Articles by Paul Ducklin

About Paul Ducklin

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog

Windows 10 patches - will you get them no matter what?

What does the wording about updates being "available automatically" in the Windows 10 Specifications really mean?

Authentication is all around us! 60 Sec Security [VIDEO]

Here's our latest "60 Second Security" video - catch the week's security news in just 1 minute.

SSCC 202 - They hacked the US Army? Are you SURE? [PODCAST]

Join Sophos security experts Chester Wisniewski and Paul Ducklin for this week's security podcast.

Apple, Microsoft, patching, hacking the army (sort of), and 49 arrests in a Europol action against bank fraudsters!

IRS announces 2016 anti-fraud arrangements - but do they go far enough? [POLL]

As a result of the IRS breach announced in May 2015, changes are afoot in how US tax returns will be authenticated in 2016.

Are they enough? Have your say in our poll...

Watch out for Acai Berry scams on Facebook

Imagine a friend sends you a link, and you end up on a scammy diet site...

Could that cause any harm? What should you do?

Microsoft update: new Ts, new Cs and, for some of us, fáilte go hÉireann

We just received an important email from Microsoft.

If you're a user of any of Microsoft's cloud services, you probably received one, too.

You'll never need to say "I'm on a train" again - 60 Sec Security [VIDEO]

Here's our latest "60 Second Security" security news roundup video - fun with a serious side.

Infosec 2015: "What concerns you the most in computer security?"

We took to the exhibition floor at Infosec 2015 to ask 10 visitors: "What concerns you the most in computer security?"

We got 11 answers...and here they are.

We won twice at the 2015 European Blogger Awards!

cup-1200

To everyone who voted for us in this year's European Security Blogger Awards, thank you so much.

We were nominated in two categories, and we won in both of them.

SSCC 201 - The Infosec edition [PODCAST]

This week, we're at Infosec in the impressive Olympia Grand in London, England, so this episode was recorded right at the exhibition...

Why you shouldn't worry about privacy and security on your phone

We're offering a free Phone Privacy Check on the Sophos stand at Infosec Europe...

...because we think you should be informed about privacy and security, not worried!

SSCC 200 - If you can't trust the IRS, whom can you trust? [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin as they dissect the latest security news in our weekly podcast.

It's entertaining and educational - news you can use!

Get into Infosec Europe 2015 for free, hear great talks!

infosec-640

Get a free pass to Infosec Europe (2/3/4 June 2015) and stop by at our stand to say hello.

Attend our free talks...no paid actors, no sales pitches and no canned product demos: we're giving educational presentations that we hope will both entertain and educate.

You STILL support encryption designed to be crackable in 1995? 60 Sec Security [VIDEO]

Watch this week's "60 Second Security" - the one-minute news roundup video with attitude!

Anatomy of a LOGJAM - another TLS vulnerability, and what to do about it

We've had BEAST, Lucky Thirteen, BREACH, BEAST, POODLE, Heartbleed and FREAK...now, it's LOGJAM.

Paul Ducklin explains, and tells you what you can do about it.

SSCC 199 - Don't panic, it's not really as VENOMous as you thought [PODCAST]

Our latest weekly security podcast - the VENOM bug, iris recognition, a spyware company breach, and ID trouble at the Passport Agency.

Happy listening!

"Los Pollos Hermanos" ransomware - what will they think of next?

The latest visual meme in ransomware comes from a cult TV show...about ficticious crooks.

Paul Ducklin walks you through "PolloCrypt," more correctly known as Troj/LPoLock-A...

Please vote for Naked Security in the European Security Blogger Awards!

infosec-640

We've been nominated, Dear Readers, in two categories in the European Security Blogger Awards.

Anyone can vote...and we'd love you to vote for us: Naked Security for "Best Blog" and the Chet Chat for "Best European Podcast."

Former virus writer open-sources his DIY combination lock-picking robot

lock-1200

Back in 2005, a youngster called Samy Kamkar wrote a JavaScript virus for MySpace.

This time, he's made a DIY lock-picking robot - and you can make one too, if you like.

The phone that keeps an eye on your eyes - 60 Sec Security [VIDEO]

The latest episode of our weekly "security news in one minute" video.

Enjoy...