(get it in RSS or Atom)

D-Link router user? Keep your ears and eyes open for the next firmware fixes!

A critical bug that leaves various D-Link routers wide open has apparently been patched...

...except that the patches need patches.

Watch out!

Update Tuesday, April 2015 - Urgent action needed over Microsoft HTTP bug

We don't usually focus on one vulnerability and say, "Do that first." But this month, we're willing to make an exception.

The Microsoft HTTP stack has a bug that could let attackers straight in with a simple HTTP request...

How one man could have deleted any photo album he could see on Facebook

Facebook 404

Facebook is probably the biggest collection of photographs ever assembled so it would be pretty bad if one man could delete every last one of them with his phone. Thankfully that's what Laxman Muthiyah thought too.

SSCC 183 - It's Data Privacy Day! Do something! [PODCAST]

From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!

Next version of the web will have resistance to surveillance at its core


The Internet Engineering Task Force is planning changes to the fundamental protocol that powers the web to make it more resistant to surveillance.

HTTP error code 451: "Unavailable For Legal Reasons"


You're probably familiar with the number 404: "Web Page Does Not Exist."

But you probably haven't heard of 451, a new proposal with an interesting etymology.

Paul Ducklin takes a look...

How much security would you expect in a $60 light globe?


"Honey, why are the lights flashing 'URPWN3D' in Morse code?"

If you spent a cool $60 each on light globes (bulbs) from the Apple store... much security would you expect?

CERN Geneva celebrates 20 years of the World Wide Web


It was twenty years ago today/That the World Wide Web came out to play...

On 30 April 1993, CERN Geneva officially put the Web, and the early client and server side software that made it work, into the public domain...

Security spill at the IEEE

IEEE squirms after sensational security spill

By its own account, the IEEE is the world's largest professional association for the advancement of technology.

Not quite the organisation you'd expect to store 100GB of HTTP logs in a world readable internet facing directory.

Is your smartphone telling every website you visit your telephone number?

Is your smartphone telling every website you visit your telephone number?

O2 mobile users in the UK are venting on Twitter today, fuming at their discovery that their phone number is being shared with every website that they visit over the network.

But users of other mobile phone networks may be also affected.

Oracle issues rare out-of-band update for Apache DDoS vulnerability

Oracle issues rare out-of-band update to fix web server vulnerability

Giant enterprise database company Oracle has published an out-of-band security update for the recent Apache DDoS vulnerability.

Out-of-band updates from Oracle are rare, so this one spells one word, "Importance!"

Extinguishing Firesheep for safe WiFi browsing


Firesheep has already taught 750,000 people how to hijack your unencrypted WiFi sessions with a single click. So here's how to extinguish Firesheep with a technological defence that you can put together in just 60 seconds.