(get it in RSS or Atom)

Flash malware that gives you a free security update

Malware that patches Flash for you after it's broken in?

Sadly, it's not all about fact, it's not about you at all.

"Something stolen, something new" - 60 Sec Security [VIDEO]

Here's the latest episode of our weekly 1-minute security video.

Fun with a serious side...enjoy!

Apple lets rip with update spate: OS X, iOS, Safari, iTunes, QuickTime

Apple just opened the stopcocks and released a Hoover Dam's worth of security-related updates.

Yes, there are numerous new features and products in there too, but it's the security fixes that make a compelling reason to update.

Latest Flash hole already exploited to deliver ransomware - update now!

Are you still using Flash in your browser?

If so, make sure you've got the latest update from Adobe, even though it only came out last week.

SSCC 204 - You want an extension to your extension for Windows XP? [PODCAST]

Here's the latest episode of our weekly security podcast, the award-winning Chet Chat.


Security hole in MacKeeper used to shove malware onto Macs

According to researchers at BAE, a recent Mac malware infestation was carried out using a security hole in a utility called MacKeeper.

"Belts and breaches" - 60 Sec Security [VIDEO]


Here's the latest episode of our entertaining news-in-1-minute security roundup.


SSCC 203 - What's the worst sort of service to have a password breach? [PODCAST]

Join Sophos security experts John Shier and Paul Ducklin as they dig into the latest security news in our regular "Chet Chat" podcast.

This week: LastPass, Facebook, Windows 10 (and not-quite-the-end of XP), Samsung, and the Android ecosystem.

Apple OS X and iOS in the vulnerability spotlight - meet "CORED," also known as "XARA"

The security issue of the week has arrived in iOS and OS X, and it's attracted a funky name already.

The researchers called it XARA, but others had different ideas, and dubbed it "CORED."

As in "Apple CORED."

Google launches Android bug bounty program


After paying out $1.5 million to security researchers last year, Google now offers cash to Android bug hunters.

Samsung keyboard app could let a crook crack your phone

A presenter at BlackHat London has some bad news for you: the keyboard app built in to your Samsung phone may leave you open to attack.

Paul Ducklin explains and offers some advice...

Windows 10 patches - will you get them no matter what?

What does the wording about updates being "available automatically" in the Windows 10 Specifications really mean?

Authentication is all around us! 60 Sec Security [VIDEO]

Here's our latest "60 Second Security" video - catch the week's security news in just 1 minute.

You STILL support encryption designed to be crackable in 1995? 60 Sec Security [VIDEO]

Watch this week's "60 Second Security" - the one-minute news roundup video with attitude!

Anatomy of a LOGJAM - another TLS vulnerability, and what to do about it

We've had BEAST, Lucky Thirteen, BREACH, BEAST, POODLE, Heartbleed and, it's LOGJAM.

Paul Ducklin explains, and tells you what you can do about it.

SSCC 199 - Don't panic, it's not really as VENOMous as you thought [PODCAST]

Our latest weekly security podcast - the VENOM bug, iris recognition, a spyware company breach, and ID trouble at the Passport Agency.

Happy listening!

SSCC 198 - "Fusking"? Did I hear that correctly? [PODCAST]

A week of many patches, Lenovo in the news again, an anti-forensic tool with a misleading name, and the rudely-named "sport" of Fusking.

Listen to our latest straight-talking security podcast...

The VENOM "virtual machine escape" bug - what you need to know


Here's what you need to know about VENOM, the latest security vulnerability to be given a marketing-friendly name.

If you're using any virtual machines, read this to set your mind at rest...

Apple updates Safari on OS X, fixes critical flaws

No sooner had we reported that Microsoft will adopt a "rolling update" model for Windows 10...

...than we received notice of Apple's latest "rolling update" for its Safari browser.

Microsoft Word Intruder - the malware that writes new malware for you

Malware construction kits started in the 1990s as a way of expanding the virus-writing counterculture, but now they are all about money. SophosLabs looks at MWI, the Microsoft Word Intruder...