Vulnerability

(get it in RSS or Atom)

That's SHUTTING down your PC, not SHOOTING it down! 60 Sec Security [VIDEO]

Ever felt like shooting your PC? This guy did it! (And more news in our weekly one-minute security video.)

Wi-Fi security software chokes on network names, opens potential hole for hackers

wifi-250

The Wi-Fi security software "wpa_supplicant," found in Android amongst many other places, has a potentially hackable security hole...

SSCC 195.5 - Did Google really say, "No more Android malware?" [PODCAST]

chet-chat-logo-featured-250-cropped

From "joined up security" to the suggestion that Google proclaimed the end of malware on Android, find out what's happening at RSA 2015!

SSCC 195 - Let's talk security (over HTTPS, of course) [PODCAST]

chet-chat-logo-featured-250-cropped

This week, Chester is at the RSA Conference 2015.

Get a feel for the conference vibe, hear about this year's themes, and, of course, catch up on the latest security news...

D-Link router user? Keep your ears and eyes open for the next firmware fixes!

A critical bug that leaves various D-Link routers wide open has apparently been patched...

...except that the patches need patches.

Watch out!

5 online privacy and security tips for travelers

Going on holiday or traveling for business any time soon?

Here are 5 online privacy and security tips for when you're on the road.

Woman sues Google after in-app purchases drain her bank account

Woman sues Google after Play Store drains her bank account

She's alleging that Google Play's inadequate security let crooks siphon thousands of dollars in charges from her account.

If the "Deep Web" becomes searchable, is it still deep? 60 Sec Security [VIDEO]

Watch the latest episode of our only-takes-a-minute security roundup video!

This week: From old crypto bugs to the latest Windows security holes...

SSCC 194 - Patch early? Patch often? This time, "Patch NOW!" [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin for the latest episode of our weekly security podcast.

From the very latest Update Tuesday to how we get rid of 10-year-old security holes, here's the security news you can use.

Google fixes potential revenue-stealing "comment cloning" YouTube bug

Two Egyptian security researchers figured out how to clone other people's YouTube comments.

You could "borrow" approvals and positive reviews so that they appeared to promote your videos, too.

Tampering with US voting machine as easy as 'abcde', says Virginia report

Tampering with US voting machine as easy as 'abcde', says Virginia report

All it would take to compromise it is to sit in the parking lot with a laptop, some free tools, and a dropper full of tech smarts.

Update Tuesday, April 2015 - Urgent action needed over Microsoft HTTP bug

We don't usually focus on one vulnerability and say, "Do that first." But this month, we're willing to make an exception.

The Microsoft HTTP stack has a bug that could let attackers straight in with a simple HTTP request...

TLS certificate blunder revisited - whither China Internet Network Information Center?

cnnic-250

Just under three weeks ago, we wrote about a TLS certificate blunder by a Root Certificate Authority called CNNIC.

We thought we'd revisit that story today to see how the Big Four browser makers responded to the lapse...

We TOLD you not to use WPS on your Wi-Fi router! We TOLD you not to knit your own crypto!

Belkin is the latest router vendor to be found relying on "non-secret secrets."

Paul Ducklin looks at the router equivalent of locking the key to the company safe in the top drawer of your desk...

What a lot of patches! 60 Sec Security [VIDEO]

Watch the latest episode of our weekly fun-but-serious security news video.

It only takes a minute!

The mobile "security gap" - Pinterest and Yammer the latest gappy apps

Pinterest and Yammer are the latest official mobile apps that didn't do HTTPS correctly, leaving users at risk of imposters and phishing.

Linux Australia gets pwned, rooted, RATted and botted

Linux Australia had a bit of a nightmare Easter Weekend.

While the rest of us were loafing at the beach, the Penguinistas from Down Under were owning up to a pretty extensive cyberintrusion.

Apple fixes loads of security holes in OS X, iOS, Apple TV, Safari

OS X gets a brand new photo application called, er, Photos, but the security fixes are the real reason you want these updates.

FBI warns WordPress users of ISIS threat: Patch and update now

FBI warns WordPress users of ISIS threat: Patch and update now

The FBI is advising all WordPress site owners to update and patch their installation and plugins. If you're not already doing so, now is a great time to start. We offer tips on how to get started.

Baby cam plays creepy music, moves of its own accord

Man in a hoody

Yes, the wireless cam was possessed - by the spirit of whoever hijacked the Foscam IP device to spy on a Minnesota couple's baby.