes, doctors' offices and hospitals.
What happened to Flappy Bird? Why was Talking Angela so talked about? Is internet access at the Winter Olympics in Sochi really a "special danger" situation? What can we learn from the database breaches at Kickstarter and Forbes?
When we look at some of the biggest security headlines of the past year - Target data breach, Cryptolocker ransomware, Snowden/NSA leaks - there's one big lesson we can all be taught: secure everywhere.