Podcasts Archive

Sophos Security Chet Chat - Episode 108 - May 8, 2013

Chester calls in from Interop with guest Paul Ducklin as they laugh about (and lament) the latest: WW2 crypto, Bitcoin mining, internet cameras, password breaches.

Sophos Security Chet Chat - Episode 107 - April 23, 2013

Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest: Boston marathon bombing scams, Hostgator's hack, Safari's Java safety update, pwning planes with an Android app, and Facebook Home and "Cover Feed".

Sophos Techknow: Two-factor Authentication - April 15, 2013

To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without. Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.

Sophos Security Chet Chat - Episode 106 - April 9, 2013

Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest: US Department of Defense and BYOD woes, "scanner" malware, Wordpress introduces 2FA, and Google and Mozilla announce new browser engines.

Sophos Security Chet Chat - Episode 105 - March 27, 2013

Chet welcomes Paul Ducklin as they discuss HP printers, Google blocks ad blockers, Apple does the 2-step, and more... Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet?

Sophos Security Chet Chat - Episode 104.5 - March 22, 2013

Chet inteviews the writer and director of hacker film "Code 2600" and Austin BSides organizers/consultants Michael Gough and Ian Robertson. We also introduce the new kickstart Hackers in Uganda.

Sophos Security Chet Chat - Episode 104 - March 12, 2013

Chester talks about three back-to-back security events he's just attended: RSA 2013 in San Francisco, B-Sides in Vancouver and CanSecWest in Vancouver.

Sophos Security Chet Chat - Episode 103 - February 24, 2013

The latest "Chet Chat", episode 103, features Chet and popular guest Paul "Duck" Ducklin, who bring you their customary and entertaining mixture of insight, expertise, scepticism, and advice.

Sophos Security Chet Chat - Episode 102 - February 12, 2013

Chet and Duck tackle last weeks news including UPnP, the Balmital botnet take down, Flash patches for Windows and OS X and the Lucky Thirteen SSL/TLS weakness.

What is the Anatomy of an Attack event?

This podcast outlines what to expect if you attend one of our Anatomy of an Attack seminars. Chester Wisniewski and John Shier explain the content presented and what attendees should expect to take away.

Sophos Security Chet Chat - Episode 101 - January 30, 2013

Chester talks to Paul Ducklin in Sophos Security Chet Chat Episode 101. Spend an enjoyable quarter-hour as our duo take on a range of security issues with their usual mixture of insight, expertise, skepticism, advice and occasional outright puzzlement.

Sophos Security Chet Chat - Episode 100 – December 10, 2012

Paul Ducklin joins Chet to discuss John McAfee and geolocation data - advice for non-fugitives; Dalai Lama and Mac malware; Swiss intelligence agency in huge data theft - terabytes worth; NASA loses yet another laptop; and Romanian carders hack 500,000 Australian credit cards.

Sophos Security Chet Chat - Episode 99 - October 31, 2012

Michael Argast rejoined Chet this halloween to catch up on the week's news including new DMCA exceptions, Hurricane Sandy scams, Yahoo! ignoring do not track, Barnes and Noble credit cards skimming and Facebook's donation to spam research.

Sophos Security Chet Chat - Episode 98 - September 17, 2012

This week Paul Ducklin is in the guest seat as he and Chester discuss Patch Tuesday, weak RSA certificates, losing $250,000 worth of bitcoins, Do Not Track, Blackhole exploit kit and the Nitol botnet takedown.

Sophos Security Chet Chat - Episode 97 - August 10, 2012

Peter Szabo from SophosLabs joins Chet to chat about 4 more talks from this year's Black Hat and DEF CON conferences. Topics include MS-CHAPv2, Frak, smart meters and hacking public transit.

Sophos Techknow - All about Java

Java brings with it some significant risks, yet for many people, it's "just there on my computer." In this episode, Duck and Chet tell you All about Java, and help you to make an informed decision in balancing its risks and rewards at work and at home.

Sophos Security Chet Chat - Episode 96 - August 3, 2012

Peter Szabo, a senior threat researcher with SophosLabs, joins Chet this week to to share what they learned at this year's Black Hat and DEF CON conferences. They discuss NFC, a file disinfection framework, steganography and the dangers of IPv6 and DNSSEC.

Sophos Techknow - Understanding SSL

To many of us, SSL isn't much more than "the padlock in the browser." But how does it work? Who verifies SSL certificates? How do we know we can trust them? What happens if we realise we can't?

Sophos Security Chet Chat - Episode 95 - July 19, 2012

Paul Ducklin joins Chet this week to discuss the quarterly Oracle patches, the theft of a USB stick belonging to Elections Ontario, the bypass of in-app purchases from the App Store and how WiFi hackers stole $3 million.

Sophos TechKnow - Patching: should you lead, follow, or get out of the way?

Do you really need seven committee meetings and a 90-day waiting period before you update your computers with the latest patches? Duck and Chet take on the challenges of security patches in this episode of the Techknow podcast.

Sophos Security Chet Chat - Episode 94 - July 13, 2012

Paul Ducklin joins Chet once again to discuss the latest security news. This week's topics include DNS Changer, Patch Tuesday, Find and Call, San Diego's fireworks fiasco and password breaches.

