The US jam and jelly maker is just the latest fly to get stuck in the same web that ensnared dozens of companies last year, including some of the world's largest data brokers and at least one credit card processor.
Chester ducks out of booth duties at the RSA 2014 conference in San Francisco to bring you this week's Chet Chat.
From Apple's SSL bug to Adobe's second-in-a-month emergency Flash update, Chet and Duck once again help you to learn from others' mistakes.
Another Flash emergency already? More SEA hacking? Why have the password "changeme" if you don't? How big a fine for a 20,000,000 record breach?
It'll only take you a minute to find out!
Adobe has just updated its Flash product for the second time this month, pushing out an emergency patch for an attack that has been seen in the wild.
Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Here's our latest security podcast, featuring Sophos experts Chester Wisniewski and Paul Ducklin.
Join the dynamic duo as they turn the latest news into a quarter-hour podcast that is informative, entertaining and educational.
February's patch roundup sees seven patches from Microsoft and one from Adobe. All supported versions of Windows are impacted, be sure to update as soon as possible.
Advertisements don't have a great track record for safety and we are beginning to see more frequent abuse of search and mobile ads to deliver unwanted addons purporting to be legitimate tools. Be careful where you click and closely scrutinize software options before installation.
Adobe has released an emergency update to its ubiquitous Flash Player software. The flaw is being exploited by attackers so you should update as soon as possible.
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
It's that time of year again. A new "Worst Password" list has been published for the password-savvy population's enjoyment. As much as we like to chuckle/groan at this list, is there ever a justification for a bad password?
Why was this month's Java update a "must patch"? Should in-app purchases be allowed to target children? Is it a good idea to give Google control of your home?
Find out in 60 Second Security for 18 Jan 2014
Microsoft, Adobe and Oracle have all released fixes today. Products covered include Microsoft Word, Windows XP, Windows 7, Adobe Reader, Java, MySQL and VirtualBox.
In January 2014, Patch Tuesday coincides for Oracle, Adobe and Microsoft.
Here's what you'll be up against in the opening fixture of the 2014 Patching Season...
The big stories of 2013 were Adobe, PRISM and CryptoLocker - but what about some of the wackier stuff? Google's dead donkey? The Space Station lost and found? Gun wielding penguins?
All this and more in 60 Sec Security - 04 January 2014
Our weekly security podcast looks back at the big blunders of 2013 to find out what went wrong.
Let Chet and Duck help you plan for a safer and more secure 2014!
Guess how many times "123456" was used as a password by users. If you answered "close to 2 million times," you win! Now guess which online dating site service has decided to encrypt customer records using salting and hashing in future.
Following our popular article explaining what Adobe did wrong with its users' passwords, a number of readers asked us, "Why not publish an article showing the rest of us how to do it right?"
Here you are...
Why shouldn't you store unencrypted credit card numbers? How can you squeeze a positive result from a password breach? What sort of pressure was on the cryptanalysts at Bletchley Park?
Find out the answers in just one minute!
Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.