-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 3 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 3 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 6 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 6 hours ago
Monthly Archives: May 2008
A Powerful Form of Coercion
In the past we've blogged about fake anti-spyware/anti-virus Trojans that claim the computer is infected or compromised in an attempt to coerce the user into purchasing a fake anti-spyware/anti-virus application. Here's an example of a popup message displayed by Troj/FakeAle-BJ: Read more…
Strange Bedfellows
We keep track of a lot of websites at SophosLabs, but one in particular has kept me interested for a few months now. It starts off with a variation on a theme we've seen before - malicious 404 pages. One Read more…
Worm targets Grand Theft Auto IV (and everything else)
British newspaper The Daily Mail recently ran a story on a new Trojan that apparently targetted the newly released videogame Grand Theft Auto IV, being offered as a pirate download. We set out to find a copy of this Trojan Read more…
Sophos Anti-Virus for UNIX 7.0 Beta Available - Why bother?
Sophos has recently launched the beta of Sophos Anti-Virus 7.0 for UNIX. Initially this will be for Solaris 9 & 10 Sparc platform and allows users to centrally control policies, consolidate alerts and view reports etc. Anyone wishing to join Read more…
Debian / Ubuntu users - beware of the OpenSSL vulnerability
On Monday (the 12th) there was a post on isc.sans.org talking about how brute-force SSH attacks are on the rise. This report links to an useful paper which "investigates current methods and dictionaries used by attackers of SSH in the past several months". Read more…
Controlling your employees' choice of web browser
How much control do you have over the web browsers used by the staff in your company? I ask the question because on more and more occasions I'm hearing from system administrators and technical support staff about the problems they have of Read more…
Social Engineering, again?
Picture the scene. It is early evening and the waves have been pounding against the shoreline the whole day. Four people are sitting in the pub as the sun begins to glow orange as it lowers in the sky. Their Read more…
Microsoft? I don't think so..
We got a large amount of emails in our spam queues this afternoon, all pretending to be from "Microsoft Security Team". The emails kindly pointed out that our computers could be at risk from new malware and suggested that we Read more…
A one-way ticket to... ahh, we've been hacked
Readers in Northern Ireland may have had their travel plans disrupted in the last few days following a hack attack on the website of Translink, who run bus and train services in the region. A note on Translink's website say that Read more…
SQL meets Fast-Flux
Whilst investigating some of the domains used as the target for the malicious script tag added to web pages in recent SQL injection attacks, one of them stood out as potentially interesting. A DNS lookup for the domain returned 8 Read more…
The Pepsi Lottery challenge - would some cynicism make us more secure?
I'm often asked who falls for the email scams many of us receive offering a millionaire's inheritance, puppies for adoption, or even secrets of the JFK assassination. The answer, normally, is that it is the most vulnerable members of society Read more…
The Usual Sus/Pects
With the SAV7 release Sophos introduced the Sus/ detection class (Suspicious files), designed to cater for the more paranoid among us by utilizing looser-style generic identities. These looser identities detect characteristics that are deemed questionable enough to warrant concern but Read more…
Poetic Justice
Oh how we sail, in this wonderful place where vision is obscured, and they have no face yet the winds blow strong, and they never relent the storm of spam that we all are sent. The spam fiends currently propagating Read more…
Email scammers try to pull the rug from under carpet firm
Most of us are getting pretty used to receive bogus emails claiming to come from online banks, trying to phish our information, and there can be few of us who haven't been barraged by letters from Nigeria that say we Read more…
Give Them an Inch and They'll Try to Rule!
A classic case of impudent opportunism, more and more malware are now using standard Microsoft Windows Operating System files to do their bidding. Last year there were examples of malware modifying WINLOGON.EXE, a critical system file, to load a malicious Read more…
CARO On Packers and Obfuscators
Last week several SophosLabs staff attended the 2nd International CARO workshop to discuss packers and obfuscators and how the anti-malware industry is dealing with them. It was interesting to see the various approaches being explored and employed by vendors in Read more…
SQL sorcery
Since I last blogged about a recent spate of aggressive SQL injection attacks [1], we have seen continued activity, with sites across the globe being hit. Amongst the casualties are numerous well known brands. This lunchtime I decided to pull Read more…
China crisis? Now India claims hackers are attacking it from behind the bamboo curtain
Things are heating-up. Accusations that Beijing-backed hackers are probing the official networks of foreign governments with intrusions and spyware seem to be popping up with more regularity. The latest report comes from The Times of India, which claims that senior government officials in New Delhi have privately Read more…
Mister Swizzor's Wacky Dialog Box Adventure
Mr Swizzor had a problem. He knew that anti-malware engine heuristics thought that GUI applications without windows and buttons and text boxes were worrisome, because creating a GUI application without a GUI is a bit silly. But if he put windows Read more…
Teenage botmaster SoBe sentenced
Sophos reported in February how the teenage zombie herder who went by the nickname "SoBe" (his real identity has not been made public) had pleaded guilty to seizing control of almost 400,000 computers, and generating revenue by installing adware upon them. Read more…
