We’ve written about ransomware a lot, because it’s such an odious and in-your-face sort of threat. Ironically, ransomware isn’t actually the most dangerous or insidious sort of malware. Ransomware crooks don’t steal your data covertly, or keep track of you via your webcam, or try to read your emails over an extended period for competitive...

If you’re an IT professional, you know better than anyone else about the concerns that go along with securing a business. Anything and everything from ransomware to phishing emails to lost smartphones – the list goes on and on. But of all the terrors that can plague your organization, which are your top concerns? We...

What harm can a selfie do? How much do you really give away if you upload images that contain snippets of information unique to you? Just how much detail can a crook really make out in low-resolution mobile phone snapshot that’s uploaded to a social media site? And even if crooks could dig out all...

How many times does the word “wasted” show up in your social media profiles and posts? What?! You don’t know? Even if you’re not sure of the answer, if you are in the US, looking for credit, there’s now a chance that the companies who assess your creditworthiness will. If you’re planning to get a...

First, the trick: on Halloween night, PageFair got hit by a Trojan masquerading as an Adobe Flash update. Then, the treat: the company managed to eschew non-apology mumbo-jumbo to issue a detailed, satisfyingly remorseful apology. Beginning late Sunday night, the day after the company discovered the attack, PageFair CEO Sean Blanchfield published a series of updated...

Forum owners and users beware! The website of popular forum software maker vBulletin has been breached. Following claims, nay, boasts, of an attack on Sunday evening, the software developer moved quickly to negate the effects of the hack by releasing a series of security patches on Monday, saying: A security issue has been reported to...

A controversial hacking company recently ran a competition offering $3m for up to three click-to-own exploits against Apple’s iOS. The exploits would be sold on to “eligible customers” only. The competition is now closed, but one exploit apparently met the grade and will earn $1,000,000. We investigate: what “click-to-own” means, why exploits of this sort...

An extremely serious vulnerability lay undiscovered at the heart of much of The Cloud for seven years. The vulnerability (CVE-2015-7835), which affects the Xen hypervisor software used by Cloud hosting companies like Amazon Web Services, is so serious that it was widely patched under embargo before being disclosed on 29 October 2015. It was discovered by 栾尚聪 (好风) of Alibaba and affects Xen software from...

Anyone who is concerned about their privacy, or the potential impact of government surveillance on their lives, will be pleased to learn that The Onion Router (TOR) Project has released a new, easy-to-use, beta version of its Tor Messenger client. Based on Instantbird, a cross-platform instant messenger tool developed by the Mozilla community, it has been...

A few readers have contacted us to say that they got going OK with the latest #sophospuzzle… …but then they got stuck and didn’t really know how to continue. We gave a number of hints via the #sophospuzzle hashtag on Twitter, which helped a few of you over the line. But Twitter isn’t really the...