OS X

(get it in RSS or Atom)

SSCC 140 - Does Windows have more holes than OS X? Whither messaging privacy? [PODCAST]

sscc-140-thumb-250

How bad is the latest Microsoft Word 0-day? Does OS X really need patching less often than Windows? What does Gmail's move to HTTPS-only really mean? And if WhatsApp has privacy coded into its DNA, is it coded into its app, too?

Chet and Duck get stuck in...

Phone spyware, Mac security, and WhatsApp privacy - 60 Sec Security [VIDEO]

2014-03-22-respect-250

How do you get spyware on your victim, er, target's phone? Have Mac users changed their attitude to security? And how deep does privacy run at WhatsApp?

Find out in 60 seconds!

Apple users: Try these five tips for better Mac security

mac-5tips-250

Security for Macs is often a hotly-debated topic, perhaps because Apple has a reputation for security that is based more on a brand promise than reality.

Don't panic. Here are five simple tips to help you get serious about security on OS X...

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

SSCC 138 - Patching, zero-days, XP, APTs and CryptoLocker [PODCAST]

sscc-138-thumb-250

Join the dynamic duo for another entertaining quarter-hour on security.

There's Patch Tuesday, the impending end of XP, Advanced Persistent Threatitis, and some astonishing statistics about CryptoLocker.

Microsoft Patch Tuesday - 5 bulletins, 2 critical, 1 for Mac users!

Microsoft's Patch Tuesday for March 2014, the second-to-last scheduled patch that Windows XP users are ever going to see, will fix critical holes in all versions of Windows.

OK, not quite all: Server Core installations will receive updates, but not critical ones.

Final countdown, CryptoLocker payout and Full Disk Encryption - 60 Sec Security [VIDEO]

2014-03-08-locked-250

XP is counting down - are you ready? Would you pay the CryptoLocker crooks? And should you use Full Disk Encryption?

Find out in just a minute...watch 60 Sec Security for 08 March 2014!

Anatomy of an Apple theft protection bypass - and how to avoid it

icloud-kdb-250

A tiny but intriguing open source project entitled iCloudHacker attracted interest over the weekend.

It claims to "bypass Apple's theft protection" - and although that's streching the truth a bit, it has some lessons to teach us about encryption...

Facebook survives, Apple patches, and Naked Security wins! 60 Sec Security [VIDEO]

2014-03-01-hoaxes-250

How harmless is that "Facebook shutting down on 29 February" hoax?

Is system reimaging really a security tool?

Find out this and more! 60 Sec Security - 01 Mar 2014

Anatomy of a "goto fail" - Apple's SSL bug explained, plus an unofficial patch for OS X!

gotofail-250

Apple just patched an SSL/TLS bug in iOS - but the flaw is not yet fixed in OS X.

Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.)

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Digitally signed data-stealing malware targets Mac users in "undelivered courier item" attack

forklift-250

Our colleagues at SophosLabs pointed us at a interesting item of malware the other day, namely a data-stealing Trojan aimed at Mac users.

Paul Ducklin looks at how the attack unfolds...

SSCC 130 - Botnets, banking, breaches, patching and the Mavericks controversy [PODCAST]

sscc-130-thumb-250

What's the best way to deal with botnets? Should you use your bank's mobile app? Why all these data breaches? What about Patch Tuesday? Do you really *have* to update your Mac to Mavericks?

Listen as Chet and Duck dissect and explore the week's security stories...

Snapchat, Yahoo, Mavericks and T-shirts - 60 Sec Security [VIDEO]

2014-01-11-mac-dilemma-250

How long does it take a trendy cloud company to apologise? Do you really need HTTPS for webmail? OS X Mavericks - should you stay or should you go? And who won our crossword competition?

60 Second Security - 11 Jan 2014.

82% of enterprise Mac users not getting security updates

Apple109-250

Apple users are updating to OS X Mavericks in large numbers, but not fast enough. Corporate users in particular have been slow to upgrade, which could have serious security implications.

Five-minute fix: Setting up parental controls on Mac OS X Mavericks

mav-250

How to set up parental controls on Mac OS X Mavericks to keep your children safer online.

Apple updates Mavericks to 10.9.1, issues security fixes for Safari

mav-250

Apple just announced the first point update for its recently released OS X Mavericks.

Most of the fixes and enhancements are of the not-really-to-do-with-security sort, but the update includes a new version of Safari, with remote code execution patches.

Have you heard of the Happy Hour virus?

hhv-250

Created by an advertising agency in Boulder, Colorado, the web-borne Happy Hour Virus lets you deliberately simulate a security problem in order to leave work early.

Paul Ducklin stayed back late to take a look...

NSA, Apple, Facebook and Adobe - 60 Sec Security [VIDEO]

2013-11-02-giraffes-250

A touch of fun but with a serious side - and only a minute to watch it.

Give our weekly "60 Second Security" video a whirl today...

Apple introduces "cloudless dictation", no longer demands your contact list to understand you

dictate-250

Not everyone was happy about Apple's terms and conditions when it introduced dictation to OS X: speech-to-text was done in the cloud, so Apple got to listen to what you were saying.

OS X Mavericks changes that - though apparently more for performance than privacy...