-
- ChetWisniewski: Fancy some geeky tech-puzzle fun? Try our latest #sophospuzzle (and win a NERF gun) http://t.co/9k3pr1Qaabout 3 hours ago
- ChetWisniewski: Looks like no #Canadians have solved the latest #sophospuzzle yet - c'mon, let's give'r http://t.co/9k3pr1Qaabout 4 hours ago
- SophosLabs: Sophos just released a beta of its free Android anti-virus scanner (does other things too). Get it here http://t.co/9ankUHxhabout 5 hours ago
- gcluley: Technical paper - Fake anti-virus: The journey from Trojan to a persistent threat http://t.co/8pyjNEbGabout 5 hours ago
Monthly Archives: September 2008
Fake Alert malware with a sting in the tail
Earlier this morning, whilst perusing through some web attacks seen over the last few days, I noticed an interesting one, which I will outline in this blog post. The attack starts on what looks to be some portal to a Read more…
Lost USB drive leads to lost contract
PA Consulting, the firm that misplaced a USB memory stick containing the unencrypted personal details of convicted British criminals, has had its £1.5 million contract with the UK government terminated. The British Home Office sent the sensitive data via email Read more…
Credit, credibility and credulousness
Time to hand over the reins again to another guest blogger. Paul Ducklin, Sophos's head of technology in Asia Pacific, discusses the recent United Airlines debacle. Over to you Paul... What is news? The word itself is simple: imagine that Read more…
Hurricane postcards
When we see a stack of "click here to retrieve your free postcard" emails in our spam queues we can usually place bets as to what malware will be installed upon clicking. Something a bit more unusual breezed into our Read more…
Microsoft September 2008 Security Bulletin
August is the month of holidays and conferences and the activity of vulnerability researchers is accordingly lower. Nevertheless, Microsoft's September Security Bulletin contains 4 high profile vulnerabilities which may allow an attacker to remotely execute code on the victim's system. Read more…
Barack Obama Sex Video malware campaign
The US Presidential fight between John McCain and Barack Obama is heating up, with even the millions of us around the world who aren't allowed to vote following the latest news with great interest. Malware authors, hackers and virus writers, Read more…
iPod: music, movies and malware?
Many people are quite aware of the dangers of using USB keys in corporate environments. However, iPods, digital cameras, mobile phones and the like pose the very same risk if they are connected to your corporate workstation. This is because Read more…
Troop secrets on lost USB stick found on nightclub floor
In July I blogged about how the British Ministry of Defence has lost over 120 USB flash drives since 2004. A tabloid newspaper has now revealed the latest careless incident involving a USB stick, in this case the portable drive Read more…
Coming To A Conference Near You!
The next few weeks is going to be very busy for me and many other members of SophosLabs it appears to be conference "season". Next Wednesday (September 17th) I'm taking part in a panel session at Interop in New York Read more…
Hack, pump, dump, jail
According to Wired magazine, an Indian man was sentenced yesterday to two years in an American jail for his part in an international fraud ring that hacked into the internet accounts of American brokers and manipulated stock prices. 35-year-old Thirugnanam Read more…
Spam, stockings and rhino poop
Well, it makes a change from Paris, Lindsay and Britney I suppose.. The latest spam message to catch my eye uses a different tack than offering videos of female celebrities, or breaking news stories from CNN. Yes, it's pharmaceutical spam Read more…
Spyware helps send child abuser to jail
In a case reported in the British media, an ice-hockey coach has been jailed for four and a half years after being found guilty of having sex with an under-age girl. He was only caught after the teenage girl's father Read more…
Fake Graham Cluley tries to steal Sophos staff data
I woke up this morning, checked my email, and found out that I had an impersonator. This was a very different situation from a couple of weeks ago when Greg Day of McAfee "stole" my identity. I opened my email Read more…
Yet more FakeAV trickery
Today I was doing some analysis when I ran across this gem in our queues. It's Troj/FakeAV-DB. but what made this one entertaining was the EULA. Now I appreciate many people do not read EULAs, but I found this one Read more…
Linux/Rst-B - very much alive and kicking
Last month a snippet of our Linux malware research was published in Virus Bulletin. Virus Bulletin is the de facto anti-malware publication but is only available via subscription. With their permission, we decided to republish some of the results here. Read more…
This month's dumbest hacker award goes to...
Bangladesh's elite security force, the Rapid Action Battalion (RAB), had its website at www.rab.gov.bd hacked last week. Visitors to the site on Friday were greeted with a message criticising the government for not doing enough for information technology while introducing Read more…
Me.com. Your identity everywhere
AppleInsider are reporting a phishing campaign targeting MobileMe users, following an earlier attack less than a month ago. If the figures from CardCops are correct then the first attack netted credit card information of between 100 and 300 MobileMe users. Read more…
More Fedex Spam Malware
It has been a relatively quiet weekend here at SophosLabs. However, we are continuing to see Fedex spam with a subject like "Fedex Tracking N*5421062126" and the following message body: Error! No JavaScript in your browser! The message contains a Read more…
Identities of 5000 British prison workers at risk, after hard disk lost
Last month I blogged about how a USB drive had been lost containing confidential data about every prisoner in England and Wales. There is now uproar in the British media as it has been revealed that a 500GB portable hard Read more…
Fake YouTube site points to malware
I've JUST blogged about that fancy webpage that tries to install a malicious "codec" on your computer. And, believe it or not, I wanted to finish my post by saying that "I wouldn't be surprised to see a fake version of YouTube Read more…
