vulnerability
Get ready! Oracle to fix 40 holes in Java on Tuesday, 18 June 2013
There's a Java update coming next Tuesday, 18 June 2013, and you might as well get ready for it now if you haven't already.
Oracle has fixed 40 holes, all but three of them remotely exploitable.
PRISM, UK Surveillance, Sweden vs. Google, Blackberry Z10 - 60 Sec Security [VIDEO]
Do you really need to worry about things like privacy and security?
Here's the latest in our 60 Second Security video series, bringing you fast, incisive and entertaining evidence that says, "Yes, you do!"
Monday review - the hot 18 stories of the week
Missed any stories in the past seven days?
Here's our weekly roundup, just in case...
Microsoft announces five Bulletins for Patch Tuesday, including Office for Mac
Patch Tuesday is coming on 11 June 2013.
Paul Ducklin gives you a quick preview of what we know so far, and who'll be affected by the updates...
(Mac users, that might include you.)
Botnet smackdown, Oracle on Java, Passwords you can eat - 60 Sec Security [VIDEO]
Here's our latest 60 Second Security video.
From botnet takedowns to authentication tokens you swallow...here's the latest security news in a easily digestible format!
Apple's OS X and Safari get biggish security fixes
Apple has published updates for all supported versions of OS X and for Safari version 6.
A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.
Apple fixes 41 iTunes security flaws, some more than a year old
Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible.
Mozilla pushes out new Firefox and Thunderbird: 8 security advisories, 3 critical fixes
Not to be outdone by Microsoft and Adobe's Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today.
There are no bated-breath patches for in-the-wild exploits, but 3 of the 8 security fixes are deemed "critical".
Microsoft rushes out CVE-2013-1347 "Fix it" for the latest Internet Explorer zero-day
The recent and widely reported US Dept of Labor website hack turned out to be a zero-day exploit against IE.
Good news! Microsoft just published an emergency "Fix it" patch against the vulnerability...
SSCC 108 - WW2 crypto, Bitcoin mining, internet cameras, password breaches [PODCAST]
Chester calls home from Interop in Las Vegas to record the latest episode of the Sophos Security Chet Chat.
Join Chester and guest Paul Ducklin in their regular quarter-hour podcast as they laugh about (and lament) the latest goings-on in the world of computer security.
Apple ships jolly uninteresting iOS 6.1.4 update
Apple just released iOS 6.1.4 for the iPhone 5.
Apparently, it improves speakerphone calls, but it doesn't fix the lock-screen bug in iOS 6.1.3...
US Department of Labor website hacked, serves malware, now fixed
A subdomain of the US Department of Labor's main website, running off a separate server - what's known colloquially as a microsite - was modified to serve up malware.
Paul Ducklin takes a quick look at the attack...
What WERE they thinking? Internet-enabled cameras under the security lens once again...
Vulnerability researchers at Core Security recently turned their attention on internet-enabled cameras, finding lots of holes.
And when security holes arise from features, not bugs, you really do feel like shouting aloud, "What WERE they thinking?"
Apple iMessage "censors" mention of Obama: international conspiracy...or software bug?
Try sending the message "I could be the next Obama" via the iMessage service from your iPhone or your iPad!
Paul Ducklin takes a look at a humorous bug that teaches us some serious lessons...
Mac malware found in malformed Word documents - is China to blame?
Minority groups in China appear to have been targeted by a Mac malware attack, delivered via boobytrapped Word documents.
Who could possibly be interested in targeting their computers?
The Redkit malware exploit gang has a message for security blogger Brian Krebs
Award-winning security blogger Brian Krebs is loved by everyone on the internet... apart from the criminals.
Find out what they're saying about him in their latest version of the Redkit exploit kit.
Yet another unpatched security hole found in Java
Just last week you were congratulating yourself for patching your computer against a Java security hole.
Now another zero-day unpatched vulnerability has been found in Oracle's widely used software.
Oracle and Apple ship critical Java updates - get yours today!
The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.
But this year, Oracle has adapted that schedule a number of times, and this is one of them...
Monday review - the hot 21 stories of the week
In case you missed anything, here's everything we wrote in the past seven days.
When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO]
Malware researcher Paul Baccas reveals how an Excel spreadsheet using the password "VelvetSweatshop" could be designed to put your computer at risk.