Sophos Security Chet Chat - Episode 93 - June 21, 2012

Michael Argast joins Chet once again to discuss Flame, LinkedIn, warrantless wiretapping, Patch Tuesday, border patrol spying and Microsoft's BlueHat prize.

Sophos Security Chet Chat - Episode 92 - June 5, 2012

Michael Argast from Telus joined Chet once again to discuss the week's news. Topics covered include Flame malware, Do Not Track, TACK, Conficker and Sophos Mobile Security for Android.

Sophos Security Chet Chat - Episode 91 - May 18, 2012

This week's Chet Chat returns to our usual news format this week with guest Gary Korhonen (@hundredaire). Gary and Chet discuss the Utah data breach, Facebook hacker's prison term, OS X Leopard's FlashBack removal tool, Pentagon data sharing and Operation Phish Phry sentancing.

Sophos Security Chet Chat - Episode 90 - May 10, 2012

This week's Chet Chat comes to you live from the show floor at Interop 2012. John Shier and Chet Wisniewski have some fun and share highlights from the expo hall.

Sophos Security Chet Chat - Episode 89 - April 26, 2012

Chester Wisniewski and Chris Pace walk around the exhibition hall at this year's InfoSec Europe and share their insights on trends and some fantastic giveaways some vendors thought might grab your attention.

Sophos Security Chet Chat - Episode 88 - April 17, 2012

Chester Wisniewski and Paul Ducklin chat about the security issues surrounding Apple's new iTunes security, knowledge-based authentication, Mac malware and Google's fine from the FCC.

Sophos Security Chet Chat - Episode 87 - April 5, 2012

David Schwartzberg is this week's guest on the Chet Chat to talk about the data breach at Global Payments, a new Mac botnet and Flash Player updating. David also explained the new AES-NI encryption acceleration in Intel chips and a new way to safely store files in the cloud.

Sophos Security Chet Chat - Episode 86 - March 31, 2012

Paul Ducklin is this week's guest on the Chet Chat. Chet and Paul discuss an attempted DDoS of an election in Canada, the knock-on effects of the DNS Changer malware, Facebook's new Data Usage Policy and the risks of outsourcing.

Sophos Security Chet Chat - Episode 85 - March 22, 2012

In this week's episode John Shier joins Chet to discuss the review of electronic device usage on airplanes by the FAA, the arrests of the Carberp malware authors, the worm danger from the MS12-020 RDP vulberability and whether the time has come for encrypting more than just laptops and USB drives.

Sophos Techknow - Busting Password Myths

In this new podcast series Paul Ducklin and Chester Wisniewski take a more in-depth look at a single topic, exploring the ins and outs to help listeners understand complex topics. In this episode - Busting Password Myths, Paul and Chester take a look at the thorny issue of password rules and regulations.

Sophos Security Chet Chat - Episode 84.66 - March 2, 2012

Chet and Duck say goodbye to San Francisco, thank their fellow bloggers for Naked Security winning the Best Corporate Security Blog, discuss their favorite stand and talk a bit about how "big data" plays with security.

Sophos Security Chet Chat - Episode 84.33 - February 28, 2012

RSA special Chet Chat sharing Chester's and Duck's first impressions of the first day of the RSA 2012 conference in San Francisco.

Sophos Security Chet Chat - Episdoe 84 - February 23, 2012

Paul Ducklin hosts this week's Chet Chat with the tables turned... Chet is the guest. They discussed the recent Google cookie-gate incident, House Intelligence Committee advice on using laptops while traveling and the malicious emails sent to leaked Stratfor subscriber email addresses.

Sophos Security Chet Chat - Episode 83 - February 16, 2012

This week's Chet Chat finds Paul Ducklin and Chester Wisniewski discussing the vulnerabilities patched this Tuesday in Microsoft, Adobe and Oracle products, mobile phone application privacy issues and upcoming events RSA and Anatomy of an Attack in Portland, OR and Wellington, NZ.

A time-based analysis of Rich Text Format manipulations

Paul Baccas is interviewed by Chester Wisniewski on his paper A time-based analysis of Rich Text Format manipulations. Paul explains how the focus is often on zero-day exploits even though flaws like CVE 2010-3333 have been patched for over a year and are still resulting in successful compromise.

Sophos Security Chet Chat - Episode 82 - February 3, 2012

This week, Paul Ducklin joins Chet to talk about the Sophos Security Threat Report 2012, the new anti-phishing proposal known as DMARC and mobile phone numbers being leaked through HTTP headers at O2.

Sophos Security Chet Chat - Episode 81 - January 23, 2012

Chet sits down with Michael Kaiser, Executive Director at the National Cyber Security Alliance (NCSA) to discuss Data Privacy Day. Michael explains the origin of Data Privacy Day, some of the activities related to it and how people can participate in raising awareness about privacy and data security.

Sophos Security Chet Chat - Episode 80 - January 18, 2012

In this week's podcast, Vanja Svajcer joins Chet to talk about the mobile security landscape. Topics discussed include mobile malware, theft, application markets and advice on securing your smartphone.

Sophos Security Chet Chat - Episode 79 - January 9, 2012

Paul Ducklin joins Chet for the first Chet Chat of 2012. This week they discuss the privacy implications of smart meters, the recent research showing how WiFi routers are vulnerable due to an easy setup feature and password hashes.

