Web Browsers

(get it in RSS or Atom)

Apple kills the POODLE – also fixes Shellshock in case you forgot

poosdle-osx-250

Apple just shipped OS X 10.10 Yosemite - including a fix for the POODLE vulnerability.

Mavericks and Mountain Lion also got updates to kill the POODLE.

As for Lion, now three releases off the pace...bad news.

Patch Tuesday for October 2014 - bigger than usual as Microsoft, Adobe and Oracle align

Oracle, Adobe and Microsoft patches are all arriving together on Tuesday 14 October 2014.

Paul Ducklin looks at what to expect...

SSCC 166 - A sleeping bag and a camping stove to queue for an iPhone? [PODCAST]

chet-chat-logo-featured-250

For your listening pleasure!

Here's the latest episode in our weekly podcast series...

Mozilla fixes "phishing friendly" cryptographic bug in Firefox and Thunderbird

moz-250

Mozilla just patched a bug in its cryptographic library, NSS.

The bug is rated "critical" because it could permit skullduggery in apparently secure connections.

DuckDuckGoAway: China blocks privacy-oriented search engine

DuckDuckGo

Getting selected as the default private search engine for Apple's Safari browser has been a boon for young search engine DuckDuckGo. But it may well have tainted the search engine in the eyes of the Apple-leery Chinese government.

10 security holes that cybercrooks dream about - 60 Sec Security [VIDEO]

60ss-video-250

Here's this week's episode of 60 Second Security.

Enjoy the latest security news in just one minute...

Apple ships a sevenfold security surprise, including iOS 8 and OS X 10.9.5

apple-upd-250

Apple doesn't have Patch Tuesdays, but it does have Update Surprisedays.

We just had one of them, with brand new and more secure versions of iOS, OS X and Safari.

SSCC 165 - "U2 or not U2," that is the question [PODCAST]

chet-chat-logo-featured-250

It's Chet Chat time!

Here's this week's episode of our news-you-can-use security podcast...

Firefox sneaks out an "inbetweener" update, with security improvements rather than fixes

Usually, if everything goes according to plan, Firefox updates appear every six weeks.

But if needs must, Mozilla delivers in-between updates, too, and that's what has happened here, bumping Firefox from version 32.0 to 32.0.1.

SSCC 164 - Spend Bitcoins using Apple Pay? *NOW* you've got me interested! [PODCAST]

chet-chat-logo-featured-250

Here's this week's Sophos Security Chet Chat for your listening pleasure.

Our weekly computer security podcast with the News You Can Use...

Patch Tuesday wrap-up, September 2014 - why even a single-bit data leak is worth fixing

patch-tuesday-denim-250

Here's what you need to know about the September 2014 Patch Tuesday updates from Microsoft and Adobe...

How far would your sysadmins go to fix a problem? 60 Sec Security [VIDEO]

60ss-video-250

Here it is - this week's 60 Second Security video.

News that will amuse, and it only takes a minute...

Why is Google sending insecure browsers back in time?

Why is Google sending insecure browsers back in time?

Google's search page has seemingly gone back in time - but only for users stuck in the last decade. If you're using an internet antique, take Google's hint and upgrade now.

Apple, please provide better protection for iCloud - Secure our Selfies!

iCloud

In the wake of exposed candid celebrity photos Apple recommends using two-step verification. Would this have made a difference? Should Apple strengthen its authentication options?

Apple developer guidelines lead to rogue phone call risks in iOS

ios-call-250

It turns out to be surprisingly easy to trick unsuspecting users into making unwanted phone calls from iOS.

That could cost you premium-rate money, or give away your number to a scammer...

Firefox 32.0 fixes holes, shakes out some old SSL certs, introduces certificate pinning

Yesterday was Firefox's Fortytwosday (updates come out every 42 days, on Tuesdays, in a nod to Douglas Adams), bringing us to Firefox 32.0.

There are also two Extended Support Releases for the more conservative amongst us...

Firefox OS app permissions will give users more privacy than Android

app-permissions-250

Mozilla's mobile platform, Firefox OS, is behind Google's Android in just about every way.

But in one important respect, privacy, Firefox OS is trying to move ahead by giving users more control over what data apps can gather from their devices...

We need to talk about email

Email

Today the people of the world will exchange about 250 *billion* messages using a system that has been shockingly insecure for decades: email.

That's why we need to talk about email...

SSCC161 - What do you mean, "Trade him for Edward Snowden"? [PODCAST]

chet-chat-logo-featured-250

Here's the latest Chet Chat security podcast!

Sophos experts Chester Wisniewski and Paul Ducklin once again turn plain old news into advice you can use.

Google adds deceptive software warnings to Safe Browsing service

Warning sing. Image courtesy of Shutterstock.

The days of having your homepage switched or suddenly discovering a mysterious toolbar in your browser may be set to come to an end following an announcement from Google yesterday. From next week, Chrome will display a message whenever a piece of software attempts to do anything sneaky or unexpected with your browser or computer.