Malware

(get it in RSS or Atom)

Google goes beyond two-step verification with new USB Security Key

Google 2SV

Google's adding support for a physical USB second factor that will first verify the login site as being a true Google website, not a fake site pretending to be Google, before it hands over a cryptographic signature.

"Oops! I'm sorry about that" - 60 Sec Security [VIDEO]

60ss-video-250

Here it is - this week's 60 Second Security video.

News that will amuse, and it only takes a minute...

The "Sandworm" malware - what you need to know

sandworm-250

Fortunately, the Sandworm malware is a lot easier to deal with than the giant science fiction creature from which it takes its name.

In fact, in malware terms, it's not a worm at all.

Paul Ducklin takes a look...

Attacker takes over Facebook page set up for 'Bucket List Baby' Shane, posts porn

Attacker takes over Facebook page set up for 'Bucket List Baby' Shane, posts porn

A Facebook page set up to chronicle the extremely short life of a baby with the rare, terminal condition of anencephaly was hijacked within days of the infant's death and set to display lewd images. The parents, who had lost their child mere days before, fell for one of the most vile phishing attacks ever.

5 steps to lock down your webmail account

5 steps to lock down your webmail account

For most people Gmail, Outlook.com or Yahoo! Mail is their main personal account. Here are some of the most important steps to keep unwanted people out of your web-based email account.

Backoff malware gang hits Dairy Queen stores

Backoff malware gang hits Dairy Queen stores

Customers' payment card details may have been whipped out of nearly 400 Dairy Queen stores in the US. It's just the latest in a string of PoS malware infections that have been slamming US retailers.

Mummy, my schoolbooks are spying on me! 60 Sec Security [VIDEO]

60ss-video-250

Here's our latest 60 Second Security video for your viewing pleasure.

The wry side of the week's news, in just a minute...

Return of the Android SMS virus - self-spreading "Selfmite" worm comes back for more

slfm-250

Back in June 2014, we wrote about an Android virus that worked a bit like the email worms of the early 2000s.

Well, that Android virus has made a comeback, and this variant is both pushier and more flexible than before...

SSCC 168 - Amaze your friends by ruining all their USB drives! [PODCAST]

chet-chat-logo-featured-250

Here's the latest Chet Chat security podcast for your listening pleasure.

Sophos experts Chester Wisniewski and Paul Ducklin take apart the latest computer security stories to turn them into news you can use.

BadUSB - now with Do-It-Yourself instructions

usb-tangle-250

Many fimware hacks are benign or even beneficial, like tweaking the ISO range on your digital camera or removing the bloatware from your mobile phone.

But what if even a humble USB flash drive could be turned into a delinquent diddler of your data, or a vindictive vector for viruses?

SSCC 167 - Avoiding the shock of Shellshock (and more!) [PODCAST]

chet-chat-logo-featured-250

Here's the latest episode of our weekly Chet Chat podcast!

Shellshock leads the list, of course, but Snapchat, cybersecurity awareness and the iPhone 6 all get a look in too...

Security incidents are up - and pricier! - but infosec budgets are dwindling

Security incidents are up - and pricier! - but budgets to prevent them dwindle

The number of security incidents is popping, as are associated costs to mop them up, according to a report from PcW. Global corporate security budgets, meanwhile, seem to be hiding in the closet, just hoping it all goes away.

SSCC 166.5 - Special edition from the Virus Bulletin 2014 conference [PODCAST]

chet-chat-logo-featured-250

Sophos security expert Chester Wisniewski was at the Virus Bulletin 2014 conference in Seattle.

In this special edition of the Chet Chat, Paul Ducklin puts Chet on the other side of the mic to find out more about both the technology and the ethics of anti-malware research.

3 essential security tasks - have you done them yet?

Do These 3 More

Tomorrow marks a year since we published our '3 essential security tasks', so we thought we'd revisit it to ask if you've done them all. If you haven't, there's still time!

Point-of-Sale vendor loses password, causes breaches at 324 US restaurants

In its own words, a US point-of-sale vendor "acts to Block Payment Card Security Incident."

Bit late for the 324 restaurants that were breached for between 3 days and 3 months in the incident...

Are you tired of weak or fake zero-day exploits? 60 Sec Security [VIDEO]

60ss-video-250

Watch our latest 60 Second Security video!

An entertaining but insightful look at the week's security woes - in just one minute...

Kim Kardashian, Vanessa Hudgens, et al. targeted in latest naked celebrity photo leak

Celebgate redux: Alleged nudies of Kim Kardashian, Vanessa Hudgens et al. doxed

Early on Saturday morning, Celebgate flooded the same sites as it did three weeks ago - 4Chan and Reddit, among others - as cyber crooks again posted nude celebrity photos, despite the scuffle of threatened lawsuits and attention from the FBI.

Home Depot breach totals: 56 million credit cards exposed, $62 million in losses

Home Depot data breach

Lots of people who speculated about the credit card data breach at the Home Depot turned out to be wrong.

But those who suggested that Home Depot's breach might end up bigger than Target's turned out to be spot on.

SSCC 165 - "U2 or not U2," that is the question [PODCAST]

chet-chat-logo-featured-250

It's Chet Chat time!

Here's this week's episode of our news-you-can-use security podcast...