A new Google Chrome browser extension lets email senders using Google accounts see when recipients open email, who exactly opened the email, and where the recipient is located. And sorry, but no, recipients don't have a say in the matter whatsoever, since we don't have to sign up for the extension to have it blab about us.
Apple just patched an SSL/TLS bug in iOS - but the flaw is not yet fixed in OS X.
Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.)
Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Paul Ducklin looks into a malware writer's poisoned-image trick that tells an interesting (and, though it hurts to say it, an amusing) story of subterfuge and guile...
The warning flare comes as a window for Windows users that features a "reset" button to get the browser back to factory-fresh settings.
Even though yesterday wasn't a Patch Tuesday, we ended up with two major browser-related updates: an unscheduled Adobe Flash patch, and an expected one: the update from Firefox 26 to Firefox 27.
Paul Ducklin takes a quick look...
Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
Apple users are updating to OS X Mavericks in large numbers, but not fast enough. Corporate users in particular have been slow to upgrade, which could have serious security implications.
Apple just announced the first point update for its recently released OS X Mavericks.
Most of the fixes and enhancements are of the not-really-to-do-with-security sort, but the update includes a new version of Safari, with remote code execution patches.
Gmail's new default is to automatically display all those HTML glamour shots that marketers desperately hope we'll click on. Does this really help our privacy and security, and how can you turn it off again?
Last Thursday Twitter introduced promoted tweets (ads) targeted according to the websites you've visited. It seemed like a good time to explain how Twitter is doing it, how they've used a different technique to track the websites you visit for some time now, and how to turn it all off if you want to.
This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.
It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...
Firefox just pushed out a minor browser update, bumping its version number from 25.0 to 25.0.1.
Paul Ducklin saw Mozilla's advice that this was "a security and stability update", and went looking for the security fixes...
Welcome to Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.
In "The End of XP", Duck and Chet investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014.
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.
What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...
What a coincidence! A Facebook hoax claming that images can infect your computer...and then a Microsoft zero-day that uses images to infect your computer.
Chet and Duck talk you through the latest news...