Sophos Security Chet Chat - Episode 78 - December 20, 2011

Gary Korhonen joins Chet for this week's podcast discussing the automatic upgrade of Internet Explorer, Android Market malware, Carrier IQ and an infection that shut down a hospital in Georgia.

Sophos Security Chet Chat - Episode 77 - November 24, 2011

Paul Ducklin joins Chet to talk about this week's news including giving your friends and family a hand at Thanksgiving, Android security, SCADA hacking and Google's WiFi mapping opt-out scheme.

Sophos Security Chet Chat - Episode 76 - October 21, 2011

Chester interviews Michael Kaiser from the National Cyber Security Alliance and Rob Strayer from the Bipartisan Policy Center about National Cyber Security Awareness Month and our upcoming State of Cyber Security event.

Sophos Security Chet Chat - Episode 75 - October 14, 2011

John Shier joined Chet this week as they discussed the death of UNIX and C co-creator Dennis Ritchie, the Virus Bulletin 2011 conference, Apple's release of iOS 5 and OS X 10.7.2, Microsoft Patch Tuesday, and the German R2D2 Trojan.

Interview with Brad Arkin from Adobe about Flash Player 11 and Reader security

Brad Arkin joined Chester Wisniewski to discuss the launch of Flash Player 11 and the improvements in security and privacy in this new version. Brad also shares some insights into the success of Reader X in blocking malicious code.

Sophos Security Chet Chat - Episode 74 - September 30, 2011

This week Paul Ducklin joins Chester Wisniewski to discuss cooperating to fight hi-tech crime, the Kelihos botnet shutdown, the US government proposal to have ISPs notify infected customers and the impact of BEAST on SSL connections.

Sophos Security Chet Chat - Episode 73 - September 18, 2011

Paul Ducklin joined Chet this week from a real life denial of service situation at the Sydney, Australia airport. Topics discussed include Patch Tuesday, UBS losing $3bn, SpyEye on Android, Twit.tv hacked and Windows 8 including anti-virus.

Sophos Security Chet Chat - Episode 72 - September 8, 2011

Mike Wood a Senior Threat Researcher with SophosLabs is Chet's guest. They discuss the upcoming Patch Tuesday, the new Firesheep and go in depth on the recent troubles at certificate authority DigiNotar.

Sophos Security Chet Chat - Episode 71 - August 21, 2011

Chester Wisniewski welcomes back Paul Ducklin to summarize the week's security news. This week they talk about ATM skimming and recent related research, Juicejacking, the latest Anonymous attacks and the digital bread crumbs we all leave behind on the internet.

Sophos Security Chet Chat - Episode 70 - August 11, 2011

Vanja Svajcer joins Chester Wisniewski to discuss the papers and demos they attended at last week's Black Hat and DEFCON conferences. Topics covered include Android patch cycles, Fixing the SSL CA problem, insulin pump hacking, Google ChromeOS flaws and archiving our digital past.

Sophos Security Chet Chat - Episode 69 - July 28, 2011

David Schwartzberg joined Chet for this week's Chet Chat. David is a specialist in data protection and shared his thoughts on the new File Vault 2 feature in Mac OS X Lion. Dave and Chet also discussed Google+ privacy, Facebook's compromise on facial recognition and the critical vulnerability in Apple's iOS.

Sophos Security Chet Chat - Episode 68 - July 22, 2011

In this week's Chet Chat Kris Braun SophosLabs Threat Operations Manager joins Chet to discuss the week's news. Topics include OS X Lion, Oracle patches, Zeus for Android and Secunia's mid-year threat report.

Sophos Security Chet Chat - Episode 67 - July 15, 2011

Richard Baldry is Chet's guest on this week's Chet Chat. Chet and Richard talk about Google blocking the .co.cc domain, Patch Tuesday, Apple's JailBreakMe.com patch and the "phone hacking" and malware related to the News of the World scandal.

Sophos Security Chet Chat - Episode 66 - July 7, 2011

In this week's Chet Chat Paul Ducklin is Chet's guest as they cover the latest security news. Topics covered include a paper on the Popureb rootkit, the vulnerabilities in Apple's iOS exploited by jailbreakme.com, WordPress 3.2 and the latest Twitter account hacks.

Sophos Security Chet Chat - Episode 65 - June 23, 2011

Paul Ducklin joins Chester this week for Chet Chat episode 65. Chet and Paul discuss the impact of the recent FBI arrests of scareware purveyors, the arrest of Ryan Cleary and LulzSec's latest stunts, Trojanized WordPress plugins and the imaginary world of Bitcoin digital currency.

Sophos Security Chet Chat - Episode 64 - June 15, 2011

In SSCC episode 64 Chet's guest is the North American Threat Operations Manager for SophosLabs. They discuss the LulzSec DDoS last week, the attack against the IMF, Nissan's Leaf leaking location data and the latest Adobe fixes. Kris also provided advise from SophosLabs on defending against targeted attacks.

Sophos Security Chet Chat - Episode 63 - June 9, 2011

In this week's Chet Chat Rich Baldry joins Chet to discuss the future of Mac OS X security. They also discuss the week's news including RSA, Sony, software patches and Facebook's introduction of facial recognition software

Sophos Security Chet Chat - Episode 62 - June 2, 2011

Chester Wisniewski and Paul Ducklin discuss this week's news including the latest attacks against Sony, Apple's new malware problem and cloud security.

