Articles by Paul Ducklin

About Paul Ducklin

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog

"Something stolen, something new" - 60 Sec Security [VIDEO]

Here's the latest episode of our weekly 1-minute security video.

Fun with a serious side...enjoy!

Shop in the Sophos Store - and say thanks to your very own IT rock star!

In the past month, we've published a number of videos and pictures that just happen to show people wearing some very cool T-shirts.

We keep getting asked, "Where do I get one?" Here's how!

SSCC 205 - Update early, update often! [PODCAST]

chet-chat-logo-fb-842

Join Sophos experts John Shier and Paul Ducklin for the latest episode of our weekly security podcast, the Chet Chat.

News you can use...enjoy!

Apple lets rip with update spate: OS X, iOS, Safari, iTunes, QuickTime

Apple just opened the stopcocks and released a Hoover Dam's worth of security-related updates.

Yes, there are numerous new features and products in there too, but it's the security fixes that make a compelling reason to update.

Dodgy app company that mined Dogecoins behind your back receives FTC penalty

The app was called "Prized," but it was the app vendor that took the prizes by co-opting your phone into a cryptocurrency mining botnet.

Latest Flash hole already exploited to deliver ransomware - update now!

Are you still using Flash in your browser?

If so, make sure you've got the latest update from Adobe, even though it only came out last week.

Siri "9/11 conspiracy theory" joke is no laughing matter, say police

With 9/11 and 911 having the same sequence of digits, you don't have to waste police time by seeing what Siri does when you say "9/11."

Encrypt like everyone's watching! 60 Sec Security [VIDEO]

There's a Sophos T-shirt that warns you, "Dance like nobody's watching. Encrypt like everyone is."

We aren't kidding, folks, and this week's 60 Second Security tells you why!

Serious Security: Understanding the 'P' in 'VPN'

VPN stands for Virtual Private Network. But that doesn't necessarily mean "private" as in privacy.

Paul Ducklin helps you understand the various levels of 'P' in 'VPN.'

Samsung updates back in the news - for breaking Windows updates

Samsung logo

A 22-year-old Microsoft MVP has hit the media spotlight with a blog article about Samsung updates - and it's not good news for Samsung!

SSCC 204 - You want an extension to your extension for Windows XP? [PODCAST]

Here's the latest episode of our weekly security podcast, the award-winning Chet Chat.

Enjoy!

NOT OK, Google! Privacy advocates take on the Chromium team and win...

Privacy advocates were unsurprisingly unimpressed that Google's Chromium project silently downloaded a proprietary add-on...

...that listened to your microphone.

Facebook aiming for faceless facial recognition

face-print-1200

Worried that Facebook can't get your friends right in your selfies when their hair blows around?

There might just be an app for that...

Security hole in MacKeeper used to shove malware onto Macs

According to researchers at BAE, a recent Mac malware infestation was carried out using a security hole in a utility called MacKeeper.

Google Chrome "bad link" detection bypass - found, fixed

Here's a small and simple XSS detection hole in Google Chrome - a reminder that even determined programmers sometimes overlook the obvious.

"Belts and breaches" - 60 Sec Security [VIDEO]

60ss-video-1200

Here's the latest episode of our entertaining news-in-1-minute security roundup.

Enjoy!

SSCC 203 - What's the worst sort of service to have a password breach? [PODCAST]

Join Sophos security experts John Shier and Paul Ducklin as they dig into the latest security news in our regular "Chet Chat" podcast.

This week: LastPass, Facebook, Windows 10 (and not-quite-the-end of XP), Samsung, and the Android ecosystem.

Apple OS X and iOS in the vulnerability spotlight - meet "CORED," also known as "XARA"

The security issue of the week has arrived in iOS and OS X, and it's attracted a funky name already.

The researchers called it XARA, but others had different ideas, and dubbed it "CORED."

As in "Apple CORED."

Samsung keyboard app could let a crook crack your phone

A presenter at BlackHat London has some bad news for you: the keyboard app built in to your Samsung phone may leave you open to attack.

Paul Ducklin explains and offers some advice...

Facebook introduces "Moments" - supposedly a safer way to share photos

Unlike Facebook's "Photo Sync" feature, Moments is a separate photo app that doesn't upload anything until you tell it to.

Paul Ducklin wonders how much safer you'll be from over-sharing your pics...