rce

(get it in RSS or Atom)

If you hammer your RAM, won't that break it? 60 Sec Security [VIDEO]

\

From CPUs on fire to hammered memory modules - here's our latest 60 Second Security video!

Why not give it a try...

SSCC 189 - Hey, is that your CPU on fire? [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin for our weekly security podcast.

Sharp, witty and educational, as usual (if we do say so ourselves)...enjoy!

Update Tuesday wrap-up, March 2015 - FREAK fixed fast, and lots more from Microsoft

Adobe published no bulletins for March 2015, so this one is all about Microsoft...

SSCC 185 - "I have a number for you: Eighty Million" [PODCAST]

Our weekly "Chet Chat" podcast is carefully prepared to fit into a quarter-hour, so it is clear and concise as well as being witty and amusing.

Enjoy...

Bughunter cracks "absolute privacy" Blackphone - by sending it a text message

Serial bughunter Mark Dowd found a hole where it *really* wasn't wanted.

In the text messaging software on the "absolute privacy" Blackphone...

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

Patch Tuesday wrap-up, December 2014 - why "Important" can be Critical...

Adobe and Microsoft put forth their respective Patch Tuesday updates this week, bringing you their last scheduled patches of 2014.

Paul Ducklin digs in...

WordPress issues critical security fixes, closing remote anonymous compromise bug and more

wp-250

WordPress has just published a critical security release.

If you're still on WordPress 3, this is about as critical as it gets, because one of the fixes closes a "remote anonymous compromise" bug.

Patch Tuesday wrap-up, November 2014: Microsoft joins the "security hole in HTTPS" club

Here's what you need to know about the November 2014 Patch Tuesday updates from Microsoft and Adobe...

Are you tired of weak or fake zero-day exploits? 60 Sec Security [VIDEO]

Watch our latest 60 Second Security video!

An entertaining but insightful look at the week's security woes - in just one minute...

Bash “Shellshock” vulnerability – what you need to know

shellshock-250

Shellshock is the media-friendly name for a remote code execution hole in Bash, a command shell commonly used on Linux and UNIX systems.

Paul Ducklin explains...

Firefox sneaks out an "inbetweener" update, with security improvements rather than fixes

Usually, if everything goes according to plan, Firefox updates appear every six weeks.

But if needs must, Mozilla delivers in-between updates, too, and that's what has happened here, bumping Firefox from version 32.0 to 32.0.1.

SSCC 164 - Spend Bitcoins using Apple Pay? *NOW* you've got me interested! [PODCAST]

Here's this week's Sophos Security Chet Chat for your listening pleasure.

Our weekly computer security podcast with the News You Can Use...

Firefox 32.0 fixes holes, shakes out some old SSL certs, introduces certificate pinning

Yesterday was Firefox's Fortytwosday (updates come out every 42 days, on Tuesdays, in a nod to Douglas Adams), bringing us to Firefox 32.0.

There are also two Extended Support Releases for the more conservative amongst us...

SSCC161 - What do you mean, "Trade him for Edward Snowden"? [PODCAST]

Here's the latest Chet Chat security podcast!

Sophos experts Chester Wisniewski and Paul Ducklin once again turn plain old news into advice you can use.

Apple Safari for OS X gets "click-to-own" security holes patched

safari-250

The 6th Safari security update in 10 months is out.

With fixes for 7 potential remote code execution holes, get it while it's hot...

Patch Tuesday wrap-up, August 2014: RCE + ASLR bypass + EoP == patch early, patch all!

Patch Tuesday is here again.

Paul Ducklin explains how this month's vulnerabilities can work together for harm, and why *all* the updates matter, not just the ones that ended up with a "critical" or "severe" tag...

SSCC 157 - Routers, Browsers, Zombies and Sysadmins [PODCAST]

Here it is...this week's Chet Chat security podcast.

In this episode: fixing routers, trusting browsers, killing zombies and showing TLC to sysadmins.

It's all about trust! 60 Sec Security [VIDEO]

Watch 60 Second Security for 19 July 2014 - it's all about trust!

Patch Tuesday wrap-up, July 2014 - Adobe fixes "Rosetta", plus a new risky file type on Windows...

Patch Tuesday for July 2014 is just behind us in the case of Microsoft and Adobe, and just ahead of us in the case of Oracle.

Paul Ducklin tells you what you need to know...