Articles by Paul Ducklin

About Paul Ducklin

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog

The malicious side of online ads - how unpatched servers hurt us all

SophosLabs looked behind a malvertising campaign from September 2015, and found servers that hadn't been patched for two years or more.

Your identity is secured by TWO Caesar ciphers! [Chet Chat Podcast 217]


Listen to the latest episode of our computer security podcast - from cyberd├ętente to cyberknitting...

Google issues Android patches for Stagefright 2 (for some users)


First there was Stagefright, then more Android bugs of the same sort... us Stagefright 2 and another round of patches.

15M users breached? Nah, just an "isolated incident." 60 Second Security

Watch this week's 60 Second Security video and catch up on the latest intriguing security stories...

Live from the Virus Bulletin conference 2015 [Chet Chat Podcast 216.5]

Find out what the world's threat protection experts talk about when you cloister them in a Prague hotel for three days!

5 good-news stories to kick off Cyber Security Awareness Month

Happy people. Image courtesy of Shutterstock.

It's the 5th anniversary of the Stop-Think-Connect campaign. We kick things off by taking a positive look at our attitudes to security...

Window 7 updates have NOT been hacked after all!

Did you see a worryingly weird Windows 7 update notification? "

Just testing," apparently.

Selfies, sharks...and yet another lock screen bug [Chet Chat Podcast 216]

Just when you thought it was safe to go back in the water...

Enjoy the latest episode of our weekly podcast!

Why Word "macro malware" is back, and what you can do about it...

Cybercrooks have been getting back into VBA malware, or "macro viruses," as they used to be called.

We explain why, and give you 2 tips on what to do.

Not Apple's best week ever! 60 Second Security

Watch the latest episode of our weekly 1-minute security news video...

Find out why this wasn't such a great week for Apple.

Malware in the App Store? You CANNOT be SERIOUS! [Chet Chat Podcast 215]

Take a listen to the latest Chet Chat podcast, our fun-but-informative weekly commentary on the latest computer security issues.

Apple's App Store hit by the XCodeGhost of malware present

Until this week, the App Store was to malware what Earth was to the Hitchhiker's Guide: "Mostly Harmless."

Not any more...

Guess what? Facebook "Dislike" scams are back...

Facebook mentions "Dislike"...and back come the Dislike scams!

Don't get caught, and don't let your friends fall for it, either.

Would you like to buy a Replay? 60 Second Security

Catch our latest weekly video - it only takes a minute!

"Stagefright - are we in the clear now?" [Chet Chat Podcast 214]

Listen to Sophos experts Chester Wisniewski and Paul Ducklin in the latest episode of our weekly security podcast...

Apple watchOS 2 on hold (but iOS 9 on fire!)

Apple's mobile update week has gone both ways...

Apple iOS 9 is out - with a LOT of security holes patched

As usual, we recommend updating as soon as you can, for the fixes much more than the features.

Remember those Facebook "Dislike Button" scams? This time it's real...

Zuck didn't say, but he did hint that maybe, just maybe, that long-awaited Dislike button is on the way...

Kim Dotcom of Megaupload will finally face the music over extradition

The big fella from New Zealand has failed to delay his extradition hearing for the umpteenth time.

He'll face the music next week...

Who gives the best advice about password security?

Britain's GCHQ has just produced a great document about password security.

We like it, and we think you should read it...