-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 3 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 3 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 6 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 6 hours ago
Monthly Archives: September 2008
Free Norton AntiVirus? Hackers disguise fake product to spread Trojan
Many consumers will have heard of Norton AntiVirus, a security product from Symantec which comes in a familiar yellow box. In the old days it used to have a picture of Peter Norton on the packaging, with his arms crossed Read more…
Find your soulmate on YouTube
Recently we have seen fake versions of the YouTube site being created for hosting malware. Now we have seen the real YouTube website being used to promote a "dating" spam campaign. The email is being sent by YouTube's email alert service so Read more…
Second man pleads guilty in huge data breach case
25-year-old Christopher Scott of Miami, Florida, has pleaded guilty to a range of charges connected with what has been described as the single largest and most complex case of hacking and identity theft ever prosecuted. According to the Associated Press, Read more…
Introducing Sophos WebAlert.. with some toys
It's time to open up the Clu-blog once again, and give someone else a chance to have their say. This time it's the turn of Carole Theriault, senior security analyst here at Sophos. Carole discusses how your own website could Read more…
FBI searches apartment of suspected Sarah Palin hacker
Early yesterday, the FBI served a search warrant at the apartment of a university student widely suspected of being involved in the Sarah Palin email hack. According to reports, early on Sunday morning FBI agents arrived at 20-year-old David Kernell's Read more…
You Can Run But You Can't Hide ...
... unless you leave your mobile phone behind. Yesterday I was rudely disturbed by a mobile spam campaign. The spam had the following message: Credit crunch biting? government solution to. wipe 70% of your debt. reply with CLEAR for more Read more…
Error Error on the Wall Who's the Foulest of Them All?
In the modern IT security world the presence of "joke" programs is uncommon, overwhelmed by an avalanche of malware motivated by financial incentives. Recently we received such a "joke" program which did nothing more than display the offensive message box Read more…
BBC Electric Proms mailing list compromised by spammers
Thousands of music fans have been sent spam offering them the anti-impotence drugs Viagra and Cialis, following a security breach on a BBC email mailing list. According to The Daily Telegraph, the spam messages offering pills to improve sexual performance Read more…
Depressing Saturday spam
Sitting here in the lab on a sunny Saturday while friends and family are out and about enjoying themselves is, in some respects, pretty miserable. No matter how much you enjoy your job, you'd obviously rather be out enjoying the Read more…
Presidential malware predictions
During my trip to Interop earlier this week, I was discussing with a number of colleagues how unimaginative malware authors seem to be. No national holiday seems to go past without some form of greeting from the malware authors. Then Read more…
Shall I compare thee to an SQL Injection?
" Shall I compare thee to an SQL Injection? Thou art more common and more widespread: Rough winds do shake the World Wide Web, " Apologies to the bard. Over the last couple of days WS1000 customers, primarily in the Read more…
Stacking the Stack
I was having a look at today's ecard.exe spam campaign (detected as Troj/Agent-HRI) and saw an anti-emulation trick I hadn't seen before. Quite a lot of the samples we analyse at the moment use multiple stages of maths to calculate Read more…
Video: Paris Hilton & Sarah Palin - what's the connection?
The story about Sarah Palin's Yahoo email account being hacked is making headlines around the world, and bloggers are arguing back-and-forth about the rights and wrongs of breaking into her account. What's perhaps most relevant to all of us, however, Read more…
Tie a yellow ribbon ...
Reading the blog of a malware colleague this morning I saw an interesting post. Roger Thompson highlighted that the Texas National Guards website has been attacked. SophosLabs have been monitoring the attack for a few days. Judging from the number Read more…
Honestly Amusing
Of the millions of spam messages and campaigns we see on a daily basis, touting everything from Oriental tax evasion and Russian brides to Britney videos, seldom do we see one that's actually truthful in its claims. Enter the honestly Read more…
Sarah Palin's Yahoo email account is hacked
If you have been living in a cave since 29th August, you may have missed the news that US Presidential hopeful John McCain has chosen an Alaskan moose-burger-eating lipstick-wearing hockey mum as his running mate. Oh, and she's Governor of Read more…
Hackers distribute Trojan as iPhone game
Cold-hearted hackers are taking advantage of a popular iPhone game in their attempt to infect Windows users. Cybercriminals have resorted to spamming out emails with subject lines such as "Virtual iPhone games!", "Take a break!", "Apple: The most popular game!", Read more…
Facebook malware is a real threat
In case anyone was in any doubt, hackers are using Facebook to spread spam and dangerous links to malicious websites. We've discussed the threat before, but it is worth reiterating. And for me it was highlighted in a very personal Read more…
Fashion victim: Almost 100,000 payment cards stolen
US fashion retailer Forever 21 has announced that it had been informed by the Secret Service that the credit and debit card details of some 98,930 customers had been accessed by hackers. The stolen information contained card numbers, expiration dates Read more…
dot HT what? More Fake Alert trickery.
Following on from the previous post about some of the tricks fake alert malware is getting up to [1], yesterday I noticed an interesting post on the Internet Storm Center diary [2]. It would appear attackers responsible for distributing the Read more…
