According to a News Limited report, customers visiting clothing retailer Witchery's mobile website were able to get at the PII of other users via a feature called "track my order."
Customers could also view every order currently being processed, not just their own...
When is Computer Security Day? What can forward secrecy do for you? Can you believe there's an 0-day in XP?
Have some fun finding out the answers in this week's 60 Second Security!
Microsoft has gone public to warn about a zero-day vulnerability in the Windows XP kernel.
Full details are still to be released, as it isn't patched yet, but here's what we know so far...
Created by an advertising agency in Boulder, Colorado, the web-borne Happy Hour Virus lets you deliberately simulate a security problem in order to leave work early.
Paul Ducklin stayed back late to take a look...
Apple pushed out iOS 7.0.4 last week, the fourth patch in two months.
Is iOS getting buggier, or is Apple simply publishing security fixes more promptly?
Firefox just pushed out a minor browser update, bumping its version number from 25.0 to 25.0.1.
Paul Ducklin saw Mozilla's advice that this was "a security and stability update", and went looking for the security fixes...
European travellers will soon be able to use their personal electronic devices (PEDs) for the entire duration of their flights following a new ruling from Europe's air safety agency.
Welcome to Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.
In "The End of XP", Duck and Chet investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014.
Chet and Duck are here with their weekly roundup of news, opinion, advice and research.
Take a listen to our weekly 15-minute podcast on computer security - Chet Chat Episode 123.
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
A new program, dubbed PIN Skimmer by its University of Cambridge creators, can correctly guess a high proportion of PINs by utilising the device's camera and microphone.
November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.
What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...
Which pets make the best/worst passwords?
How many times did Google make the same coding blunder?
Find out this and more in our one-minute wrapup of the week's security lessons!
What a coincidence! A Facebook hoax claming that images can infect your computer...and then a Microsoft zero-day that uses images to infect your computer.
Chet and Duck talk you through the latest news...
Microsoft is warning about a brand new security hole that could let criminals get control of your computer through booby-trapped image files.
Four months ago, the Android platform was stirred, if not shaken, by a pair of code verification holes.
Turns out there was a third one, now fixed in Android 4.4, better known as Kit Kat.
Paul Ducklin looks at what we can learn from it...
Advertising supports a large chunk of the apps we use on our mobile devices. But without oversight, the behaviour of ad frameworks risks crossing all manner of privacy and security lines. A proposed project aims to address this issue and define a standard for acceptable mobile ads.