Turn bad news into good with "what you can do better" advice from Chet and Duck.
Learn from: an XP zero-day, a spate of Bitcoin "bank robberies," the outcome of a European user security survey, and yet another cryptographic blunder, this time from Drupal.
When is Computer Security Day? What can forward secrecy do for you? Can you believe there's an 0-day in XP?
Have some fun finding out the answers in this week's 60 Second Security!
The Debian Linux security team recently pushed out a wry security advisory for popular web CMS Drupal.
In amongst the laundry list of fixes was a common modern malady - non-cryptographic random numbers used cryptographically...
Microsoft has gone public to warn about a zero-day vulnerability in the Windows XP kernel.
Full details are still to be released, as it isn't patched yet, but here's what we know so far...
Four cyber security experts have delivered to the US Congress a unanimous opinion: Americans shouldn't use HealthCare.gov, given its security issues.
An FBI memo sent out on Thursday described the attacks as "a widespread problem that should be addressed", according to Reuters.
Apple pushed out iOS 7.0.4 last week, the fourth patch in two months.
Is iOS getting buggier, or is Apple simply publishing security fixes more promptly?
Firefox just pushed out a minor browser update, bumping its version number from 25.0 to 25.0.1.
Paul Ducklin saw Mozilla's advice that this was "a security and stability update", and went looking for the security fixes...
Welcome to Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.
In "The End of XP", Duck and Chet investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014.
Chet and Duck are here with their weekly roundup of news, opinion, advice and research.
Take a listen to our weekly 15-minute podcast on computer security - Chet Chat Episode 123.
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.
What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...
Potential remote code execution bugs in OpenSSH, probably the most widely-used remote access security system on the internet, are the stuff of nightmares for system administrators.
Paul Ducklin takes a look at the bug and the patch...
Which pets make the best/worst passwords?
How many times did Google make the same coding blunder?
Find out this and more in our one-minute wrapup of the week's security lessons!
Would-be bug hunters can earn $300 - $5000 thanks to Microsoft and Facebook, who have announced that they will now work together to offer cash rewards to white hats who discover flaws in popular software applications as well as across the web at large.
What a coincidence! A Facebook hoax claming that images can infect your computer...and then a Microsoft zero-day that uses images to infect your computer.
Chet and Duck talk you through the latest news...
Microsoft is warning about a brand new security hole that could let criminals get control of your computer through booby-trapped image files.
Four months ago, the Android platform was stirred, if not shaken, by a pair of code verification holes.
Turns out there was a third one, now fixed in Android 4.4, better known as Kit Kat.
Paul Ducklin looks at what we can learn from it...