Chester Wisniweski and Paul Ducklin dig into the lessons we can learn from the security issues of the past week.

What's the best way to deal with bots and botnets? If you use your financial institution's official mobile banking app, are you more or less secure that just using your browser? What's going on with data security in the US retail sector? What are the must-have and must-do patches from this Patch Tuesday? And do you really *have* to update your Mac to Mavericks if you want security fixes?

Botnets, short for "robot networks", are more than just malware: they're the money making machinery of modern cybercriminals.

Paul Ducklin and James Wyke help you to understand the What, How and Why of this troublesome topic.

The result is an entertaining and educational podcast that's suitable for everyone from sysadmins to home surfers.

Chet and Duck look at the security stories that made the headlines over New Year 2013/2014 - from the OpenSSL "hypervisor hack" that wasn't, to the Skype Twitter breach that shouldn't have happened - and explain how we can learn from these mistakes to have a safer and more secure 2014.

From Cryptolocker, through PRISM, Target and Adobe, to tainted randomness: Chet and Duck review the security lessons of 2013, and advise how to make 2014 safer and more secure!

Chet and Duck analyse the latest security news to help you keep ahead of the bad guys. Find out about the recent and massive Target breach; get to grips with Microsoft's and Apple's latest updates; and learn how to respond to Google's recent changes to image rendering for Gmail users.

Sophos Security Threat Report 2014 by Sophos

Chet and Duck tell you what you need to know about the latest security stories. Turn bad news into good with "what you can do better" advice on the back of an XP zero-day, a spate of Bitcoin "bank robberies," the outcome of a European user security survey, and yet another cryptographic blunder, this time from Drupal.

Chet and Duck dig into the good and bad of the week's computer security news, from the amusing "Happy Hour Virus", through Twitter's implementation of "forward secrecy" to discourage government-type surveillance, to LG's data-grabbing TVs and the company's unamusingly casual attitude to what amounts to business-type surveillance.

Avoiding fake support calls by Sophos

Chester and John Shier take time out of the IANS Information Security Forum in Atlanta, Georgia, to talk about the key issues of the past week. There's the US police department that paid the CryptoLocker ransom; the company Loyaltybuild that took two weeks to tell its loyal customers that it hadn't even bothered to encrypt their PII that was stolen; and, to finish with some good news, high praise for Microsoft's public push for cryptographic progress.