Exploit
Samsung Galaxy security vulnerability unlocks homescreen
If you're nimble enough, you can get past the Galaxy Note 2's lock screen. And PIN. And password. And face unlock.
Curiosity Rover suffers IT glitch - this time it really might be "cosmic rays"!
The Mars Science Laboratory project reported late last week that the Curiosity Rover was switched over to its backup computer system, following what sounds like a problem of memory corruption.
Paul Ducklin turns his gaze spacewards...
NBC website hacked and distributes malware - here's what happened
The latest high-profile organisation to fall victim to cybercriminals is the US television network NBC.
NBC's website was "owned" and used as a go-between in a campaign to infect online visitors automatically.
That was quick! Adobe's emergency patch for Reader and Acrobat is here...
Adobe has released the emergency update for Reader and Acrobat that it promised late last week.
You may as well take advantage of Adobe's new-found velocity and get busy patching!
Apple patches the Java hole its own developers fell into - eventually
Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us.
Apple, with this most recent update, seems to have washed its hands permanently of browser-based Java. Paul Ducklin explains...
Monday review - the hot 21 stories of the week
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Facebook owns up - admits network breached, blames "Java in the browser"
In The Social Network, the movie version of Zuckerberg could shout, "WE NEVER CRASH!"
I bet the real-life Zuckerberg wishes he could say, "We never get hacked..."
No patch yet for Adobe PDF exploits - Adobe suggests a workaround; Mac and Linux users need not apply
Adobe issues advice on how to mitigate the latest exploits against its PDF Reader software.
For Windows users, anyway. Mac and Linux fans are still out in the cold.
Anatomy of a targeted attack - SophosLabs explores an Adobe zero-day "malware experiment"
SophosLabs was contacted recently to help investigate malware from an unusual sort of targeted attack.
What our researchers found was intriguing, to say the least, so we thought we'd share our discoveries with you...
Oracle on Java - we *will* have Patch Tuesday on 19 Feb 2013 after all
Oracle brought forward its February Patch Tuesday to provide an accelerated fix for some in-the-wild exploits.
But that meant leaving other less vital stuff out, so the pre-empted Patch Tuesday will happen after all, on 19 Feb 2013. Be there!
VMWare security hole - it sounds like you need the patch, even if it's not clear why
VMWare just announced a patch for a security hole in its virtual machine software.
It sounds as though guests might be able to tweak their hosts without authorisation, or vice versa, so you probably want to patch now and ask your questions later.
Anatomy of a vulnerability - cURL web download toolkit holed by authentication bug
You may not have heard of cURL, but you've probably used software that uses it.
Recent versions contain a buffer overflow bug that could lead to remote code execution on your computer.
Paul Ducklin investigates, explains and advises...
Adobe patches Flash - heads off in-the-wild attacks against Windows and Apple users
It's not Tuesday...
Nevertheless, Adobe's Flash Player has been upgraded to patch against two in-the-wild exploits against Windows and Apple users.
Memories of the Slammer worm - ten years later
Ten years ago to the day, we published an FAQ about a computer worm called Slammer.
It was aptly named. If you were in IT back in 2003, I'm sure you remember it well...
Monday review - the hot 31 stories of the week
Here you go.
All the stories we wrote in the past seven days, in case you missed anything (or just want to read them again).
War of words continues over Cisco Linksys router access exploit
Stories of a vulnerability in Cisco Linksys consumer routers have been circulating in the past week.
The stories have now turned into a low-key war of words.
Microsoft to release an emergency security patch for Internet Explorer zero day flaw
Microsoft will be releasing an out-of-band patch for the recently-disclosed zero-day hole in Internet Explorer.
Find out if you need the patch, and start getting ready now. This one really is critical.
Oracle releases patch for latest Java hole - update now!
Oracle has been on the ball and has already come out with a patch for the latest Java security hole.
Java 7 Update 11 fixes both CVE-2013-0422 and a second vulnerability. Find out more...
Vulnerability reported in Foxit PDF plugin for Firefox - how to mitigate it
Italian security researcher Andrea Micalizzi has recently reported a vulnerability in the latest Foxit PDF plugin for Firefox.
Paul Ducklin examines the situation and gives a simple workaround.
Patch Tuesday - even Android and Windows RT get a look in
This month's Patch Tuesday includes bulletins from both Microsoft and Adobe, and covers a range of platforms and products.
There are updates in the mix for everything from Android to Windows RT, and from the Word Viewer to Exchange.
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
