(get it in RSS or Atom)

Would you like to buy a Replay? 60 Second Security

Catch our latest weekly video - it only takes a minute!

SSCC 210 - So many cool new Windows 10 features to opt out of! [PODCAST]

Enjoy the latest episode of our award-winning weekly security podcast - a quarter-hour of entertaining education.

"Most adorable bug" - Raspberry Pi 2 crashes when you take a photo of it

Raspberry. Image courtesy of Shutterstock.

It's not buggy, it's camera-shy! The tiny, budget Raspberry Pi faints when you flash a photo of it, and it's likewise not keen on laser pointers.

New-style ransomware locks out your customers - demands money to let them log back in


The crooks took a low-key, annoyingly simple, and hard-to-spot approach.

Change usernames like JIMMY to FKOVWH3Z7LUV, but hide the changes...for a while, anyway.

Can malware and hackers really cause giant physical disasters?

Could you really have a hacker or malware initiated meltdown?

Yes, says the 2014 report of the German Office for Information Security...

Disgruntled employees are increasingly e-sabotaging businesses, FBI says

Disgruntled employees are increasingly e-sabotaging businesses, FBI says

Employees with an axe to grind are increasingly sticking it to their current or former employers by carrying out "computer network exploitation and disruption", the FBI says.

Firefox sneaks out an "inbetweener" update, with security improvements rather than fixes

Usually, if everything goes according to plan, Firefox updates appear every six weeks.

But if needs must, Mozilla delivers in-between updates, too, and that's what has happened here, bumping Firefox from version 32.0 to 32.0.1.

Patch Tuesday wrap-up, September 2014 - why even a single-bit data leak is worth fixing

Here's what you need to know about the September 2014 Patch Tuesday updates from Microsoft and Adobe...

Patch Tuesday for July 2014 - 6 bulletins, 2 RCEs, 3 EoPs and get ready to reboot


Here's what to expect from Microsoft in the July 2014 edition of Patch Tuesday, scheduled to ship on Tuesday 08 July 2014...

Patch Tuesday for June 2014 - 7 bulletins, 3 RCEs, 2 critical, and 1 funky sort of hole


You'll be patching and rebooting everything this month.

Paul Ducklin gives you a brief overview to help you prepare.

He also explains some vulnerability terminology you might not have heard before...

Hootsuite suffers DoS attack, reassures users

Hootsuite owl

Social media management tool Hootsuite has recovered from a denial of service (DoS) attack which left users unable to use the system for some time yesterday.

Patch Tuesday - no critical updates for XP...then Microsoft adds two XP fixes after all


Here's a quick run-down of what you'll face in the February 2014 Patch Tuesday update from Microsoft, which comes out tomorrow.

Online games services Steam and Origin fall as gamers ring in New Year DDoS-ing

Online games Steam and Origin fall as gamers ring in New Year DDoS-ing

Gamers have come up with a new game this week: DDoS games that their targets like to play. Scores of games fell flat on their faces.

Polish programmers jailed for 5 years for DDoS and cyber-extortion of online casino

Polish programmers jailed for 5 years for DDoS and cyber-extortion of online casino

Two online gaming programmers from Poland have been jailed for trying to cyber-extort the owner of an online marketing company based in Manchester, UK, and the CEO of an unnamed US internet software host.

NSA, Apple, Facebook and Adobe - 60 Sec Security [VIDEO]


A touch of fun but with a serious side - and only a minute to watch it.

Give our weekly "60 Second Security" video a whirl today...

Sophos Techknow - Understanding Vulnerabilities [PODCAST]


Make sense of vulnerability jargon by listening to this 15 minute podcast...

With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.

Police nab Argentinian teen who hacked money transfer and gambling websites

Police nab Argentinian teen hacker who netted $50,000/month

Argentinian police have arrested a teenager, dubbed "the superhacker", who was allegedly bleeding $50,000 (£31,500) per month out of international money transfer and gambling websites.

September Patch Tuesday is out - one update lost en route, 13 patches left, 8 RCE, 4 critical


One of Microsoft's 14 promised patches for September failed to materialise.

There's still plenty left over, though: IE gets a jumbo fix, as usual; SharePoint, FrontPage, Excel, Access, Outook and more get vital updates, too.

DDoS-for-hire service is legal and even lets FBI peek in, says a guy with an attorney

Polish programmers jailed for 5 years for DDoS and cyber-extortion of online casino

It's "a public service on a public connection to other public servers", the operator of RageBooter told Brian Krebs, and if sites don't like getting their socks knocked off in DDoS attacks, they should fix recursive DNS and default DNS server settings.

Oh, and yes, he says, he not only cooperates with the FBI, he works with them. He's busy on Tuesdays around 1 p.m., so try later if you need to to launch an attack.

Hackers launch DDoS attack on security blogger's site, send SWAT team to his home

Brian Krebs SWATted

Brian Krebs was the victim of a caller ID spoof that resulted in armed police surrounding his house. He's pretty sure about the criminal element responsible and has linked the perpetrator(s) to a denial-of-service attack against Ars Technica following its report of Krebs's ordeal.