We'd like to urge any of you who are thinking of sending out "heartbleed" password reset emails: *please avoid those login links*.
Help us to help everyone get geared up to avoid phishing attacks.
Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store?
Chester and Duck dissect these issues with their usual style in this week's Chet Chat podcast...
Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?
Find out in 60 Second Security...
Here's a brief reminder of how cybercriminals use real security disasters to cause follow-up disasters of their own.
This time, it's a "followup phish" aimed at JP Morgan Chase customers...
Microsoft's Skype brand had its Twitter, Facebook and WordPress accounts hacked by a someone claiming to be the Syrian Electronic Army. The real question is, where was the two-factor?
Olajide Onikoyi was one of many criminals who tricked students via a phishing campaign. Victims received emails prompting them to visit a fake student loans website.
Specialist explosives officers in the UK removed what they suspected might have been a live hand grenade in a Tuesday morning raid on what detectives believe is an organized ring of cyber-criminals.
Dutch banks have agreed on a common framework of rules for their online banking customers, which they will require people to follow if they are to qualify for refunds of money stolen through phishing, carding or other forms of online fraud.
A threat that doesn't just attack, but asks you to put in a password first?
Sounds weird, but the trick worked for malware in the past, and is now being used in phishing
Fraser Howard of SophosLabs explains...
Occasionally we find an attempt at phishing that we grudgingly have to admit shows a resourceful sense of occasion.
Here's an example: an email supposedly from Microsoft to sort out the after-effects of recent failed updates...
Most of us use online banking. But are you making sure you're doing it as safely as possible? Check to make sure you're doing all of these 8 things!
Malware rarely gets into your network without some sort of tell-tale signs beforehand.
Learning to spot the metaphorical smoke that precedes the fire of a malware infection is a handy metaphor for keeping your network safe.
Here you are! Episode #116 of the Sophos Security Chet Chat.
News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular podcast.
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Naked Security reader Lisa Goodlin is a website designer and a WordPress user.
She was recently targeted by cybercrooks trying to phish her WordPress credentials, and though the phish ended up being comical rather than threatening, there were some useful lessons to be learned...
As cloud services become more pervasive criminals continue to try and convince corporate users to surrender their identities.
Google Docs is the latest target, so look out!