(get it in RSS or Atom)

Malware in the App Store? You CANNOT be SERIOUS! [Chet Chat Podcast 215]

Take a listen to the latest Chet Chat podcast, our fun-but-informative weekly commentary on the latest computer security issues.

The email that caused a literal meltdown - 60 Sec Security [VIDEO]

Enjoy the last episode of "60 Second Security" for 2014!

Learn from the week's news in just one minute...

EU to demand 2-factor for online payments by August 2015?


The European Banking Authority is nearly, if not quite, insisting on two-factor authentication by August 2015.

If companies that do business in Europe have to comply, could this help boost two-factor in the US and elsewhere?

SSCC 174 - Who says law enforcement isn't tackling cybercrime? [PODCAST]

Here's the latest epsiode of our weekly Chet Chat podcast, for your listening pleasure.

From a carder ring that got busted to a spamming system that ran amuck, let yourself be amused and educated at the same time...

SSCC 171 - Are you SURE that "1234" is a bad password? [PODCAST]

Here's the latest Chet Chat podcast for your listening pleasure...


Apple adds two-step verification for iCloud, effective immediately


Apple has listened, and extended its two-step verification system to iCloud.

It's a great start...but does it go far enough?

Tim Cook says Apple *does* care about iCloud Security. But is that enough? [POLL]


Tim Cook told the WSJ that, yes Apple *does* care about iCloud security, and will take steps to make it more secure.


Flaw in PayPal’s two-factor authentication, but keep calm and carry on!

Security researchers in the USA have just disclosed a flaw in PayPal's 2FA system.

Paul Ducklin looks at the mistakes that PayPal made, and what's been done to sort them out...

"Heartbleed" - would 2FA have helped?


Because of the global password reset pandemic caused by Heartbleed, lots of Naked Security readers have asked, "Wouldn't 2FA have helped?"

Paul Ducklin takes a look...

The power of two - All you need to know about two-factor authentication


What can we do to protect ourselves from stolen password databases, phishing attacks, keyloggers or credit card skimmers installed in our local ATMs? We can start with two-factor authentication. This article tells you what it is, how it works and where you can use it.

Sophos Techknow - Two-factor Authentication [PODCAST]


To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without.

Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.

SSCC 105 - HP printers, Google blocks ad blockers, Apple does the 2-step, and more...


Have you joined thousands of others, and become a loyal listener to the "Chet Chat" yet?

Here's the latest Naked Security podcast, Sophos Security Chet Chat 105, discussing a range of recent and newsworthy topics from the world of computer security.

Apple introduces two-factor verification for Apple IDs


After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.

Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...

Google patches bug that allows attackers to slip past two-factor authentication


Attackers could - until Google issued a fix last Thursday, that is - bypass Google accounts' two-step login verification, reset a user's master password, and gain full profile control, just by capturing a user's application-specific password.

Facebook to exclude phone numbers from reverse lookup - for users of two-factor authentication, anyway

Facebook to exclude phone numbers from reverse search - for users of two-factor SMS authentication, anyway

Facebook's SMS-based login security was a Catch-22. You had to give Facebook your phone number to improve security. But that exposed your phone number to the vagaries of the Facebook search system.

That's now changed, but apparently only temporarily, while Facebook decides what happens next.

FLAMING RETORT - Three words for RSA. Promptness. Clarity. Openness.

FLAMING RETORT - Three words for RSA. Promptness. Clarity. Openness.

It's no good having mandatory data breach disclosure laws if all they teach us is to admit we had a breach. We also need to convey information of obvious practical value to all affected parties.

Three words. Promptness. Clarity. Openness.

Facebook announces new security features - but do they go far enough?

Facebook announces new security features - but do they go far enough?

Facebook has just published an article entitled Keeping You Safe from Scams and Spam. It's all about improving security on its network.

Paul Ducklin reports on the good, the bad and the missing.

Facebook's two-factor authentication announcement raises questions


Amid rising concern about its attitude to privacy and safety, Facebook has announced that it is introducing a two-factor authentication system in an attempt to prevent unauthorised account logins.