-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 2 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 3 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 5 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 6 hours ago
Monthly Archives: August 2008
IT Training Group need training in SQL injection protection
A website associated with SSPA (Service & Support Professional Association) Europe and dedicated to IT Support Training is severely affected by SQL injection. The home page of the site contains over 200 malicious script tags. My colleague Fraser recently provided Read more…
Confidential data on thousands of students exposed by test preparatory firm
We've seen governments being careless with the identities of millions of children, student data lost via P2P file-sharing software, social networking websites revealing the dates of birth of all of its members, and even kids' TV shows losing the names, Read more…
Breaking news malware turns generic, exploits conflict in Georgia
In recent weeks we have seen malicious email campaigns posing as breaking news stories from the likes of CNN and MSNBC. The latest campaigns still use eye-catching headlines but have the generic subject line of "Weekly top news" and don't Read more…
Ecards and Reverse Russian Bride Scams
Some things never go out of fashion, including it would appear spam that promises an ecard but delivers malware. The latest batch is a basic variation on the old theme, with "dear friend" in the To address and the following Read more…
Duplicitous Fake Pilfered Real Anti-Virus Software
Certain websites out there claim to offer Sophos Anti-Virus version 9 for download with an accompanying "keygen" to crack the software. Such a scenario contravenes acceptable behaviour on several levels: There is a legitimate version of our very own Sophos Read more…
Simulated BSOD seals the FakeAlert deal
Another week and yet another round of fake anti-virus software, this time with its own realistic looking crash screen (BSOD). Not only does this variant replace your desktop wallpaper with a warning that your system is infected (cleaning of course Read more…
GPack kit now being used by AntiVirus200x
Readers will be familiar with the growth in the volume of "fake alert" malware in recent months [1, 2]. One of the more notorious families we have been seeing large volumes of recently, calls itself 'AntiVirus2008' or 'AntiVirus2009'. We have Read more…
Microsoft August 2008 Security Bulletin
The number of critical vulnerabilities patched by the latest set of security patches described in Microsoft's August Security Bulletin is high and they are all quite serious so the patches should be applied as soon as possible. However, we rated Read more…
Hackers disguise malicious email attack as news from MSNBC
The hacking gang who have been bombarding internet users' inboxes worldwide with dangerous emails claiming to be breaking news from CNN, have changed their disguise. They've shrugged off their CNN gabardine suit and put on a fur-lined MSNBC jacket instead. Read more…
Black Hat & Defcon 2008 - a brief summary
Sean wasn't the only SophosLabs attendee at this years Black Hat - there was also Pete from the Australian lab, Mike S from the Canadian lab and myself from the UK lab. The plan had been to update the SophosLabs Read more…
Update on website attacks in Georgia and Russia
Following the earlier timeline I published on the hacking attacks against Russian and Georgian websites after the outbreak of conflict in South Ossetia, I thought it would be good to publish an update. 12 August 2008 It has been revealed Read more…
Vulnerability analysis at SophosLabs
Today's malware commonly spreads by exploiting unpatched vulnerabilities in the operating system and other software such as web browsers and web browser plug-ins. Administrators ought to be aware of the risk introduced by an unpatched vulnerability. Also vital for administrators Read more…
Last chance saloon for NASA hacker
Gary McKinnon, who lost his House of Lords appeal against extradition to the United States at the end of July, has been given two extra weeks' breathing space. The 42-year-old hacker from North London has admitted hacking into computers belonging Read more…
How to Stop Spam!
I'm often asked, is the volume of spam rising and what can be done about it. The short answer of course is that the volume of spam continues to rise and the technologies used to block them continues to become Read more…
Tried & Tested?
Here at SophosLabs our perfomance is frequently measured by independent industry tests such as AV-Test.org and AV Comparatives. These type of tests take up a significant proportion of our time and effort, and impressive results do us a great deal Read more…
Conflict between Russia and Georgia turns to cyber warfare
Regular readers of the Sophos website will be no strangers to the rumours and accusations that have flown around for years, alleging that countries use the internet to engage in cyber warfare and espionage. For instance, in September 2007, the Read more…
Tobacco Seems to be a Sure Winner!
There are a number of nefarious ways to make money using spam email. One of the well known techniques is 'phishing' where a user is tricked into divulging sensitive data to an organisation that claims authenticity. There is however another Read more…
No scone unturned in hunt for kids' TV cookery show data?
The BBC has apologised and set up a freephone helpline after it was discovered that the personal details of children who had applied to participate in a kids' TV show had been stolen. The BBC says it has suspended the Read more…
Olympic Games coverage on news website hit by SQL Injection
My colleague Paul Baccas from SophosLabs has blogged about a number of webpages on news websites that have been infected by an SQL Injection attack designed to install malware onto users' computers. One of the struck websites is NDTV.com, an Read more…
SQL Injection ready-to-publish
SophosLabs have been tracking the recent spate of SQL Injections (1, 2 ..) and this weekend noticed a worrying trend. While investigating an occurrence of Mal/Badsrc-C on a news site I noticed that most of the affected pages contained content Read more…