Sophos Security Chet Chat - Episode 61 - May 27, 2011

Chester Wisniewski sits down with one of the most experienced Sophos technical support experts to discuss best practices and how we can use the tools we have to do a better job defending against modern malware.

Sophos Security Chet Chat - Episode 60 - May 19, 2011

Chester Wisniewski and Ben Jupp discuss the hype and the truth behind the recent Mac rogue security attacks and discuss Obama's proposed changes to RICO, Square Enix and Sony.

Sophos Security Chet Chat - Episode 59 - May 6, 2011

This week's Chet Chat guest is Richard Wang. Richard and Chester spoke about Sony, bin Laden scams, LastPass, the upcoming Patch Tuesday and the recent rise in Apple Mac malware

Sophos Security Chet Chat - Episode 58 - April 28, 2011

Sophos Security Chet Chat 58 features Paul Ducklin and Chester Wisniewski discussing the week's most pertinent security topics. This week: the Coreflood take-down; password loss at DSLReports; Sony's big data breach; Iran claims a "Stars" virus attack; and Facebook shuts down Ars Technica.

Sophos Security Chet Chat - Episode 57 - April 21, 2011

Paul Ducklin from Sophos Australia joins Chester Wisniewski at Info Security Europe 2011 this week to help explain their open letter to Facebook.

Sophos Security Chet Chat - Episode 56 - April 12, 2011

Chester Wisniewski and Michael Argast talk about this week's Patch Tuesday, the Albert Gonzalez appeal and the state of Texas data breach.

Sophos Security Chet Chat - Episode 55 - April 6, 2011

Tony Ross joins Chester Wisniewski this week to discuss the latest news on SSL Certificate Authorities ignoring signing guidelines. They also talk about the RSA breach, email best practices, Chrome adding malicious download filtering and more.

Sophos Security Chet Chat - Episode 54 - March 31, 2011

Michael Argast joins Chet for a HUGE Chet Chat this week. They primarily cover Facebook's new SSL/anti-likejacking, Comodo SSL hack, Firefox 4 and the SQL injection attacks against MySQL and Sun/Oracle. Extra: Don't miss the blooper of Chet mistakenly calling this Chet Chat 55... That's next week.

Sophos Security Chet Chat - Episode 53 - March 21, 2011

Chester Wisniewski and guest Michael Argast discuss this week's security news. They give advice to users of RSA's SecureID tokens post-breach, talk about RIM's advice to disable JavaScript on BlackBerry devices and Google patching Adobe Flash in Chrome before even Adobe has patched it.

Sophos Security Chet Chat - Episode 52 - March 15, 2011

Chester Wisniewski and Michael Argast talk about the latest security news related to Twitter's use of HTTPS, Congress killing net neutrality, car hacking, tsunami scams,the Adobe Reader zero day and more.

Sophos Security Chet Chat - Episode 51 - March 7, 2011

Michael Argast talks with Chet about Apple's new test release of OS X, codenamed Lion. They also chat about Microsoft begging people to stop using IE6, providing social media access to your employer, the rise in Facebook scams and the recent spat of malware on the Android Market.

Sophos Security Chet Chat - Episode 50 - February 28, 2011

Tony Ross joins Chet this week to discuss erasing SSDs, a new banking Trojan and HIPAA - how to protect medical records

Sophos Security Chet Chat - Episode 49 - February 21, 2011

Michael Argast and Chet talk about Westboro Church vs. Anonymous, the Canadian Government getting hacked, the latest MS and Java vulnerabilities and more

Sophos Security Chet Chat - Episode 48 - February 16, 2011

This week Chet Wisniewski and Paul Ducklin discuss the new Android Trojan Horse and RSA Conference 2011 happenings.

Sophos Security Chet Chat - Episode 47 - February 7, 2011

Michael Argast and Chester Wisniewski discuss the weeks security news, including RBS WorldPay hacker pleads guilty, HBGary hack, Patch Tuesday and CanSecWest's Pwn2Own contest.

Sophos Security Chet Chat - Episode 46 - January 31, 2011

Chester Wisniewski and Michael Argast discuss the internet situation in Egypt, Anonymous and the arrests by the FBI, the new Microsoft zero day MHTML vulnerability and the standard set of Facebook stories

Sophos Security Chet Chat - Episode 45 - January 25, 2011

Chester Wisniewski and Michael Argast discuss the week's security news including the new Do Not Track feature in Chrome, Apple's new CISO and the Sarkozy Facebook hack.

Sophos Security Chet-Chat - Episode 44 - January 18, 2011

This week's roundup with Chet Wisniewski and Michael Argast: The Facebook phone/address privacy kerfuffle, Oracle's latest security patches and the strange disappearance of Dancho Danchev.

Sophos Security Chet-Chat - Episode 43 - January 11, 2011

From this month's Patch Tuesday to the big Vodafone Australia data leak, Paul Ducklin of Sophos Australia joins Chet this week to round up the major security news of the week.

Sophos Security Chet-Chat - Episode 42 - January 4, 2011

It's a new year and episode 42 of the Chet-Chat! Tony Ross joins Chet to round up the security news of the week.

Sophos Security Chet-Chat - Episode 41 - December 28, 2010

It's the last episode for 2010 and Chet Wisniewski talks about what kind of notifications or security entities to trust with Tony Ross of Sophos Canada.

