Chester ducks out of booth duties at the RSA 2014 conference in San Francisco to bring you this week's Chet Chat.
From Apple's SSL bug to Adobe's second-in-a-month emergency Flash update, Chet and Duck once again help you to learn from others' mistakes.
Another Flash emergency already? More SEA hacking? Why have the password "changeme" if you don't? How big a fine for a 20,000,000 record breach?
It'll only take you a minute to find out!
Adobe has just updated its Flash product for the second time this month, pushing out an emergency patch for an attack that has been seen in the wild.
Here's a quick run-down of what you'll face in the February 2014 Patch Tuesday update from Microsoft, which comes out tomorrow.
Where do you find Extreme Spammers? Can you find the exploit unicorn? And how did Target get breached?
Find out in 60 Sec Security for 08 Feb 2014...
Paul Ducklin looks into a malware writer's poisoned-image trick that tells an interesting (and, though it hurts to say it, an amusing) story of subterfuge and guile...
Even though yesterday wasn't a Patch Tuesday, we ended up with two major browser-related updates: an unscheduled Adobe Flash patch, and an expected one: the update from Firefox 26 to Firefox 27.
Paul Ducklin takes a quick look...
Adobe has released an emergency update to its ubiquitous Flash Player software. The flaw is being exploited by attackers so you should update as soon as possible.
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
In January 2014, Patch Tuesday coincides for Oracle, Adobe and Microsoft.
Here's what you'll be up against in the opening fixture of the 2014 Patching Season...
Botnets, short for "robot networks", are more than just malware: they're the money making machinery of modern cybercriminals.
Paul Ducklin and James Wyke help you to understand the What, How and Why of this troublesome topic...
Our weekly security podcast looks back at the big blunders of 2013 to find out what went wrong.
Let Chet and Duck help you plan for a safer and more secure 2014!
Apple just announced the first point update for its recently released OS X Mavericks.
Most of the fixes and enhancements are of the not-really-to-do-with-security sort, but the update includes a new version of Safari, with remote code execution patches.
How fast is fast enough for a patch? Should you trust the French Treasury? How many zeros launch a missile?
Watch 60 Sec Security and find out!
The updates for Microsoft's December 2013 Patch Tuesday are out.
Paul Ducklin takes a brief look at what's in, and what's not.
This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.
It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...
SophosLabs Principal Researcher Gabor Szappanos takes on a recent PlugX malware sample.
He finds a curious mixture of similarities and differences with earlier versions - and a brand new target group: users of the Japanese-language word processor Ichitaro...