rce

(get it in RSS or Atom)

SSCC 207 - Windows 2003 R2? The train stops here! [PODCAST]

Our weekly quarter-hour podcast where we turn the latest security news into advice you can use - and have fun at the same time.

Enjoy!

"Something stolen, something new" - 60 Sec Security [VIDEO]

Here's the latest episode of our weekly 1-minute security video.

Fun with a serious side...enjoy!

Apple lets rip with update spate: OS X, iOS, Safari, iTunes, QuickTime

Apple just opened the stopcocks and released a Hoover Dam's worth of security-related updates.

Yes, there are numerous new features and products in there too, but it's the security fixes that make a compelling reason to update.

Latest Flash hole already exploited to deliver ransomware - update now!

Are you still using Flash in your browser?

If so, make sure you've got the latest update from Adobe, even though it only came out last week.

Encrypt like everyone's watching! 60 Sec Security [VIDEO]

There's a Sophos T-shirt that warns you, "Dance like nobody's watching. Encrypt like everyone is."

We aren't kidding, folks, and this week's 60 Second Security tells you why!

Security hole in MacKeeper used to shove malware onto Macs

According to researchers at BAE, a recent Mac malware infestation was carried out using a security hole in a utility called MacKeeper.

"Belts and breaches" - 60 Sec Security [VIDEO]

60ss-video-1200

Here's the latest episode of our entertaining news-in-1-minute security roundup.

Enjoy!

SSCC 203 - What's the worst sort of service to have a password breach? [PODCAST]

Join Sophos security experts John Shier and Paul Ducklin as they dig into the latest security news in our regular "Chet Chat" podcast.

This week: LastPass, Facebook, Windows 10 (and not-quite-the-end of XP), Samsung, and the Android ecosystem.

Samsung keyboard app could let a crook crack your phone

A presenter at BlackHat London has some bad news for you: the keyboard app built in to your Samsung phone may leave you open to attack.

Paul Ducklin explains and offers some advice...

If you hammer your RAM, won't that break it? 60 Sec Security [VIDEO]

From CPUs on fire to hammered memory modules - here's our latest 60 Second Security video!

Why not give it a try...

SSCC 189 - Hey, is that your CPU on fire? [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin for our weekly security podcast.

Sharp, witty and educational, as usual (if we do say so ourselves)...enjoy!

Update Tuesday wrap-up, March 2015 - FREAK fixed fast, and lots more from Microsoft

Adobe published no bulletins for March 2015, so this one is all about Microsoft...

SSCC 185 - "I have a number for you: Eighty Million" [PODCAST]

Our weekly "Chet Chat" podcast is carefully prepared to fit into a quarter-hour, so it is clear and concise as well as being witty and amusing.

Enjoy...

Bughunter cracks "absolute privacy" Blackphone - by sending it a text message

Serial bughunter Mark Dowd found a hole where it *really* wasn't wanted.

In the text messaging software on the "absolute privacy" Blackphone...

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

Patch Tuesday wrap-up, December 2014 - why "Important" can be Critical...

Adobe and Microsoft put forth their respective Patch Tuesday updates this week, bringing you their last scheduled patches of 2014.

Paul Ducklin digs in...

WordPress issues critical security fixes, closing remote anonymous compromise bug and more

wp-250

WordPress has just published a critical security release.

If you're still on WordPress 3, this is about as critical as it gets, because one of the fixes closes a "remote anonymous compromise" bug.

Patch Tuesday wrap-up, November 2014: Microsoft joins the "security hole in HTTPS" club

Here's what you need to know about the November 2014 Patch Tuesday updates from Microsoft and Adobe...

Are you tired of weak or fake zero-day exploits? 60 Sec Security [VIDEO]

Watch our latest 60 Second Security video!

An entertaining but insightful look at the week's security woes - in just one minute...

Bash “Shellshock” vulnerability – what you need to know

shellshock-250

Shellshock is the media-friendly name for a remote code execution hole in Bash, a command shell commonly used on Linux and UNIX systems.

Paul Ducklin explains...