Sophos Security Chet-Chat - Episode 40 - December 21, 2010

Chet Wisniewski brings guest Aaron Bugal from the Sophos Melbourne office to talk about the week's security news: Patch Tuesday, Australia takes action against botnets and the latest from Anonymous.

Sophos Security Chet-Chat - Episode 39 - December 13, 2010

Chet features the year's best-of-guests for his end of 2010 podcasts - Sean Richmond of Sophos Australia joins him for news roundup.

Sophos Security Chet-Chat - Episode 38 - December 7, 2010

Chet Wisniewski and Michael Argast review the biggest IT security news, including (especially!) WikiLeaks.

Sophos Security Chet-Chat - Episode 37 - November 30, 2010

Chet Wisniewski talks encryption with Sophos data protection sales engineer David Schwartzberg.

Sophos Security Chet-Chat - Episode 36 - November 23, 2010

Chet Wisniewski and Michael Argast round up the week's tech security news, including the new iOS 4.2 release. (Plus, if you're @chetwisniewski's 1337th follower on Twitter, he has a gift for you!)

Sophos Security Chet-Chat - Episode 35 - November 16, 2010

Chet Wisniewski and Michael Argast discuss the perils of security on mobile devices, including the Android, yet another zero-day vulnerability in Adobe Reader and the latest on Zeus/Zbot and Stuxnet.

Sophos Security Chet-Chat - Episode 34 - November 9, 2010

This week Chet Wisniewski and Michael Argast talk about flaws in the Android OS, patching mobile phones and browsers as well as a discussion around automatic updating.

Sophos Security Chet-Chat - Episode 33 - November 2, 2010

Chet Wisniewski and Michael Argast of Sophos Canada go over the week's big security news, including the Boonana Trojan, and give a shout-out to the new Sophos security blog, Naked Security.

Sophos Security Chet-Chat - Episode 32 - October 26, 2010

Honorary product evangelist Tony Ross sits down with Chet Wisniewski to talk the week's news--a rough week for Apple security and a bit on Firesheep--and then an in-depth discussion on application control.

Sophos Security Chet-Chat - Episode 31 - October 19, 2010

This week Chet Wisniewski talks with Chris Simmons, Development Manager about new developments for the Sophos Email Appliance.

VB2010 conference roundup

Chester Wisniewski interviews Sophos Threat Researchers Mike Wood and Paul Baccas about their experiences at the VB2010 conference in Vancouver, Canada.

Sophos Security Chet-Chat - Episode 30 - October 14, 2010

Chet Wisniewski and Michael Argast round up the week's security news.

Sophos Security Chet-Chat - Episode 29 - October 5, 2010

This week Mike Wood, Threat Researcher at SophosLabs Canada sits down with Chet Wisniewski to talk about ZeusBot Trojan -- its origins, how it works, and why it's such a prevalent threat.

Sophos Security Chet-Chat - Episode 28 - September 28, 2010

Chet Wisniewski and Paul Ducklin discuss Stuxnet in detail--the origins, controversy and FUD--in this week's Chet-Chat.

90 Second Security Roundup - September 2010

This month: When internet access chose the government, Adobe battles another zero-day, Twitter suffers XSS woes, and the Stuxnet malware keeps on making the wrong headlines.

Sophos Security Chet-Chat - Episode 27 - September 21, 2010

Chet Wisniewski and Michael Argast discuss good and bad anti-virus program behavior before diving into the news of the latest 4chan DDOS attack.

Sophos Security Chet-Chat - Episode 26 - September 14, 2010

This week, Chet Wisniewski and Graham Cluley meet up in the Sophos Boston office and talk about Microsoft's Patch Tuesday, ongoing Adobe vulnerabilities--and a plug for a Sophos blog contest.

Sophos Security Chet-Chat - Episode 25 - September 7, 2010

Chet Wisniewski and Michael Argast of Sophos Canada round up the latest bulk of social media-related threats.

Sophos Security Chet-Chat - Episode 24 - August 31, 2010

After a roundup of the week's security news, Chet talks with Tony Ross, Global Sales Trainer at Sophos Canada about anti-malware product testing: What should you look for? Should you rely on detection testing as a good metric?

Sophos Security Chet-Chat - Episode 23 - August 24, 2010

This week's Chet-Chat: Intel buys McAfee and the latest in browser security improvements (specifically on Chrome and Firefox).

90 Second Security Roundup - August 2010

This month: Take a lesson from Microsoft on why security is a journey, not a destination; find out about the latest cybercriminal scams on Facebook; and learn why jailbreaking your iPhone is good. Or bad.

Interview with Brad Arkin, Senior Director of Product Security and Privacy for Adobe Systems

Chester Wisniewski, Senior Security Advisor at Sophos Canada, interviews Brad Arkin, Senior Director of Product Security and Privacy for Adobe Systems about Adobe joining Microsoft's Active Protections Program (MAPP).

Sophos Security Chet-Chat - Episode 22 - August 10, 2010

Chet Wisniewski and Michael Argast of Sophos Canada discuss jailbreaking Apple devices in this week's Chet-Chat.

Sophos Security Chet-Chat - Episode 21 - August 3, 2010

Chester Wisniewski and Vanja Svajcer give their reviews of several speakers and panels at this year's Defcon and Blackhat USA.

90 Second Security Roundup - July 2010

This month: Hear the Windows shortcut vulnerability explained, learn why you need to burn those aging legacy applications and find out what's been going wrong on Facebook this month.

