The latest IE zero-day explained.
This is a great read if you want to get a feeling for how cybercrooks think.
(Don't worry if you aren't technical: we've kept the code and jargon to a minimum.)
Adobe's Patch Tuesday fixes are out.
This is business as usual, promised long in advance and expected toay, so there isn't anything in it related to the company's recent network intrusion woes. (We hope!)
Microsoft's Tenth Anniversary Patch Tuesday is out, and, yes, Redmond's security gurus did patch against the recent Internet Explorer zero-day that is being exploited in the wild!
There are seven other fixes as well - Paul Ducklin has the details.
A wild ride this week, with Patch Tuesday turning 10, Adobe "going open source" by losing 40GB of code, and Silk Road operator Dread Pirate Roberts getting locked in the brig.
Chet and Duck turn their amusing but insightful attention to the latest security stories...
This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.
Paul Ducklin takes you through what's in store...
Italian computer scientist Michele Spagnuolo recently wrote about what he considered a security issue in the popular iPhone and iPad email app "Mailbox."
Not everyone agreed with him...
Make sense of vulnerability jargon by listening to this 15 minute podcast...
With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.
Mega-popular blogging and content management system WordPress has just put out version 3.6.1.
This includes a patch for a remote code execution hole, so you are advised to update ASAP.
Naked Security reader Haemish Edgerton just gave us a very polite but effective scolding for neglecting to mention the Adobe fixes that came out on Tuesday.
Point taken, so here's a table of what Adobe updated, and how to see what versions you should now be on.
Here you are! Episode #116 of the Sophos Security Chet Chat.
News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular podcast.
Six months ago, we wrote about a risky bug in the sudo command, the Unix equivalent of Run As... on Windows.
The vulnerability is still unpatched on OS X, and now there's a Metasploit exploit pack to take advantage of the hole.
Q. Why not use a password manager that can generate hard-to-guess passwords for you, and secure them with one super-password?
A. But what if the password manager gets breached?
It's that time of the month again, with Microsoft Patch Tuesday just 24 hours away.
Paul Ducklin presents this month's eight bulletins in seven handy bullet points...
Researchers at SophosLabs have come across samples of Android malware exploiting the so-called "Master Key" vulnerability.
Paul Ducklin investigates and explains...
Note to Firefox fans: 23.0 is out.
Paul Ducklin, a Firefox fan himself, looks at the many new fixes, one handy new security feature and a nagging frustration in the update...
Mobile security researcher Karsten Nohl says he'll explain at the BlackHat conference how he can remotely "own" mobile phones with a single text message.
Paul Ducklin looks at what Nohl has said so far, and ponders how hard this might be to sort out...
The Apple Dev Centre data breach has taken an intriguing turn, with a self-styled security researcher calling himself Ibrahim Balic taking the credit. He's even made a video showing what he did.
But will he end up shouldering the blame? Tell us what you think...