flash

(get it in RSS or Atom)

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

PWN2OWN Day Two - Chrome and Safari join the losers

p2o-d2-250

Here are the PWN2OWN results from Day Two, and an overview of the final payouts.

Chrome and Safari didn't get picked for Day One, but both of them were pwned on Day Two - twice for Chrome and once for Safari....

PWN2OWN Day One - Reader, IE, Flash and Firefox felled, Java left standing

p2o-250

PWN2OWN Day One results are in!

The target that sounded easiest - Oracle Java, with prize money less than a third of the supposedly much tougher IE 11 - was the only one left standing at the end of the first half...

Patch Tuesday wrap-up, March 2014 - critical from Microsoft, important from Adobe

tuesday-250

Five updates from Microsoft, with two of them critical, including an APB for Internet Explorer users.

One important from Adobe, making that three Flash fixes in just over a month.

Don't delay. Patch today!

Microsoft Patch Tuesday - 5 bulletins, 2 critical, 1 for Mac users!

Microsoft's Patch Tuesday for March 2014, the second-to-last scheduled patch that Windows XP users are ever going to see, will fix critical holes in all versions of Windows.

OK, not quite all: Server Core installations will receive updates, but not critical ones.

SSCC 136 - Apple's "goto fail", Neiman Marcus's logfiles, and Adobe's double update [PODCAST]

sscc136-thumb-250

Chester ducks out of booth duties at the RSA 2014 conference in San Francisco to bring you this week's Chet Chat.

From Apple's SSL bug to Adobe's second-in-a-month emergency Flash update, Chet and Duck once again help you to learn from others' mistakes.

Flash patched, Forbes hacked and Korea reacts - 60 Sec Security [VIDEO]

2014-02-22-changeme-250

Another Flash emergency already? More SEA hacking? Why have the password "changeme" if you don't? How big a fine for a 20,000,000 record breach?

It'll only take you a minute to find out!

Adobe pushes out critical Flash update - the second zero-day hole of the month

adobe-flash-patch-thumb

Adobe has just updated its Flash product for the second time this month, pushing out an emergency patch for an attack that has been seen in the wild.

SSCC 134 - Patching, foisting, hacking and obfuscating [PODCAST]

sscc-134-thumb-250

Here's our latest security podcast, featuring Sophos experts Chester Wisniewski and Paul Ducklin.

Join the dynamic duo as they turn the latest news into a quarter-hour podcast that is informative, entertaining and educational.

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Patch Tuesday - get ready for the January 2014 Security Trifecta!

pt-jan-2104-250

In January 2014, Patch Tuesday coincides for Oracle, Adobe and Microsoft.

Here's what you'll be up against in the opening fixture of the 2014 Patching Season...

The "BadBIOS" virus that jumps airgaps and takes over your firmware - what's the story?

chip-250

"BadBIOS" is an unfolding story about a virus that is claimed to have some remarkable characteristics - such as jumping airgaps, spreading using sound waves, and taking over your firmware.

How does it work? What do we know? Is it real or a hoax? Paul Ducklin takes a look...

Adobe has Patch Tuesdays, too - a reader reminds us!

adobe-reader-update-thingy-250

Naked Security reader Haemish Edgerton just gave us a very polite but effective scolding for neglecting to mention the Adobe fixes that came out on Tuesday.

Point taken, so here's a table of what Adobe updated, and how to see what versions you should now be on.

Monday review - the hot 15 stories of the week

Monday review

Missed anything last week? Catch up with everything we talked about with this handy weekly roundup.

SSCC 111 - PRISM and data leakage, encryption, Google contracts and Flash on phones [PODCAST]

Episode #111 of the Sophos Security Chet Chat podcast is here.

Chet and Duck are back, wrangling the latest security stories into an entertaining and informative quarter-hour of useful news.

PRISM, UK Surveillance, Sweden vs. Google, Blackberry Z10 - 60 Sec Security [VIDEO]

Do you really need to worry about things like privacy and security?

Here's the latest in our 60 Second Security video series, bringing you fast, incisive and entertaining evidence that says, "Yes, you do!"

Microsoft fixes 9 flaws, Adobe 3 in April's Tuesday update

Patch Tuesday

As expected Microsoft released seven important and two critical fixes for Windows, Internet Explorer and other Microsoft products. Adobe followed suite releasing fixes for ColdFusion, Flash and Shockwave. Patch now!

PWN2OWN results Day Two - Adobe Reader and Flash owned, Java felled yet again

PWN2OWN 2013 finished off today.

A second scheduled attack on IE 10 didn't happen, so IE 10 didn't get owned again, but Flash and Reader fell once each, and Java was exploited for the fourth time in two days...

Apple bans outdated Adobe Flash plugins from Safari

apple-and-flash-250

Last week, Apple showed that it is getting more serious about security by getting strict about the version of Flash you're allowed to use in Safari.

Paul Ducklin explains the what and the why...

SSCC 103 - Mandiant report, iOS coders owned, Twitter accounts hacked, and more...

chet-chat-feat

Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet?

Here's the latest Naked Security podcast, Sophos Security Chet Chat 103, discussing a range of recent and newsworthy topics from the world of computer security.