A tiny but intriguing open source project entitled iCloudHacker attracted interest over the weekend.
It claims to "bypass Apple's theft protection" - and although that's streching the truth a bit, it has some lessons to teach us about encryption...
MasterCard and Syniverse are running a pilot scheme that aims to reduce credit card fraud by making sure that a customer's card and mobile phone are in the same location when the card is used.
Do you use a mobile device? (Of course you do!)
Read Sophos researcher Vanja Svajcer's paper, "Mobile Security Threat Report," and check out our expert tips for keeping the crooks away...
Apple just patched an SSL/TLS bug in iOS - but the flaw is not yet fixed in OS X.
Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.)
For the last week, the internet - and Facebook in particular - has been positively moist with the foamy, spittle flecks of an outraged, pitchfork wielding mob. The outrage has been so verbose and so sudden that the internet has all but run out of upper case letters.
Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Illegal GPS jammers, sold cheap online, can endanger space stations and ship navigation, not to mention potentially preventing emergency calls or keeping rescue teams from homing in on injured people. But recently, a new version of an old, longwave technology, eLORAN, is showing great promise in jamming the jammers.
News about celebrities to do with births, deaths and marriages often prove to be handy hooks for cybercrooks.
So when the ultra-popular game Flappy Bird was withdrawn recently, the crooks wasted no time pretending to keep him alive...
Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...
Surely not another payment card breach? Android malware that jumps the airgap? And what's this about a Privacy Plan Diet?
60 Sec Security - 01 Feb 2014.
Here's an intriguing tale of an Android malware curveball spotted recently in SophosLabs.
You're expecting the pitch to come at you in a predictable direction, but a hidden twist in the action brings the onslaught from another angle altogether...
Beyond device details, data shared over the internet by iOS and Android apps can include personal information such as age, gender, and location, while some apps share even more sensitive user information, such as sexual preference.
Starbucks got into and out of privacy trouble in over the past week.
The brouhaha started when a US security researcher publicly reported a rather serious data leakage problem in the Starbucks iOS mobile app...
Why was this month's Java update a "must patch"? Should in-app purchases be allowed to target children? Is it a good idea to give Google control of your home?
Find out in 60 Second Security for 18 Jan 2014
Apple is understandably proud of the App Store - it has made lots and lots of money, with more or less no malware.
But not everyone has been entirely happy with Cupertino's acumen in application delivery...including the FTC.
Location analytics companies are using consumers' phones to create portraits of people's habits as they go about their daily lives, whether that includes visits to nightclub, gyms, doctors' offices or whatever else you get up to in the day.
What's the best way to deal with botnets? Should you use your bank's mobile app? Why all these data breaches? What about Patch Tuesday? Do you really *have* to update your Mac to Mavericks?
Listen as Chet and Duck dissect and explore the week's security stories...
Security researcher Ariel Sanchez recently published a fascinating report on the sort of security you can expect if you do your internet banking on an iPhone or iPad.
The answer, sadly, seems to be, "Very little."
Our weekly security podcast looks back at the big blunders of 2013 to find out what went wrong.
Let Chet and Duck help you plan for a safer and more secure 2014!