Sophos Security Chet-Chat - Episode 20 - July 27, 2010

Everyone's still talking about the Windows Shortcut Exploit, and so are Chet Wisniewski and Michael Argast of Sophos Canada.

Sophos Security Chet-Chat - Episode 19 - July 20, 2010

This week is all about the latest Microsoft vulnerability, dubbed CPLNK. Chet interviews Michael Shannon from SophosLabs to discuss what this vulnerability is and what's at risk.

Sophos Security Chet-Chat - Episode 18 - July 13, 2010

It's Patch Tuesday, so Chester Wisniewski and Michael Argast of Sophos Canada discuss the latest Microsoft vulnerability fixes and exploit testing in general.

Sophos Security Chet-Chat - Episode 17 - July 6, 2010

Chester Wisniewski talks about Endpoint Security and Control 9.5's live URL filtering feature with technical product manager Rami Jebara of Sophos Canada.

Understanding hypervisor security

James Lyne, senior technologist at Sophos, and Sunil Choudrie, virtualisation specialist, discuss the capability gap between hypervisor scanning agents and the modern protection agent.

Sophos Security Chet-Chat - Episode 16 - June 29, 2010

This week's podcast goes into depth about vulnerability disclosures -- timing, obligations and ethics -- with Peter Lee of Sophos Australia as Chester Wisniewski's guest.

Sophos Security Chet-Chat - Episode 15 - June 22, 2010

This week Chester Wisniewski and Richard Wang of SophosLabs discuss the latest Adobe and Windows attacks and advise users how they can protect their machines.

Sophos Security Chet-Chat - Episode 14 - June 15, 2010

Was Apple's ''major security leak'' as reported by Gawker really all that big a deal? And are 5 days enough time to fix a zero-day vulnerability? Chester Wisniewski and Michael Argast of Sophos Canada discuss these topics in this week's podcast.

Sophos Security Chet-Chat - Episode 13 - June 8, 2010

From Google's stopped use of Windows to the latest social media attacks (''likejacking'' in Facebook) and new vulnerabilities in Adobe products - Chester Wisniewski and Michael Argast of Sophos Canada discuss these topics in depth.

Sophos Security Chet-Chat - Episode 12 - June 1, 2010

Sophos Canada's Chester Wisniewski and Michael Argast review the big privacy changes on Facebook and ponder what you really get with $1 billion spent on security.

Sophos Security Chet-Chat - Episode 11 - May 25, 2010

This week Chester Wisniewski and Michael Argast of Sophos Canada discuss IBM's tradeshow malware woes and a lawsuit against Google.

Sophos Security Chet-Chat - Episode 10 - May 18, 2010

Sean Richmond of Sophos Australia joins Chester Wisniewski of Sophos Canada this week to talk about unencrypted wifi, patching and the ongoing Facebook privacy saga.

Sophos Security Chet-Chat - Episode 9 - May 11, 2010

Questionable Facebook email notifications and big Citrix Receiver news are on the table this week with Chester Wisniewski and Michael Argast of Sophos Canada.

Sophos Security Chet-Chat - Episode 8 - May 4, 2010

Facebook's latest privacy changes are the subject of particular scrutiny in this episode with Chester Wisniewski and Michael Argast of Sophos Canada.

Sophos Security Chet-Chat - Episode 7 - April 27, 2010

This week Chester Wisniewski talks about 'Social Engineering-as-a-Service,' false positives and data security with James Lyne from the Office of the CTO at Infosecurity Europe 2010 in London.

Sophos Security Chet-Chat - Episode 6 - April 20, 2010

Stranded in Warsaw thanks to the volcanic ash from Iceland, Chester Wisniewski and guest Ashek Kreowski of Sophos UK discuss new details of the Aurora attacks on Google as well as how even fellow volcano refugees should be wary of SEO poisoning.

Data security: what it means to HR and finance teams

Carole Theriault speaks to HR and finance representatives from Sophos about how data security impacts their departments and CTO Richard Jacobs explains what steps can be taken to ensure data is protected.

Sophos Security Chet-Chat - Episode 5 - April 13, 2010

Chester Wisniewski and Sean Richmond of Sophos Australia discuss the latest Adobe Reader security updates, the newest iPod beta SDK and malware on Windows Mobile.

Blackhat SEO

Chester Wisniewski interviews Onur Komili of Sophos Canada on blackhat SEO and his new technical paper ''Poisoned search results - How hackers have automated search engine poisoning attacks to distribute malware.''

Sophos Security Chet-Chat - Episode 4 - April 5, 2010

Chester Wisniewski and Tony Ross of Sophos Canada discuss Mac threats and why many Mac users think they don't need anti-virus (hint: they do!) as well as the growth of black hat SEO -- otherwise known as SEO poisoning.

Sophos Security Chet-Chat - Episode 3 - March 30, 2010

Chester Wisniewski and Michael Argast of Sophos Canada roundup the best of what they saw at CanSecWest 2010.

Sophos Security Chet-Chat - Episode 2 - March 23, 2010

Chester Wisniewski and Michael Argast of Sophos Canada talk about the big security news of the week, including Google's exit from China and two bits of good news from Russia on cybercrime.

