(get it in RSS or Atom)

NIST to review standard for cryptographic development - do we really care?

NIST to review standard for cryptographic development - do we really care?

Whether you use it to protect personal data, protect customer data or secure your communications, cryptography is an integral part of our digital world, but the announcement late in 2013 that NIST is reviewing its standards for cryptography seems to have gone largely unnoticed.

WhatsApp and privacy - will Facebook make things better, worse, or both?


WhatsApp, the super-popular SMS replacement acquired by Facebook for $19 billion, continues to wrestle with a thorny problem.

How can it tame the public's attitude to its own attitude to privacy?

SSCC 127 - Target, Microsoft, Apple, Gmail...and some amazing acoustics [PODCAST]


Chet and Duck help you to learn from recent security news, both good and bad.

In this episode: the massive Target breach; Microsoft's and Apple's attitude to updates; and how to respond to Google's recent changes to image rendering for Gmail users.

CarderPlanet bust, Target credit card breach, online safety for kids - 60 Sec Security [VIDEO]


What prison sentence for the man who pioneered online carding? How many credit cards did Target lose? Does your encryption software "speak" to passers-by? How to keep your kids safe online over the holidays?

Find out in 60 seconds!

SSCC 126 - Zero-day, Bitcoins, passwords and randomness [PODCAST]

Turn bad news into good with "what you can do better" advice from Chet and Duck.

Learn from: an XP zero-day, a spate of Bitcoin "bank robberies," the outcome of a European user security survey, and yet another cryptographic blunder, this time from Drupal.

Facebook locks users in a closet for using same passwords/emails on Adobe

Facebook locks users in a closet for using same passwords/emails on Adobe

Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.

Anatomy of a password disaster - Adobe's giant-sized cryptographic blunder


Learn how cryptanalysts think, and why cryptographers feel such terrible dismay when companies that really ought to know better make mammoth mistakes.

Paul Ducklin deconstructs the data leaked in Adobe's latest megabreach...

Facebook privacy, Google ads, D-Link security, CryptoLocker ransom - 60 Sec Security [VIDEO]


What leaves your computer standing but your data in ruins? Should Facebook teenagers be able to message the world? How can you stop Google using your photo in ads?

Find out in this week's Sophos 60 Second Security!

Anatomy of a dropped call - how to jam a city with 11 customised mobile phones


German researchers have shown how commodity mobile phones can be turned into call jammers.

Worse still, their attacks could be adapted for eavesdropping and even interception, where a crook receives your calls or SMSes instead of you.

Data Breach Week, SIMs cracked, carders busted - 60 Sec Security [VIDEO]


How safe is the SIM in your mobile phone? Could it be remotely infected with malware?

Possibly - watch this week's 60 Second Security video and find out more!

Android security fail, Cryptocat tartan, Nintendo crack - 60 Sec Security [VIDEO]


Are cryptographic holes the new buffer overflows?

Take a look at this week's 60 Second Security video and let us know what you think!

Cryptocat 'encrypted' group chats may have been crackable for 7 months

The Cryptocat project is apologizing and urging users to update immediately.

Founder and developer Nadim Kobeissi took to a live stream to address questions from a show in Germany.

Lias Vaas investigates...

Monday review - the hot 24 stories of the week

Monday review

In case you missed any recent stories, here's everything we wrote in the last seven days.

Get ready for the next #sophospuzzle - coming soon to a T-shirt near you

It's almost time for the annual AusCERT conference in Queensland, Australia.

And for everyone who's asked, the answer is, "Yes! There's a #sophospuzzle!"

No, you don't have to be there to join in...

Snapchat images that have "disappeared forever" stay right on your phone...


Snapchat claims to let you share even "ugly selfies" because once they're viewed they "disappear forever."

US-based computer forensics geek Richard Hickman thought he'd find out how true that claim was...

SSCC 108 - WW2 crypto, Bitcoin mining, internet cameras, password breaches [PODCAST]


Chester calls home from Interop in Las Vegas to record the latest episode of the Sophos Security Chet Chat.

Join Chester and guest Paul Ducklin in their regular quarter-hour podcast as they laugh about (and lament) the latest goings-on in the world of computer security.

Monday review - the hot 20 stories of the week

Monday review

Get up to date with everything we wrote in the past seven days - it's weekly roundup time.

British cryptographic hacking from WW2 - how well would *you* have done?

If you were taken prisoner and wanted to send messages home under your captors' noses, what would you do?

Find out how a Royal Navy officer did just that during WW2, and have a go yourself at hiding a secret message in an innocent-sounding letter home!

Beware of encryption companies bearing gifts!


An iPhone messaging app that claims to be "totally secure" is offering a £10,000 prize to anyone who can intercept a message from it.

Paul Ducklin wonders how you are supposed to win the prize if the app really is "totally secure"...

Monday review - the hot 22 stories of the week


In case you missed anything, here's everything we wrote in the past seven days.