Even though yesterday wasn't a Patch Tuesday, we ended up with two major browser-related updates: an unscheduled Adobe Flash patch, and an expected one: the update from Firefox 26 to Firefox 27.
Paul Ducklin takes a quick look...
Advertisements don't have a great track record for safety and we are beginning to see more frequent abuse of search and mobile ads to deliver unwanted addons purporting to be legitimate tools. Be careful where you click and closely scrutinize software options before installation.
Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...
Adobe has released an emergency update to its ubiquitous Flash Player software. The flaw is being exploited by attackers so you should update as soon as possible.
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
Surely not another payment card breach? Android malware that jumps the airgap? And what's this about a Privacy Plan Diet?
60 Sec Security - 01 Feb 2014.
Here's an intriguing tale of an Android malware curveball spotted recently in SophosLabs.
You're expecting the pitch to come at you in a predictable direction, but a hidden twist in the action brings the onslaught from another angle altogether...
Beyond device details, data shared over the internet by iOS and Android apps can include personal information such as age, gender, and location, while some apps share even more sensitive user information, such as sexual preference.
Our colleagues at SophosLabs pointed us at a interesting item of malware the other day, namely a data-stealing Trojan aimed at Mac users.
Paul Ducklin looks at how the attack unfolds...
Starbucks got into and out of privacy trouble in over the past week.
The brouhaha started when a US security researcher publicly reported a rather serious data leakage problem in the Starbucks iOS mobile app...
Why was this month's Java update a "must patch"? Should in-app purchases be allowed to target children? Is it a good idea to give Google control of your home?
Find out in 60 Second Security for 18 Jan 2014
Apple is understandably proud of the App Store - it has made lots and lots of money, with more or less no malware.
But not everyone has been entirely happy with Cupertino's acumen in application delivery...including the FTC.
Location analytics companies are using consumers' phones to create portraits of people's habits as they go about their daily lives, whether that includes visits to nightclub, gyms, doctors' offices or whatever else you get up to in the day.
Microsoft, Adobe and Oracle have all released fixes today. Products covered include Microsoft Word, Windows XP, Windows 7, Adobe Reader, Java, MySQL and VirtualBox.
What's the best way to deal with botnets? Should you use your bank's mobile app? Why all these data breaches? What about Patch Tuesday? Do you really *have* to update your Mac to Mavericks?
Listen as Chet and Duck dissect and explore the week's security stories...
How long does it take a trendy cloud company to apologise? Do you really need HTTPS for webmail? OS X Mavericks - should you stay or should you go? And who won our crossword competition?
60 Second Security - 11 Jan 2014.
Security researcher Ariel Sanchez recently published a fascinating report on the sort of security you can expect if you do your internet banking on an iPhone or iPad.
The answer, sadly, seems to be, "Very little."
Apple users are updating to OS X Mavericks in large numbers, but not fast enough. Corporate users in particular have been slow to upgrade, which could have serious security implications.
Our weekly security podcast looks back at the big blunders of 2013 to find out what went wrong.
Let Chet and Duck help you plan for a safer and more secure 2014!
Outriders is a BBC Radio 5 Live programme that describes itself as "exploring the frontiers of the web."
On this week's show, host Jamillah Knowles interviewed Naked Security's Paul Ducklin about security and safety on line over the festive season...