-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 3 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 3 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 6 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 6 hours ago
Monthly Archives: October 2008
An offensive CAPTCHA on MySpace
Whilst setting up a MySpace account earlier on this morning I experienced one of those "surely it can't be" moments. Having entered my personal details I proceeded to goof up the initial CAPTCHA I was presented with. (Clearly more practice Read more…
Not Another Anjelina Jolie Malware Campaign
You would've thought that most of these spammers/malware authors would have given up by now. But no.... the Anjelina (spelling, people!) Jolie malware/spam campaign continues to rumble on unabashedly. This time, a huge spammed out malware campaign manifested itself in Read more…
Sexy spammers are stalking me on Twitter
I'm using Twitter to syndicate my blog to people who prefer to use that way to follow the latest breaking news from my (rather untidy) desk. A while back I invited folks to follow me - and thanks to those Read more…
You have NOT received an eCard
In the last few months we have been seeing a rise in the proportion of emails containing malicious attachments. This is something of a throwback to the old days, when worms and Trojan horses were regularly being spread via email Read more…
October Microsoft Security Bulletins
During the last couple of days we had a chance to analyse the latest vulnerabilities patched by Microsoft in the October Security Bulletin and create a set of our own advisories for vulnerabilities that are most likely to be used Read more…
Demanding money with menaces?
Scareware, rogueware, fake anti-virus software.. call it what you like, it's a real pain in the neck for many internet users today. Guest blogger Paul Ducklin, Sophos's head of technology in Asia Pacific, tackles the issue and provides advice on Read more…
FTC shuts down major international spam operation
The Federal Trade Commission has today convinced a court to shut down a major international spam operation, believed to have marketed bogus drugs to enhance male sexual performance, fake luxury watches and weight loss solutions. Australia-based Lance Thomas Atkinson, a Read more…
Student arrested for Vietnamese denial-of-service attack
According to local media reports, a high school student has been arrested by authorities in Vietnam in connection with a distributed denial-of-service (DDoS) attack on websites in the country. According to investigators, the student - who has not been named Read more…
Follow our blog on Twitter
I have to admit that it took me some time to become positive about micro blogging sites like Twitter. I thought I will never tweet, primarily because I did not not think anybody would be interested in finding out what Read more…
NASA hacker's Asperger's gambit fails to convince UK authorities
Gary McKinnon, the hacker who infamously accessed US military and NASA computers in what he claims was his search for a UFO cover-up, has failed to convince the British Home Secretary that he should not be extradited to America. According Read more…
Nigerian 419 scams: some fun with Wordle
Have you Wordled yet? Wordle is a fun little web app that will take a bunch of words or an RSS feed and convert it into an (often beautiful) word cloud. It's a fun way to spend an idle few Read more…
Malicious Microsoft Security Update spammed out before Patch Tuesday
Hackers are trying to infect innocent computer users with a malicious Trojan horse disguised as a Microsoft security update, in the hours before the software giant issues genuine critical patches as part of its monthly "Patch Tuesday" cycle. The emails, Read more…
Marks & Spencer email hoax resurgence
An email chain letter claiming that legendary British retailer Marks & Spencer are offering up to £500 in free vouchers has seen a resurgence in the last couple of weeks. We first encountered it in the summer of 2007, but Read more…
Chip-and-pin fraud hits European supermarkets
If you thought living a secure life was hard enough with email phishing, keylogging spyware, backdoor Trojan horses, wi-fi hijacking and compromised websites here comes another thing to worry about. According to British newspaper The Daily Telegraph this weekend, hundreds Read more…
Life in the Labs
I'm a new recruit at Sophos, and thought there might be interest in my experience of starting here. It's been three months since I started my training as a virus analyst, and I'm still learning new things every day. I'm Read more…
Yahoo engineer arrested in Indian terror case
In late July a series of bomb blasts rocked the city of Ahmedabad in India, killing scores of people. Emails were sent to TV stations five minutes before the first blasts claiming to come from a group called Indian Mujahideen Read more…
Hackers break into World Bank network, reports claim
Fox News is reporting that the network of the World Bank Group has suffered from six major intrusions since mid 2007, including hackers gaining full access to the rest of the bank's network for nearly a month in June-July 2008. Read more…
$700,000 Romanian phisher pleads guilty
Newspapers in Minneapolis are reporting that a 22-year-old Romanian national has admitted his involvement in a US-based phishing scheme that raked in $700,000. Sergiu Daniel Popa, who was extradited to the USA from Spain in June, stole a total of Read more…
UI redress attacks (aka Clickjacking)
Recently there has been quite a bit of noise about attacks involving a technique dubbed 'Clickjacking'. The tale starts back in September when a talk planned for the OWASP conference was pulled at the last minute, due to concerns about Read more…
Behind the scenes of the VB2008 ponytail video
A few people have contacted me regarding the video we made at the Virus Bulletin VB2008 conference, interviewing various "celebrities" from the anti-virus world about the questions that err.. really matter. With help from my colleague Carole Theriault, I used Read more…