Sophos Security Chet-Chat - Episode 1 - March 15, 2010

Sophos Senior Security Advisor Chester Wisniewski and Head of Global Sales Engineering Michael Argast discuss the biggest security stories for the week of March 15, 2010.

Windows 7 - Security updates and features, part 2

In this second half of a two-part podcast, Sophos experts Chester Wisniewski and Michael Argast continue their conversation on the updates and changes made to Windows 7 security.

Windows 7 - Security updates and features

Sophos experts Chester Wisniewski and Michael Argast of Sophos Canada discuss the latest security updates and features of Windows 7.

Security threat report: 2010

Carole Theriault interviews Chester Wisniewski, senior security advisor at Sophos Canada, about the latest findings in the 2010 Sophos security threat report, discussing the latest trends in malware as well as exploring topical issues such as security on Windows 7 and Apple Mac threats.

Operation Aurora: The attack on Google

Chester Wisniewski of Sophos Canada and James Lyne from the Office of the CTO discuss Operation Aurora: The attack on Google, what it means to businesses, and what we should be doing to better protect our networks.

Facebook, identity theft and the plastic duck

Sean Richmond of Sophos Australia talks to Paul Ducklin, head of technology for APAC, about the results of Sophos's latest Facebook experiment, revealing that users are still failing to take adequate security steps on the popular social network.

Kanye West, SEO and scareware

Senior technology consultant Graham Cluley explains how hackers have been taking advantage of the hoax news stories about the death of Kanye West, using search optimisation techniques to infect computer users with scareware.

A lesson in cloud computing and software as a service

Paul Ducklin, head of technology for Sophos APAC, defines cloud computing and SaaS, explaining the associated security risks and gives his opinion on whether cloud and SaaS mean the end of desktop security software.

Windows 7 in the security spotlight

Sophos senior technologist James Lyne discusses Windows 7 from the security point of view, looking at the Action Centre, enhancements in the Windows firewall, Direct Access and the controversy surrounding XP mode.

Virtualization and encryption: the security facts

More organizations are looking to virtualize their servers, but few are considering the associated security concerns. James Lyne, senior technologist at Sophos, explains why encrypting virtualized servers will avoid costly leaks.

Security Threat Report: Update July 2009

Graham Cluley, senior technology consultant at Sophos, discusses the findings in the latest threat report, revealing that criminals have increased the focus of attacks on social networking sites.

Conficker and April 1st

Sean Richmond of Sophos Australia talks to Paul Ducklin about the first of April Conficker security panic

Security and server virtualization

Carole Theriault interviews James Lyne from the technology office at Sophos about the security risks associated with virtualized server systems and how new security technologies may help to overcome these attacks.

The password dilemma

Graham Cluley, senior technology consultant at Sophos, discusses sensible password use, explaining how cybercriminals are cracking weak passwords with the aim of hacking into users' email and web accounts and advises listeners how to create and manage multiple passwords.

Conficker under the microscope

Paul Ducklin, Head of Technology for Asia Pacific, discusses the true threat from 2009's widespread Conficker virus - which spread via a variety of techniques including USB sticks - with Patrick Gray, host of the ITRadio programme 'Risky Business'.

Cybercrime on Facebook and Twitter

Graham Cluley, Senior Technology Consultant at Sophos, discusses the social networking phenomenon, explaining how cybercriminals are using Facebook and Twitter to spread malware and spam.

Security Threat Report 2009

Graham Cluley, senior technology consultant at Sophos, gives a snapshot of the findings in the 2009 threat report, revealing that US computers are the biggest contributor to the malware and spam problem and advises listeners on how to keep themselves protected as the volume of internet attacks continue to increase.

The spam surge unzipped

Graham Cluley, senior technology consultant at Sophos, discusses the latest spam trends, explaining how social engineering tactics and social media are being used to distribute messages, and advises users how to defend against the rising tide of spam.

The evolution of NAC

Carole Theirault interviews Scott Lewis, NAC product specialist at Sophos, about the new generation of network access control offerings and how they can address and enable IT best practices and ensure network governance.

How web threats work and how you can avoid them

With SQL injection attacks flooding the web, Fraser Howard, principal malware researcher at SophosLabs, offers free advice to administrators and surfers on how to avoid falling victim to these attacks

Security Threat Report: Update 2008

Graham Cluley, Senior Technology Consultant, reviews the mid-2008 Security Threat Report, examining existing and emerging security trends and advises listeners how to keep themselves protected as web threats continue to rise.

10 tips to secure Apple Mac laptops

Graham Lee, senior Mac engineer at Sophos, shares a number of steps that Apple Mac users can take to improve the physical security of their laptops.

Virtualization: a black hole in your security?

Sophos's CTO Richard Jacobs discusses the security concerns around virtualization, explaining the risks associated with unmanaged virtual desktops and how administrators can control the unauthorized use of virtual software on the corporate network.

Think your network is protected? Think again

Sophos's free tool enabling computer users to check if machines were a security risk has revealed some startling results. Sophos's John Shaw, director of endpoint security, discusses the state of security in the market, including that half the computers scanned were missing security patches or running out-of-date protection software.

How to surf safely amid rising web attacks

Following the continued rise in web-based threats, Richard Baldry and Carole Theriault discuss the methods being used by cybercriminials to lure victims into visiting infected webpages, what internet users can do to safely browse the web and advise how to secure websites from hacker attacks.

