Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.
It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...
Welcome to Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.
In "The End of XP", Duck and Chet investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014.
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.
What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...
Part Two of our examination of an IE exploit.
This is a great read if you want to get a feeling for how cybercrooks think. (Don't worry if you aren't technical: it's clear and jargon-free.)
The latest IE zero-day explained.
This is a great read if you want to get a feeling for how cybercrooks think.
(Don't worry if you aren't technical: we've kept the code and jargon to a minimum.)
This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.
Paul Ducklin takes you through what's in store...
How do you copy fingerprints? Which is the most trustworthy browser? Who will use Facebook for payments? How long does an email address live?
Satisfy your curiosity with this week's 60 Second Security!
About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.
Microsoft has published an out of band security advisory for users of Internet Explorer to warn about a new zero-day attack being used in the wild. IE users are advised to use Microsoft's Fix it or EMET tool to protect against exploitation until a permanent fix is released.
We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.
Patch Tuesday for August 2013 includes three critical fixes and five important ones. The focus for this month is certainly the Internet Explorer cumulative patch which fixes 11 vulnerabilities and all versions, including 11 beta.
An ongoing catfight has boiled up regarding whether these are features or security fright-fests, particularly given that the nontechnical masses aren't liable to know that they can, for example, tell Google not to store passwords or set up a master password in Firefox.
So far, so good with the new program, says Microsoft security expert Katie Moussouris. They're getting more bugs earlier and hearing from researchers who've never rung them before.