Sophos security expert Chester Wisniewski was at the Virus Bulletin 2014 conference in Seattle. In this special edition of the Chet Chat, Paul Ducklin puts Chet on the other side of the mic to find out more about both the technology and the ethics of anti-malware research.
Tag Archives: Vulnerability
Apple patches OS X against Shellshock
If you’re a Mac user, you may have felt wrongfully left out of all the Shellshock kerfuffle over the past few days. Not any more!
Are you tired of weak or fake zero-day exploits? 60 Sec Security [VIDEO]
Watch our latest 60 Second Security video! An entertaining but insightful look at the week’s security woes – in just one minute…
Ex-con Kevin Mitnick now selling zero-day exploits, starting at $100K
He says his firm will carefully screen potential clients and that he’d never sell to an entity such as the Syrian regime or a criminal gang. Then again, he’s not asking what clients intend to do with the high-end exploits. 
Bash “Shellshock” vulnerability – what you need to know
Shellshock is the media-friendly name for a remote code execution hole in Bash, a command shell commonly used on Linux and UNIX systems. Paul Ducklin explains…
Mozilla fixes “phishing friendly” cryptographic bug in Firefox and Thunderbird
Mozilla just patched a bug in its cryptographic library, NSS. The bug is rated “critical” because it could permits skullduggery in apparently secure connections.
Is it *really* such a bad idea to use a password twice?
We regularly warn you against using the same password for multiple accounts. But if you memorise one really long and complex password, isn’t that enough? No! Here’s why…
10 security holes that cybercrooks dream about – 60 Sec Security [VIDEO]
Here’s this week’s episode of 60 Second Security. Enjoy the latest security news in just one minute…
eBay takes flak for leaving rigged iPhone listing up for 12 hours
eBay’s getting flak for its chilled response to a serious XSS attack, sprung when a user clicked on a fake listing for an Iphone 5S and was redirected to a spoofed site that was after users’ login credentials.
Apple ships a sevenfold security surprise, including iOS 8 and OS X 10.9.5
Apple doesn’t have Patch Tuesdays, but it does have Update Surprisedays. We just had one of them, with brand new and more secure versions of iOS, OS X and Safari.