Microsoft

(get it in RSS or Atom)

The "Sandworm" malware - what you need to know

sandworm-250

Fortunately, the Sandworm malware is a lot easier to deal with than the giant science fiction creature from which it takes its name.

In fact, in malware terms, it's not a worm at all.

Paul Ducklin takes a look...

Patch Tuesday for October 2014 - bigger than usual as Microsoft, Adobe and Oracle align

Oracle, Adobe and Microsoft patches are all arriving together on Tuesday 14 October 2014.

Paul Ducklin looks at what to expect...

SSCC 164 - Spend Bitcoins using Apple Pay? *NOW* you've got me interested! [PODCAST]

chet-chat-logo-featured-250

Here's this week's Sophos Security Chet Chat for your listening pleasure.

Our weekly computer security podcast with the News You Can Use...

Patch Tuesday wrap-up, September 2014 - why even a single-bit data leak is worth fixing

patch-tuesday-denim-250

Here's what you need to know about the September 2014 Patch Tuesday updates from Microsoft and Adobe...

"You're under arrest for possession of an insecure phone" - 60 Sec Security [VIDEO]

60ss-video-250

Here's this week's 60 Second Security video.

News you can use in a format you can enjoy...all in 60 seconds!

Microsoft pulls Patch Tuesday kernel update - MS14-045 can cause Blue Screen of Death

bsod-8-250

MS14-045, which fixes various security holes in the Windows kernel, can cause a BSoD and leave you stuck in a reboot loop.

Here's how to escape...

SSCC 160 - That's not just any old malware - that's a TRUE VIRUS! [PODCAST]

chet-chat-logo-featured-250

Ready for listening...

Here's this week's Sophos Security Chet Chat podcast.

Patch Tuesday wrap-up, August 2014: RCE + ASLR bypass + EoP == patch early, patch all!

patch-tuesday-denim-250

Patch Tuesday is here again.

Paul Ducklin explains how this month's vulnerabilities can work together for harm, and why *all* the updates matter, not just the ones that ended up with a "critical" or "severe" tag...

Patch Tuesday wrap-up, July 2014 - Adobe fixes "Rosetta", plus a new risky file type on Windows...

patch-tuesday-denim-250

Patch Tuesday for July 2014 is just behind us in the case of Microsoft and Adobe, and just ahead of us in the case of Oracle.

Paul Ducklin tells you what you need to know...

Patch Tuesday for July 2014 - 6 bulletins, 2 RCEs, 3 EoPs and get ready to reboot

pt-2014-07-250

Here's what to expect from Microsoft in the July 2014 edition of Patch Tuesday, scheduled to ship on Tuesday 08 July 2014...

Is Apple slack at security on iOS? 60 Sec Security [VIDEO]

60ss-video-250

What went wrong with PayPal's 2FA? Why did Microsoft do an email U-turn? Is Apple slack at security on iOS?

It'll only take a minute to find out...

Microsoft takes down No-IP DNS domains in cybercrime fight - right or wrong? [POLL]

noip-250

Vote in our poll!

Was Microsoft's takeover of 23 of another company's domain names a justifiable step in dealing with cybercrime, or a disruptive step too far?

Microsoft stops Patch Tuesday emails, blames Canada, then does U-turn

Email ban. Image courtesy of Shutterstock

The decree mentions "changing governmental policies concerning the issuance of automated electronic messaging" - a head-scratcher that Microsoft spokespeople subsequently clarified by pointing to a new Canadian anti-spam law that takes effect today.

Google and Microsoft want to kill your phone if it's stolen. Do you feel safer?

Kill switch

The law enforcement group Secure Our Smartphones is claiming victory after Google and Microsoft announced they will add a "kill switch" to their mobile operating systems.

59 vulns in IE, teenager versus Turing, and Twitter gets wormed - 60 Sec Security [VIDEO]

60ss-video-250

Is 59 vulns in IE some kind of record? Did a computer really pass the Turing Test? Can a network worm ever be a joke?

Find out in one minute!

Patch Tuesday wrap-up, June 2014 - both Adobe and Microsoft close "remotable" holes

istock_patchtuesday250

Microsoft fixed 59 vulnerabilities in Internet Explorer alone this month.

Is that worryingly bad, or pleasingly good?

Paul Ducklin investigates what actually came down the chute in the June 2014 Patch Tuesday...

Patch Tuesday for June 2014 - 7 bulletins, 3 RCEs, 2 critical, and 1 funky sort of hole

pt-june-2104-250

You'll be patching and rebooting everything this month.

Paul Ducklin gives you a brief overview to help you prepare.

He also explains some vulnerability terminology you might not have heard before...

As one security hole closes, another one opens! 60 Sec Security [VIDEO]

How many years was that security hole in Linux ? How many security patches for XP? How many lock screen holes in iOS? How much do Google specs cost?

Find out in this week's 60 Second Security video...

SSCC 147 - Why Snapchat will have to tell you the truth about security now [PODCAST]

sscc-147-250

As usual, Chester Wisniewski and Paul Ducklin turn their insightful and entertaining gaze on the security lessons we can learn from the past few days.

Give it a listen - it's our weekly quarter-hour security podcast...