Chester ducks out of booth duties at the RSA 2014 conference in San Francisco to bring you this week's Chet Chat.
From Apple's SSL bug to Adobe's second-in-a-month emergency Flash update, Chet and Duck once again help you to learn from others' mistakes.
Another Flash emergency already? More SEA hacking? Why have the password "changeme" if you don't? How big a fine for a 20,000,000 record breach?
It'll only take you a minute to find out!
Here's our latest security podcast, featuring Sophos experts Chester Wisniewski and Paul Ducklin.
Join the dynamic duo as they turn the latest news into a quarter-hour podcast that is informative, entertaining and educational.
Advertisements don't have a great track record for safety and we are beginning to see more frequent abuse of search and mobile ads to deliver unwanted addons purporting to be legitimate tools. Be careful where you click and closely scrutinize software options before installation.
Adobe has released an emergency update to its ubiquitous Flash Player software. The flaw is being exploited by attackers so you should update as soon as possible.
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
Microsoft fixed 34 vulnerabilities in products ranging from Windows, Internet Explorer and .NET to Lync, Visual Studio and Silverlight. Not to be left behind, Adobe launched fixes for Flash, Shockwave and Cold Fusion. Settle into your air-conditioned server rooms and start testing!
Do you really need to worry about things like privacy and security?
Here's the latest in our 60 Second Security video series, bringing you fast, incisive and entertaining evidence that says, "Yes, you do!"
Blackberry released the first two security advisories for its new Z10 smartphone yesterday. One of the patches was for Adobe Flash vulnerabilities from January. Flash? On a smartphone? In 2013?
Right on time, Microsoft and Adobe released fixes today for Windows, Internet Explorer, Microsoft Office 2003 and 2011 and Adobe Flash Player. Time to dance that familiar dance and get those updates installed.
Microsoft has just released its monthly updates for May 2013. The zero-day IE flaw used on the Dept of Labor website was fixed, as well as an IE 10 hole used at PWN2OWN.
Critical fixes for Adobe Reader, Flash Player and ColdFusion also hit the streets today.
As expected Microsoft released seven important and two critical fixes for Windows, Internet Explorer and other Microsoft products. Adobe followed suite releasing fixes for ColdFusion, Flash and Shockwave. Patch now!
Computer users should be getting used to security updates for Adobe Flash by now - after all, this is the fourth in as many weeks.
Make sure your computers are protected as soon as possible.
PWN2OWN 2013 finished off today.
A second scheduled attack on IE 10 didn't happen, so IE 10 didn't get owned again, but Flash and Reader fell once each, and Java was exploited for the fourth time in two days...
Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers at PWN2OWN 2013.
Java fell three times today; Adobe's Flash and Reader meet their attackers tomorrow...
Last week, Apple showed that it is getting more serious about security by getting strict about the version of Flash you're allowed to use in Safari.
Paul Ducklin explains the what and the why...