Sophos Security

Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store? Chester and Duck dissect these issues in their entertaining and informative style in this week's Sophos Security Chet Chat podcast...

Chet and Duck turn the week's news into useful lessons once again. There's Patch Tuesday, the impending end of XP, Advanced Persistent Threatitis, and some astonishing statistics about just how many people have been hit by the CryptoLocker ransomware. Join the dynamic duo for another entertaining quarter-hour on computer security.

What about support for OS X Lion and Mountain Lion? Are they, or aren't they? Why can't Apple just say? Could the addition of a rootkit to the Gameover malware be a blessing in disguise? If you want to hack your way to better results at University, is jumping from an F to an A a wise maneouvre? And will proposed federal data breach laws in the US make things better or worse? Chester and Duck once again aim their entertaining expertise at the security news of the week...

Paul Ducklin hooks up "live at RSA" with Naked Security writers Chester Wisniewski and John Shier for a Conference Special podcast. This half-length Chet Chat packs in one-quarter humour, five-eighths news and two-thirds insight - find out what was good, weird, interesting, or all of the above, at this year's RSA 2014 event!

Chester ducks out of booth duties at the RSA 2014 conference in San Francisco to bring you this week's Chet Chat. From Apple's SSL bug to Adobe's second-in-a-month emergency Flash update, Chet and Duck once again help you to learn from others' mistakes.

Chet and Duck again turn the week's security news into advice you can use and share with your friends. What happened to Flappy Bird? Why was Talking Angela so talked about? Is internet access at the Winter Olympics in Sochi really a "special danger" situation? What can we learn from the database breaches at Kickstarter and Forbes?

Chet and Duck cast their expert eyes over the week's security news. The pair bring some infectious enthusiam to Sophos's recently-announced acquisition of Cyberoam; they look at Patch Tuesday plus Adobe's out-of-band update to Flash; urge aginst the trend for big brands to bundle "foistware downloads" of complete new applications into what are supposed to be security updates; and plenty more besides. Join this dynamic duo as they turn the latest news into a quarter-hour podcast that is informative, entertaining and educational.

Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target. Oh, and Sophos Naked Security is up for "Blog that Best Represents the Security Industry" in the forthcoming Security Bloggers Awards 2014, so...please vote for us if you are elgibile to do so.

This week's Chet Chat starts out with credit card breaches, as yet more big PII leaks hit the news; then covers the issue of whether you really need good passwords everywhere; before going into an upbeat and encouraging conclusion - we like to finish on a positive note! - discussing Data Privacy Day. You did know it was Data Privacy Day, didn't you? (You do now.)

Chet and Duck turn a week's worth of lost data, malware attacks, misleading apologies and shabby security into actions you can take to steer a safer course inside your own organisation. From digitally signed Mac malware, through plaintext password storage, all the way to the South Korean credit agency that lost personal information on close to half of the country's population, here's our weekly "podcast with a purpose."

In early 2014, a contractor at credit-scoring company Korea Credit Bureau was arrested for loading up a USB key with personally identifiable information for some 20,000,000 people, about 40% of South Korea's population. Shades of the Bradley/Chelsea Manning "Wikileaks" saga of three years earlier, in which decades of confidential US State Department cables were siphoned off. Here's a sadly-still-relevant podcast from the Wikileaks incident, looking at the question, "How could this have happened?"

Chester Wisniweski and Paul Ducklin dig into the lessons we can learn from the security issues of the past week. What's the best way to deal with bots and botnets? If you use your financial institution's official mobile banking app, are you more or less secure that just using your browser? What's going on with data security in the US retail sector? What are the must-have and must-do patches from this Patch Tuesday? And do you really *have* to update your Mac to Mavericks if you want security fixes?

Botnets, short for "robot networks", are more than just malware: they're the money making machinery of modern cybercriminals. Paul Ducklin and James Wyke help you to understand the What, How and Why of this troublesome topic. The result is an entertaining and educational podcast that's suitable for everyone from sysadmins to home surfers.

Chet and Duck look at the security stories that made the headlines over New Year 2013/2014 - from the OpenSSL "hypervisor hack" that wasn't, to the Skype Twitter breach that shouldn't have happened - and explain how we can learn from these mistakes to have a safer and more secure 2014.

From Cryptolocker, through PRISM, Target and Adobe, to tainted randomness: Chet and Duck review the security lessons of 2013, and advise how to make 2014 safer and more secure!