Vulnerability

(get it in RSS or Atom)

D-Link patches critical router flaws, says more fixes to come

D-Link logo

D-Link has taken action over three serious vulnerabilities discovered in several of its home routers, and it's promising more fixes next week.

Bought PII from the government? PLEASE DON'T LOSE IT! 60 Sec Security [VIDEO]

60ss-video-250

Here's the latest episode of our weekly computer security roundup.

The latest news presented so you can enjoy it...in just one minute!

Facebook Bug Bounty report for 2014: $1.3M paid out to more than 700 bug finders

Facebook just released details of how much it paid out in bug bounties for 2014.

Rewards ranged from $500 to over $50,000...

SSCC 187 - The cryptography edition [PODCAST]

chet-chat-logo-featured-250

Sophos expert John Shier sits in for regular presenter Chester Wisniewski in this episode.

John and Paul Ducklin dissect the latest security issues, which were dominated this week by some thorny matters of cryptography.

Google turns Pwnium into an all-year, unlimited-rewards bug-hunting contest

Bug. Image courtesy of Shutterstock.

Google's new thinking around bug hunting: get it to us ASAP, from wherever you are.

From the Labs: more advances in Advanced Persistent Threats

apt-scene-250

SophosLabs researcher Gabor Szappanos is back.

He presents another insightful installment in the ongoing saga of PlugX and other "malware factories" that are part of the Advanced Persistent Threat scene.

What's SUPER and helps you to PHISH, sorry, FISH? 60 Sec Security [VIDEO]

60ss-video-250

Here's our weekly news roundup - from Superfish to Super Spectacles.

It's amusing, informative, and only takes a minute - enjoy!

Lenovo "Superfish" controversy - what you need to know

sf-250

Controversy of the week is "Superfish," an adware program pre-installed on Lenovo computers that has some worrying security problems.

Here's what you need to know, in plain English...

FreeBSD and the YARNBUG - more trouble at the Random Number Mill

How do you test your random number generator?

How do you determine, in an ordered way, that a sequence of numbers is entirely disordered?

With difficulty!

SSCC 186 - Just how firm is your firmware? [PODCAST]

chet-chat-logo-featured-250

Here's the latest episode of our weekly security podcast - from firmware and Firefox to Project Zero and Lightning conductors.

Chet and Duck are in fine fettle as usual...enjoy!

Google's Project Zero backs off a bit - will now give up to 14 days' grace

zd-250

Google's controversial "zero-day dropping machine," Project Zero, which automatically outs your bugs after 90 days, will now give up to 14 day's leeway.

News flash: hacker turns Apple's Lightning connector into a jailbreak conductor

lightning-250

A French hacker says he'll soon be making modified Lightning connector cables that will give Apple iOS jailbreakers a better view inside their iDevices.

What do you mean, "Facebook is now text only"? - 60 Sec Security [VIDEO]

60ss-video-250

Here's the latest episode of our weekly one-minute security video.

Fun, fast...and educational.

SSCC 185 - "I have a number for you: Eighty Million" [PODCAST]

chet-chat-logo-featured-250

Our weekly "Chet Chat" podcast is carefully prepared to fit into a quarter-hour, so it is clear and concise as well as being witty and amusing.

Enjoy...

"Most adorable bug" - Raspberry Pi 2 crashes when you take a photo of it

Raspberry. Image courtesy of Shutterstock.

It's not buggy, it's camera-shy! The tiny, budget Raspberry Pi faints when you flash a photo of it, and it's likewise not keen on laser pointers.

The "JASBUG" Windows vulnerability - beyond the hype, what you need to know

jasbug-500

Struggling to understand the JASBUG flaw fixed by Microsoft in this month's Update Tuesday?

Paul Ducklin explains it clearly, with minimal jargon.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

patch-tuesday-denim-250

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

The end of the Silk Road for Dread Pirate Roberts - 60 Sec Security [VIDEO]

60ss-video-250

Here's our weekly "60 Second Security" video.

Enjoy a fresh and entertaining take on the latest security news in just one minute...

SSCC 184 - What's the lifespan of a GHOST? [PODCAST]

chet-chat-logo-featured-250

Our weekly security podcast - the latest news in 15 minutes, entertaining *and* educational.

Enjoy!

Internet Explorer has a Cross Site Scripting zero-day bug

ie11-250

Another day, another zero-day.

This time, it's Internet Explorer that is attracting the sort of publicity a browser doesn't want, with the public disclosure of an XSS bug.