(get it in RSS or Atom)

LinkedIn unhacked, Microsoft bounties, Java in your browser - 60 Sec Security [VIDEO]


It's that time again - time for this week's 60 Second Security, our fun-but serious "security news with a conscience" video series.

Give it a'll only take a minute.

Oracle and Apple update Java - zapping browser Java would already have blocked 92.5% of the risk


As promised last week, Oracle shipped a Critical Patch Update for Java on Tuesday 18 June 2013.

Apple, which offers its own builds of Java, updated at the same time.

Paul Ducklin takes a look...

Monday review - the hot 16 stories of the week

Monday review

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Get ready! Oracle to fix 40 holes in Java on Tuesday, 18 June 2013

There's a Java update coming next Tuesday, 18 June 2013, and you might as well get ready for it now if you haven't already.

Oracle has fixed 40 holes, all but three of them remotely exploitable.

Not good enough, Oracle - promises to secure Java are too little, too late


In a big fat blog post, Oracle has promised to work harder to make Java more secure. But given the flood of high-profile, heavily-exploited vulnerabilities that have bobbed to the surface, can Oracle save this piece of software from drowning in bad vibes?

Android malware in pictures - a blow-by-blow account of mobile scareware

Fake anti-virus is mostly for Windows, with OS X a long way back in second place. But other operating systems aren't exempt from the depredations of cybercriminals.

Paul Ducklin shows you round some recently-discovered Android scareware...

Monday review - the hot 20 stories of the week

Monday review

Catch up with all the security news from the last seven days - it's weekly roundup time.

Yet another unpatched security hole found in Java

Yet another unpatched security hole found in Java

Just last week you were congratulating yourself for patching your computer against a Java security hole.

Now another zero-day unpatched vulnerability has been found in Oracle's widely used software.

SSCC 107 - Hostgator, Safari, Java, pwning planes with Android, and Facebook Home [PODCAST]


Here's the latest episode in the popular "Chet Chat" series.

Join Chet and Duck as they discuss what we can learn from recent security news in this quarter-hour podcast.

Oracle and Apple ship critical Java updates - get yours today!


The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.

But this year, Oracle has adapted that schedule a number of times, and this is one of them...

PWN2OWN results Day Two - Adobe Reader and Flash owned, Java felled yet again

PWN2OWN 2013 finished off today.

A second scheduled attack on IE 10 didn't happen, so IE 10 didn't get owned again, but Flash and Reader fell once each, and Java was exploited for the fourth time in two days...

PWN2OWN results Day One - Java, Chrome, IE 10 and Firefox owned

Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers at PWN2OWN 2013.

Java fell three times today; Adobe's Flash and Reader meet their attackers tomorrow...

Oracle ships out-of-band Java fix, Apple follows suit

Oracle recently published an emergency update for Java, and Apple quickly followed suit for the version of Java it still officially supports.

Paul Ducklin tries to guess where Oracle's Java patch cycle will end up...

Monday review - the hot 22 stories of the week


In case you missed anything, here's everything we wrote in the past seven days.

Researchers claim to have found more zero-day vulnerabilities in Java

Researchers claim to have found more zero-day vulnerabilities in Java

A security research team that has alerted Oracle to a series of security flaws in Java in the past, says that it has uncovered new zero-day vulnerabilities in the software.

Monday review - the hot 22 stories of the week


Catch up with anything you might have missed last week – it’s weekly roundup time.

Microsoft admits it was also hit by hackers, malware infects their Mac business unit

Microsoft. Image from Shutterstock

Microsoft joins Facebook and Apple in the list of big companies who have suffered at the hands of malware-bearing hackers.

Apple patches the Java hole its own developers fell into - eventually


Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us.

Apple, with this most recent update, seems to have washed its hands permanently of browser-based Java. Paul Ducklin explains...

Apple's own Macs bitten by Java-based malware attack


Apple released a statement today acknowledging that they were victims of the same attackers that Facebook talked about last week. A zero-day Java vulnerability infected Apple Mac developers through a drive-by attack.

Monday review - the hot 21 stories of the week

Monday review - the hot 24 stories of the week

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.