Latest Articles

Facial recognition software leads to arrest after 14-year manhunt

Facial recognition software leads to FBI success in 14-year manhunt

A former US resident from New Mexico was captured in Nepal after 14 years on the run. The fugitive's passport photo matched up with a newly issued wanted poster. Does the capture of a suspected child abuser justify the use of a technology that hasn't yet had privacy implications ironed out?

SSCC 160 - That's not just any old malware - that's a TRUE VIRUS! [PODCAST]

chet-chat-logo-featured-250

Ready for listening...

Here's this week's Sophos Security Chet Chat podcast.

Gmail introduces filters for non-Latin characters, weeding out more phishing emails

Gmail introduces filters for non-Latin characters, weeding out more phishing emails

Using non-Latin characters that look very similar to their ASCII counterparts helps scammers, spammers and phishing crooks send emails from legitimate-looking addresses. Now Google's putting a stop to that with a set of new spam filters.

Patch Tuesday wrap-up, August 2014: RCE + ASLR bypass + EoP == patch early, patch all!

pt-250

Patch Tuesday is here again.

Paul Ducklin explains how this month's vulnerabilities can work together for harm, and why *all* the updates matter, not just the ones that ended up with a "critical" or "severe" tag...

DEA paid out $854,460 for free Amtrak passenger data

Amtrak secretary cons $854,460 out of the DEA by selling 'free' passenger data

Since 1995, a former Amtrak employee has been selling passenger data to the US Drug Enforcement Administration - information that cost the DEA $854,460, but which it could have gotten for free.

Facebook ordered to disclose records on underage users

Facebook ordered to disclose records on underage users

Facebook says it doesn't keep them longer than six months, but a court in Belfast is nonetheless ordering it to hand over any records it might have or control about its underage users. The case concerns a girl who, starting at the age of 11, took out four Facebook accounts and used them to post sexually suggestive photos.

Why the Facebook Messenger app is not the privacy nightmare people think it is

Facebook Messenger

There's good reason to be skeptical of Facebook when it comes to privacy, but the Facebook Messenger app isn't the privacy nightmare that some people think it is. Here's why ...

War Kitteh hunts out your unsecured Wi-Fi

Coco the wardriving cat reminds you to secure your Wi-Fi

Coco the cat was outfitted with Wi-Fi sniffing equipment in his collar, enabling him to map out 23 unique Wi-Fi hotspots, 4 of which used feeble WEP encryption, 4 of which were wide open, requiring no password. He also caught a mouse, showing him to be adroit in both analog and digital media.

Most people think public Wi-Fi is safe. Seriously?

Most people think public Wi-Fi is safe. Seriously?

Talk about dismaying numbers! In Ofcom's recent report, three quarters of the public were unconcerned about security when accessing Wi-Fi outside of their homes, and were quite happy to do *anything* on public Wi-Fi. Help us educate them, please!

Android "Heart App" virus spreads quickly, author arrested within 17 hours

Q. How to attract the attention of the police if you're a bored student on summer vacation?

A. Write a virus that unleashes 20,000,000 SMSes, infects 100,000 devices, and steals personal data...

Pwnie Awards for Heartbleed, "goto fail", Mt. Gox

Pwnie Awards

The golden My Little Pony statuettes have been passed out at the Black Hat Security 2014 conference, commemorating select infosec glories and groans. Best song: the haunting "SSL Smiley Song", sung to the tune of "Jingle Bells".

Apple iPads and MacBook Pros banned for Chinese government use

noapple-250

China has banned government officials from buying Apple products, reportedly to avoid the possibility of the US hijacking the technology to spy on Beijing.

Monday review - the hot 20 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Microsoft scans email for child abuse images, leads to arrest‏

Microsoft scans email for child porn images

Microsoft detected two illicit images of a young girl when they were uploaded to a Pennsylvanian man's OneDrive cloud storage account. Before anybody starts worrying about snooping, be assured that humans weren't involved in looking at the email; rather, Microsoft's own PhotoDNA matched the images to those of known child abuse images.

The data breach apocalypse that wasn't - 60 Sec Security [VIDEO]

60ss-video-250

Malware, spam and hacking - and not all bad news, either!

Watch 60 Second Security for Aug 9, 2014...

SSCC 159.5 - Black Hat USA 2014 Conference Special [PODCAST]

chet-chat-logo-featured-250

The Black Hat USA 2014 conference is over, and Naked Security's Chester Wisniewski was there in fabulous Las Vegas to take it all in.

And, as we all know, what happens in Vegas...

...gets faithfully reported on the internet!

Microsoft brings Internet Explorer's security into the 21st century

Microsoft brings Internet Explorer's security into the 21st century

Internet Explorer (IE) will finally catch up with rival browsers next week when it begins blocking out-of-date ActiveX controls.

Sophos Techknow - Firewalls Demystified [PODCAST]

techknow-logo-250-150

The word firewall has a lot more shades of meaning in 2014 than it did in 1994.

So...who better to help us to demystify the modern firewall than Sophos security expert Chester Wisniewski?

Foursquare app tracks your location by default whenever your phone is on

Foursquare

Foursquare, makers of the popular app that lets you "check in" wherever you go, unveiled a new version this week that tracks your location even when the app is closed, with opt-in as the default.

We show you how to opt out if you don't want ad men and Foursquare to constantly know your whereabouts.

How Google plans to encrypt the web

Google HTTPS

This could be an inflection point for web security. By making HTTPS something that impacts search results Google are applying the stick to an enormous security push that's been all carrots up to now.