-
- gcluley: Someone please help. I can't work out if this "Thank you Facebook" song is serious or ironic genius http://t.co/1GE0mRWVabout 4 hours ago
- gcluley: "Norton" phishing links to "AOL" phishing page? Lousy QA by spammers http://t.co/8j5GeYCFabout 6 hours ago
- duckblog: Jimbo "Wikipedia" Wales's namesake country boasts the world's first Wikipedia Town! (Seriously.) http://t.co/sgP0Vk1habout 9 hours ago
- ChetWisniewski: RT @nmap: Nmap 6 released! http://t.co/Z7d4qD2E < Congratulations Fyodorabout 18 hours ago
Monthly Archives: November 2008
Malicious Battlefield
Following on from yesterday's Pirates of Cape COD blog, we've seen more combat related malware this morning. Not quite such a well known name this time as the Call of Duty series, but "Battlefield Heroes" is a free-to-play cartoon style Read more…
Pirates of Cape COD
A reliable source has informed me that one of the hottest new games these days is "Call of Duty 5" which retails at 30 pounds per license. However there exists a website from which one may buy a license for only $10. What a Read more…
Contract of many disguises contains Trojan horse
Unsolicited email attachments are always something that should be treated with caution, and in recent months we have seen something of a rise in this method being used as a way of distributing malware. Checking our monitoring systems today I Read more…
A Confick of interest
Earlier this week we witnessed the release of a new propagation technique that exploits a recent Microsoft vulnerability in the Windows Server Service. W32/Confick-A uses this security loop-hole to propagate its malicious DLL across user networks, generally making a real Read more…
Happy Thanksgiving Day
Happy Thanksgiving Day to all American readers of the Clu-blog. It's just a regular working day in many parts of the world, but in America many people will be tucking into a large dinner with their family and friends. It's Read more…
Conficker worm exploits Microsoft MS08-067 vulnerability
Back in October I warned you about a critical security vulnerability found in some versions of Microsoft Windows. Known as as MS08-067, Sophos published information about this serious vulnerability and warned of the potential for worms to be written which Read more…
Snickerdoodles and FakeAV
Earlier this week we became aware of YAFAT (yet another fake alert trojan family), this time being distributed via drive-by installs from compromised web sites. Vulnerable sites are having web pages stuffed with keywords (porn, celebrities, popular snacks) uploaded to Read more…
One tall data loss and an apple bran muffin to go
Uh-oh. The identitities of some 97,000 employees of Starbucks have been put at risk after a laptop was stolen at the end of October. It's unclear why the coffee house giant has waited four weeks before informing its workforce. The Read more…
ID theft.. fail
From the simply wonderful failblog.org: Thanks to Clu-blog reader Louisa for the tip-off.
More Mac OS X malware discovered
I've been sick for a day or two. One of the drawbacks of being tucked up in bed with a fever is that my wireless signal doesn't quite make it that far up the stairs - and so the blog Read more…
Spam is up by 200%. Rustock botnet revival to blame.
Two weeks ago we wrote about a significant drop in spam volumes caused by the shutdown of McColo hosting. There was no doubt that spam traffic will get back to its previous levels (if not higher) eventually. The question was -- when? Read more…
Facebook, Fake AV and Friends
We've seen an increasing amount of Facebook worms over recent months, and the last few variants have started to reference other social networking sites, including MySpace. I saw the move to a broader spectrum of targets mirrored when I was Read more…
Bobbear suffers from obscene Joe Job attack
Last week we described how a voluntary website set up to spread information about money laundering scams was suffering from a distributed denial-of-service attack, presumably instigated by the very people that it tries to warn people about. Today we discover Read more…
New spin on OSX/RSPlug Mac malware
We will soon add detection for a new Mac Trojan, nicely described by Jose Nazario of Arbor Networks. It will be detected as OSX/Jahlav-A. The Trojan comes as a key generator application MacAccess in a standard DMG disk image file, Read more…
Facebook takes on spammer, and wins $873 million
If you poke Adam Guerbuez on Facebook right now, chances are that he won't respond. That's because the Montreal-based spammer has just been landed with a stonking US $873 million judgement by a district court in San Jose, after sending Read more…
Spam is down for most but will go up for some
As we have been saying on our blog recently spam volumes have been down for some. Others may be seeing an increase in spam though, especially for those individuals and companies whose contact details were published to various internet sites Read more…
Hello mein Scammer
We've discussed before the threat of emails from pretty girls looking for love on the internet. If you make the mistake of responding to unsolicited declarations of love online you may be telling a spammer that your email address is Read more…
McColo shutdown lightens malware load
Not only has the take down of McColo last week (link, link) caused a massive drop in worldwide spam levels, but it would also appear to have resulted in a big drop in the level of malware being spammed out Read more…
Phishing gangs capitalize on upcoming UK government tax breaks
This Saturday started quietly as expected so I had a chance to look at the BBC news headlines. One of the today's headlines indicates that the UK Chancellor, Alistair Darling, is spending weekend adding the finishing touches to a package Read more…
An example of astute social engineering
W32/Autorun-NQ is a prime example of astute social engineering. When I ran this malware on my test machine, it presented me with the following display window: A what? What would an aircraft blackbox analyzer software be doing on a customer's Read more…
