Chet and Duck explain what you can do about the big ticket security news items of the past week.
The epic "Heartbleed" bug in OpenSSL, the last patches ever for XP and Office 2003, and Apple's attitude to updates and support all come under the microscope.
How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?
Find out in 60 Second Security. the security news video that only takes a minute...
In all the excitement over the End of Windows XP and next Tuesday's Ultimate Update...
...we sort of forgot to write about Apple.
Here's the scoop on the lates OS X Safari browser update, patching 27 vulnerabilities.
Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store?
Chester and Duck dissect these issues with their usual style in this week's Chet Chat podcast...
Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?
Find out in 60 Second Security...
Here are the PWN2OWN results from Day Two, and an overview of the final payouts.
Chrome and Safari didn't get picked for Day One, but both of them were pwned on Day Two - twice for Chrome and once for Safari....
PWN2OWN Day One results are in!
The target that sounded easiest - Oracle Java, with prize money less than a third of the supposedly much tougher IE 11 - was the only one left standing at the end of the first half...
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
Apple just announced the first point update for its recently released OS X Mavericks.
Most of the fixes and enhancements are of the not-really-to-do-with-security sort, but the update includes a new version of Safari, with remote code execution patches.
Apple's OS X 10.9, better known as Mavericks, is officially out.
The burning question for OS X fans everywhere, of course, is, "Should I or shouldn't I?"
About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.
Officially, it's a point release of OS X Mountain Lion.
But with twice as many security fixes listed as regular bug fixes and improvements, Paul Ducklin is happy calling it a "security update" instead...
Which country came top of Facebook's new "Government Requests" report aimed at outing the countries that fish for Facebook user data the most? (I bet you're thinking it's the USA - but it isn't.)
Watch this week's 60 Second Security and find out!
We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.
Apple has published updates for all supported versions of OS X and for Safari version 6.
A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.
Camino, the first browser that was purposefully made for Apple's OS X, has officially reached the end of the road.
The developers cited the pain of security updates as a key reason to wind up the project.
Here's the latest episode in the popular "Chet Chat" series.
Join Chet and Duck as they discuss what we can learn from recent security news in this quarter-hour podcast.
Apple has pushed out a Safari update to go along with this week's "Java Tuesday" fix.
It's supposed to give you finer-grained control over Java in your browser.
Paul Ducklin puts it through its paces...
PWN2OWN 2013 finished off today.
A second scheduled attack on IE 10 didn't happen, so IE 10 didn't get owned again, but Flash and Reader fell once each, and Java was exploited for the fourth time in two days...
Only six weeks to go until PWN2OWN 2013, where you can hack the Big Four browsers and the Big Three plugins, and win over half a million dollars.
But is it just about the money?
Paul Ducklin investigates...