Cryptography

(get it in RSS or Atom)

You STILL support encryption designed to be crackable in 1995? 60 Sec Security [VIDEO]

Watch this week's "60 Second Security" - the one-minute news roundup video with attitude!

Anatomy of a LOGJAM - another TLS vulnerability, and what to do about it

We've had BEAST, Lucky Thirteen, BREACH, BEAST, POODLE, Heartbleed and FREAK...now, it's LOGJAM.

Paul Ducklin explains, and tells you what you can do about it.

Practical IT: What is encryption and how can I use it to protect my corporate data?

encryption-1200

Businesses often don't realise why encryption is important, and how they can use it to protect their data. The latest in our Practical IT series tells you what encryption is and how you can use it in your business.

Apple, Google and others urge Obama to say no to backdoors

Tech firms and cryptographers lobby the Obama administration, urging resistance to the implementation of backdoors in popular software.

"Los Pollos Hermanos" ransomware - what will they think of next?

The latest visual meme in ransomware comes from a cult TV show...about ficticious crooks.

Paul Ducklin walks you through "PolloCrypt," more correctly known as Troj/LPoLock-A...

Former virus writer open-sources his DIY combination lock-picking robot

lock-1200

Back in 2005, a youngster called Samy Kamkar wrote a JavaScript virus for MySpace.

This time, he's made a DIY lock-picking robot - and you can make one too, if you like.

United Airlines: Hack our site for free miles (just don't mess with onboard systems)

united-airlines-skyline-1200

United Airlines is offering up to 1 million free air miles in a new bug bounty program that rewards hackers who discover security flaws in the airline's websites, apps and databases.

Ransomware attack led animal porn collector to confess to police

ransomware-1200

A UK man has been given a non-custodial sentence this week, after a ransomware infection on his computer led him to report himself to police. The man's computer held several hundred animal porn images, described in court as "extreme" and "revolting".

Pizza Hut steganography - hostage embeds hidden message in pizza order

pizza-1200

How do you call 911 while doing nothing more suspicious than placing your regular pizza order?

Bugs in the hospital: how to pwn your own pethidine machine

Feeling short-changed by the nurse in charge of your painkiller quota? Telnet into the drug dispenser!

Paul Ducklin looks at how to avoid this sort of security hole...

SSCC 196 - From Wi-Fi bugs to carder busts [PODCAST]

From bugs to busts, here's the latest episode of our weekly security news podcast - for your listening pleasure.

Fee-fi-fo-fum, do I want Google to sniff my network traffic, all of it?

Google's getting a lot of publicity for "Project Fi," which will let you roam between 3G/LTE and Wi-Fi.

Back through Google, of course...

RSA Conference 2015 in retrospect

We talk to Grey Howe, winner of Sophos's "trip to RSA" competition on Spiceworks, about the funkiest and weirdest ideas from the talks...

Costa Coffee Club warns of possible database intrusion

Coffee chain Costa's just sent out a warning about a possible data breach.

Only 1 in 5000 accounts were affected, but the Coffee Club is offline for now. A bulk password reset will follow...

SSCC 195 - Let's talk security (over HTTPS, of course) [PODCAST]

This week, Chester is at the RSA Conference 2015.

Get a feel for the conference vibe, hear about this year's themes, and, of course, catch up on the latest security news...

5 online privacy and security tips for travelers

Going on holiday or traveling for business any time soon?

Here are 5 online privacy and security tips for when you're on the road.

If the "Deep Web" becomes searchable, is it still deep? 60 Sec Security [VIDEO]

Watch the latest episode of our only-takes-a-minute security roundup video!

This week: From old crypto bugs to the latest Windows security holes...

SSCC 194 - Patch early? Patch often? This time, "Patch NOW!" [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin for the latest episode of our weekly security podcast.

From the very latest Update Tuesday to how we get rid of 10-year-old security holes, here's the security news you can use.

Practical IT: What you need to know about email encryption

it-sins-unencrypted-email-250

When email was invented over 40 years ago, no one thought about how to ensure the integrity of messages. Here's what you need to know about securing email with the right kind of encryption.