Security

(get it in RSS or Atom)

Apple updates Safari, gives better control over Java applets

by Paul Ducklin on April 18, 2013 | 1 Comment

Apple has pushed out a Safari update to go along with this week's "Java Tuesday" fix.

It's supposed to give you finer-grained control over Java in your browser.

Paul Ducklin puts it through its paces...

Microsoft looks like being next with two-factor authentication

by Paul Ducklin on April 11, 2013 | 19 Comments

We've written recently about Apple and Automattic starting to offer two-factor authentication (2FA) for online accounts.

Word on the street says that Microsoft will soon be doing the two-step, too...

SSCC 106 - US DoD and BYOD, "scanner" malware, 2FA, and browser wars revisited [PODCAST]

by Paul Ducklin on April 9, 2013 | 1 Comment

For your listening pleasure, here's the latest episode in our popular "Chet Chat" series.

Senior Security Advisor Chester Wisniewski discusses the latest security news with regular guest Paul Ducklin in an entertaining and easily-digested quarter-hour podcast.

WordPress.com boosts security for bloggers with two-factor authentication

by Paul Ducklin on April 6, 2013 | 9 Comments

With WordPress.com powering more than 60 million websites worldwide, anything to improve the safety and security of its users is to be welcomed.

Paul Ducklin tries out the new WordPress 2FA service on his Naked Security account...

Google announces brand new web browser core, so does Mozilla

by Paul Ducklin on April 4, 2013 | 5 Comments

When you wait ages for a bus, and then three come along at once, it's not a coincidence: it's a side-effect of queuing and traffic lights.

But what about when three browser vendors make announcements on the same day?

Top 10 tips to keep your kids and teens safe online

by Anna Brading on February 5, 2013 | 7 Comments

Today is Safer Internet Day. And with 86% of 7-11 year olds and 96% of 11-19 year olds communicating online it's important everyone knows how to stay safe. So here are some tips for you to pass on to youngsters to make sure they're clued up about their online safety.

Book review: Practical Malware Analysis

by Paul Baccas on September 14, 2012 | 3 Comments

Earlier this year, no starch press, sent SophosLabs an unrequested copy of the book Practical Malware Analysis: The hands-On Guide to Dissecting Malicious Software with a letter saying "If you do enjoy the book, I hope that you will consider Read more…

Facebook slapped by FTC for failing to meet security promises

by Carole Theriault on August 13, 2012 | 6 Comments

The US Federal Trade Commission has agreed its settlement with Facebook. What do you think the penalties are?

How to explain phishing to your Grandma [VIDEO]

by Paul Ducklin on August 2, 2012 | 3 Comments

Have you ever had to explain phishing to your Grandma? Are you tech support for friends and family?

If so, then the Sophos Threatsaurus is just what you need. The 2012 edition is hot off the press - get it for free today!

Which browser is safest? The browser wars are back and this time you win

by Chester Wisniewski on July 16, 2012 | 56 Comments

The upcoming releases of Internet Explorer 10, Firefox 14 and Chrome 21 are all fighting for our attention and using security as the reason why.

Ford KeyFree Login - should your smartphone automatically unlock all your passwords?

by Paul Ducklin on June 22, 2012 | 8 Comments

Weird science: Ford reduces friction, improves performance, keeps you socially active!

Where would you go looking for a keyfree login system to get you online to your social networking accounts faster than ever? Ford Motor Corporation, of course.

But do apps of this sort really improve security?

Practical IT: how to manage cost-effective penetration testing

by Ross McKerchar on May 9, 2012 | 3 Comments

Penetration testing is a valuable but tool but can quickly get expensive. Focusing on testing the right things in the right manner is key to getting the best bang for your buck.

FLAMING RETORT: All this new Mac malware - whose fault is it?

by Paul Ducklin on April 17, 2012 | 37 Comments

Flaming Retort is back, this time trying to Coole and Explayne the flames we've had from some Mac users in the past few days.

In a back-to-front way of making Mac fans feel better, I'll start by making everyone feel slightly worse, taking a small potshot at Windows, OS X and Linux fans alike.

"Anti-virus is no good" - discuss

by Paul Ducklin on April 2, 2012 | 14 Comments

Anti-virus - is the glass half-empty, or half-full?

Security professionals, analysts, journalists and people in the pub: there's a vocal minority in all those groups which likes to be heard to say, "Anti-virus isn't good enough for today's threats".

But is it true? Paul Ducklin has his say.

Practical IT: how to assess a third-party provider's security (part 1)

by Ross McKerchar on March 16, 2012 | 5 Comments

There are many security implication we as IT guys need to think about when we host applications externally. Here is a list of things to ask your provider to reduce the risk of a data or malware breach.

Sophos Techknow - Busting Password Myths

by Paul Ducklin on March 11, 2012 | 10 Comments

Unlike the Chet Chat, where we cover a range of recent news items without much depth, in the Techknow programme we pick one topic and consider it in more detail.

So if you're one of the regular Chet Chat listeners who's been asking for this sort of podcast: here you are!

Is Google Bouncer going to bounce all malware from the Android Market?

by Vanja Svajcer on February 3, 2012 | 4 Comments

Google has pleasantly surprised the mobile malware research community when it announced yesterday that Android apps are analysed for malicious behavior before being allowed onto the Android Market, but is it all good news? Vanja Svajcer, Sophos Principal Researcher, investigates.