flash

(get it in RSS or Atom)

SSCC 198 - "Fusking"? Did I hear that correctly? [PODCAST]

A week of many patches, Lenovo in the news again, an anti-forensic tool with a misleading name, and the rudely-named "sport" of Fusking.

Listen to our latest straight-talking security podcast...

Update Tuesday, April 2015 - Urgent action needed over Microsoft HTTP bug

We don't usually focus on one vulnerability and say, "Do that first." But this month, we're willing to make an exception.

The Microsoft HTTP stack has a bug that could let attackers straight in with a simple HTTP request...

"Pwn2Own" competition pops Flash, Reader and four browsers, pays out over $550K [POLL]

Pwn2Own has become something of an institution on the North American computer security conference circuit.

Come and vote in our poll to tell us what you think of security contests like this...

What do you mean, "Facebook is now text only"? - 60 Sec Security [VIDEO]

Here's the latest episode of our weekly one-minute security video.

Fun, fast...and educational.

SSCC 184 - What's the lifespan of a GHOST? [PODCAST]

Our weekly security podcast - the latest news in 15 minutes, entertaining *and* educational.

Enjoy!

News Flash! 3rd time unlucky! New 0-day hits Adobe's browser plug-in...

Ready to kiss goodbye to Flash in your browser yet?

Here's the 3rd zero-day in Flash since Adobe's last Patch Tuesday...

SSCC 183 - It's Data Privacy Day! Do something! [PODCAST]

From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!

Adobe gets second Flash zero-day patch ready 2 days early!

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash.

The patch is now ready via auto-update - 2 days early!

SCADA programmers? It's time for security by default! 60 Sec Security [VIDEO]

Here's the latest episode of our weekly 60-second security video.

Enjoy the news in just one minute...

Adobe issues emergency fix for Flash zero-day

Crooks are reportedly using a new Flash vulnerability called CVE-2015-0310.

Adobe has a fix already, so grab it while it's hot!

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

Patch Tuesday wrap-up, December 2014 - why "Important" can be Critical...

Adobe and Microsoft put forth their respective Patch Tuesday updates this week, bringing you their last scheduled patches of 2014.

Paul Ducklin digs in...

Adobe publishes out-of-band Flash update - provides "booster dose" for October's patches

Adobe has published a Flash update, dubbed APSB14-26.

The new patch offers additional protection against a vulnerability that was originally addressed in October 2014.

HTML5 goes officially live - now you really CAN say goodbye to Java in your browser!

html5-250

Of the 21.5 years that the WWW has been going strong, 15 have been spent getting from HTML 4 to HTML5.

That's quite a journey!

Paul Ducklin takes look at where we are now...

SSCC 164 - Spend Bitcoins using Apple Pay? *NOW* you've got me interested! [PODCAST]

Here's this week's Sophos Security Chet Chat for your listening pleasure.

Our weekly computer security podcast with the News You Can Use...

Patch Tuesday wrap-up, September 2014 - why even a single-bit data leak is worth fixing

Here's what you need to know about the September 2014 Patch Tuesday updates from Microsoft and Adobe...

How far would your sysadmins go to fix a problem? 60 Sec Security [VIDEO]

Here it is - this week's 60 Second Security video.

News that will amuse, and it only takes a minute...

SSCC 163 - So THAT'S why you can't erase Flash RAM properly [PODCAST]

Here's this week's Sophos Security Chet Chat.

Our regular security podcast that turns news into useful advice...

Patch Tuesday wrap-up, August 2014: RCE + ASLR bypass + EoP == patch early, patch all!

Patch Tuesday is here again.

Paul Ducklin explains how this month's vulnerabilities can work together for harm, and why *all* the updates matter, not just the ones that ended up with a "critical" or "severe" tag...