cloud
IBM takes a big new step in cryptography: practical homomorphic encryption
IBM just released an open source software package called HELib.
HE stands for *homomorphic encryption*, and HELib is an important cryptographic milestone.
Paul Ducklin explains why...
Many Amazon S3 cloud storage users are exposing sensitive company secrets, claims report
A security researcher tested a slew of (probably inappropriately misconfigured) storage buckets and found about one in six were open to the public, exposing content we think companies would probably have preferred remain private.
Lisa Vaas explores what has happened.
Whitepaper: Security questions for your web hosting provider
Here are 10 questions you should be asking your hosting provider about features and services that will help to keep your site secure, covering general security practices, application security and operation of the site itself.
Monday review: the hot 20 stories of the week
In case you missed any of these stories, here's everything we wrote in the last seven days.
Security fears around remote working, the cloud and wireless networks cited by SMBs
The days of IT managers simply worrying about the security of the network inside their physical offices are long gone.
Cloud services, mobile devices, wireless networks and a remote workforce are complicating security management for IT departments who wish to protect corporate data.
SSCC 90 - A walk around Interop 2012 with John Shier
This week's Chet Chat comes to you live from the show floor at Interop 2012. John Shier and Chet Wisniewski have some fun and share highlights from the expo hall.
64% of people think cloud storage is risky, but 45% still go right ahead and use it
Sophos polled people at their InfoSec Europe booth last week to find out their views on security in the workplace. Here's what they found.
SSCC 86 - online elections, "total internet disconnection", Facebook/privacy and PII for just 3c
In this week's episode, Paul Ducklin joins Chet to discuss online elections, "total internet disconnection", Facebook's new take on privacy, and PII at just 3c a hit.
As usual, Chet and Duck express strong opinions, with Duck even calling on those who are concerned about the erosion of online privacy "not to go quietly"...
Corrupt call center workers selling your private information for pennies
An undercover investigation in India has uncovered that some call center workers have been selling confidential information on nearly 500,000 Britons.
Practical IT: how to assess a third-party provider's security (part 1)
There are many security implication we as IT guys need to think about when we host applications externally. Here is a list of things to ask your provider to reduce the risk of a data or malware breach.
Sophos Security Threat Report 2012 - seeing through the hype
We know you're probably sceptical of "state of the world" reports from vendors. For all you can tell, they'll turn out to be thinly-digsuised advertorial, unreconstructed product brochures, or worse.
We like to do things differently. Find out how!
Google Docs - a full-featured, full-service phishing facility?
SophosLabs is warning users not to read too much into docs.google.com URLs.
Two scam campaigns this weekend used Google Docs to attack two very different targets. One had big-four Aussie bank ANZ in its sights; the other was aimed at a large North American school.
Anonymous and LulzSec trawl Google Code search for security holes
A new report suggests that Google's Code Search is being used by groups such as LulzSec and Anonymous to find passwords and other private data, gain access to secure networks and decide who their next victim should be.
Amazon Kindle Fire's Silk browser sounds privacy alarm bells
Amazon announced their new Kindle Fire tablet today, including a new accelerated web browser Silk. Can making the web faster threaten our privacy?
Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks - 60 Sec Security
Lots of readers said they'd like to see our 'news-with-a-conscience' videos more than once a month.
So here you go. 60 Second Security, once every two weeks.
Firefox 6.0.2 fixes yet more DigiNotar certificate fallout
Firefox 6.0.2 has just come out, blocking even more browser certificates than Firefox 6.0.1, in yet more fallout from the mess caused by disgraced Dutch web security company DigiNotar.
SSCC 62 - Sony, Apple malware and cloud security
Chester Wisniewski and Paul Ducklin discuss this week's news including the latest attacks against Sony, Apple's new malware problem and cloud security.
Epsilon email address megaleak hands customers' customers to spammers
US direct marketing company Epsilon has been forced to admit to an email address leakage, apparently on an impressive scale.
Watch out for the scams and spams that may follow as a result.
Black Hat 2010 – Malware? SCADA? Privacy? Cloud?
Thousands of international security experts are congregating in Nevada, USA, for the Black Hat 2010 conference. But why? What is the single biggest issue which the 2010 conference will address? Is it malware? SCADA? Privacy? Cloud? Hear from the experts Read more…
Evolution of spam: Explained
Spammers are taking advantage of all this cloud computing nonsense to get past our best defenses. I presented at Infosec Europe on how Russian affiliate networks (Partnerka) have eased up on spamming via email and have migrated to the web, Read more…
![Have your say - LulzSec: helpful, harmless or hideous? [VOTE NOW]](http://sophosnews.files.wordpress.com/2013/05/lulzsec-poll-thumb.jpg?w=75&h=75&crop=1)
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
![Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]](http://sophosnews.files.wordpress.com/2013/02/zombie-thumb.jpg?w=75&h=75&crop=1)
