Sophos Naked Security

Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.

"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...

Latest episode - listen now (or read if you prefer)...

It's not just the hashing, by the way. It's the salting and the stretching, too!

An injury to one is an injury to all. Especially if the other people are part of your social network.

There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!

Those numbers or names that pop up when a call comes up? They're OK as a hint of who's calling, but THEY PROVE NOTHING

Latest episode - security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach us

Five tips to keep yourself, and your friends and family, out of the clutches of "chopping block" scammers...

Review your servers, your patches and your authentication policies - there's a proof-of-concept out

The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server... but the content is all fake

Don't let a keen eye for bargains lead you into risky online behaviour...

Latest episode - listen now! Cybersecurity news plus loads of great advice...

What's so bad about a web page going fullscreen without warning you first?

Good old "string templating", also known as "string interpolation", in the spotlight again...

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...

A bit like leaving the front door keys under the doormat...

Not a zero-day, but important enough for a quick-fire patch to one system library...

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?