Big Mac attack or super-sized hype?

The first financially motivated malware was detected for the Apple Macintosh operating system in 2007 and security experts are warning Mac users to prepare for more attacks. Graham Cluley, senior technology consultant at Sophos, puts the threat into perspective.

Security Threat Report 2008

Graham Cluley, senior technology consultant at Sophos gives a snapshot of the findings in the latest threat report, revealing which countries are relaying the most spam, highlighting top web threats, and explaining why the malware problem is a concern that spreads beyond Microsoft.

Surfing the pump-and-dump wave

Carole Theriault interviews Paul Baccas, spam and virus researcher at Sophos, about stock pump-and-dump spam. They discuss how the campaigns - ranging from plain text to attached MP3 files - have evolved, influencing global stock markets.

NAC stripped bare

Carole Theriault interviews Matthew Holden-Milner, network access control specialist at Sophos, about why organizations need to consider an access control solution to reduce the security risks posed by non-compliant endpoints, and they discuss the solutions on offer.

Data leakage prevention

Graham Cluley, Senior Technology Consultant at Sophos discusses the growing concern and implications of accidental data leakage via email, and explains what IT administrators can do to protect their businesses against data loss.

PCI compliance

Graham Cluley, Senior Technology Consultant at Sophos addresses concerns surrounding Payment Card Industry compliance and advises merchants on how they can secure their customers' data by following the Council's standards.

Anti-virus testing: protection is not just about detection

Mark Harris, Global Director of SophosLabs discusses anti-virus testing, explaining why protection is not just about detection rates, and recommends which testing bodies users should look to for independent advice.

Facebook and identity theft

Graham Cluley, Senior Technology Consultant at Sophos, discusses the phenomenon of social networking website Facebook, revealing the results of Sophos's Facebook experiment, and advises Facebook enthusiasts on how to properly secure their profiles.

Security Threat Report: Update 2007

Graham Cluley, Senior Technology Consultant, reviews the mid-2007 Security Threat Report, looking at the most widespread security threats during the first half of the year and advises listeners on how they can keep themselves safe online.

Improving security through control

Richard Jacobs, CTO at Sophos, explores the concept of the dissolving network perimeter, discussing how security solutions are addressing new challenges, and offers some advice on how IT administrators can control and manage their users.

Zero-day threats

Fraser Howard, Principal Virus Researcher at SophosLabs, discusses zero-day threats, addresses the controversy surrounding the disclosure of vulnerability information, and offers advice to users and administrators on how to defend against these malicious programs.

Managed appliances

Gurusamy Sarathy, Chief Technologist at Sophos, introduces managed appliances and discusses the benefits of vendors owning the security problem and whether managed appliances mean the end of desktop security.

Web-based threats

Marc Borbas, Web Security Expert, highlights the growth in web-based threats, explains how browsing the internet can potentially place your organization at risk, and offers some advice on how to browse the web safely.

Securing your mobile workforce

Vanja Svajcer, Principal Virus Researcher at SophosLabs, and John Stringer, Mobile Security Expert, discuss the increased uptake of mobile devices, explain how a mobile device can become infected, and provide some practical advice on how to protect your organization's mobile devices from attack.

Network Access Control

Our experts Bill Emerick and Jeff Sturgeon introduce Network Access Control, discuss installation and deployment options, and explain why organizations should be looking to implement a NAC solution.

Security Threat Report

Graham Cluley, Senior Technology Consultant, reviews the Security Threat Report about the most widespread security threats during 2006, and asks what lies ahead for 2007.

Picture this: Fighting image spam

Mark Harris, Global Director of SophosLabs, highlights the growth in image spam, the tactics spammers employ to evade spam filters and offers some advice to organizations struggling to deal with the problem.

Phishing: Are the banks to blame?

Paul Ducklin, Head of Technology for Asia Pacific, discusses the increasing problem of online phishing, highlights what is being done to combat this menace, and asks the question, ''Are the banks to blame?''

Is Microsoft stopping your security vendor from doing their job?

Richard Jacobs, CTO, discusses the imminent release of Microsoft Vista, its enhanced security features, and the accusations from some security vendors that Vista's PatchGuard technology is preventing security vendors from properly protecting users.

Small businesses: Bigger challenges

Shaun Paice, Group Product Manager, highlights the challenges that small businesses face in protecting their computers and discusses their security solution needs.

Application control: Taking back control

John Shaw, Group Product Manager, discusses the problems that arise when employees install and use unauthorized applications, and provides insight into how IT administrators can regain control of their network.

Advice for IT directors: What you need to know

Charles Southey, VP of IT, discusses how to ensure that your IT security policy does not impact on your organization's productivity.

Rootkits: What you need to know

Vanja Svajcer, Principal Virus Researcher at SophosLabs™, explains what rootkits are, how to protect against them, and what to do if you think you have a rootkit on your computer.

The Sophos spam dirty dozen

Graham Cluley, Senior Technology Consultant, discusses this report examining the top 12 spam relaying countries over the second quarter of 2006, and other developments including image spam.

Schools: The IT security challenge

Michael Argast, Director of Global Sales Operations, discusses the issues schools and universities face when protecting their computers and students against security threats.

Threat Management Report: Update

Graham Cluley, Senior Technology Consultant, reviews this report about the most widespread security threats during the first six months of 2006, and reveals what lies ahead.