-
- SophosLabs: "Twitter has broken the news of 17 of the last 6 celebrity deaths" says @bschorr. Latest is Gorbachev http://t.co/Hp38Entf25 minutes ago
- SophosLabs: Email scams aren’t just from Nigeria. Learn how @gcluley won two lotteries in a day http://t.co/si1yDPEq34 minutes ago
- gcluley: Ha ha. RT: @bschorr Twitter has broken the news of 17 of the last 6 celebrity deaths.58 minutes ago
- gcluley: Multiply multilingual – Email scams aren’t just from Nigeria http://t.co/I56TyBXr59 minutes ago
Monthly Archives: January 2009
Man loses $150,000 in London terror email scam
A 22-year-old man from Southern Ontario says he owes his friends and family an astonishing CDN $150,000 after he fell victim to an international email scam. Unemployed Canadian John Rempel told journalists that in 2007 he opened an email claiming Read more…
Ex-worker planted malware to crash restaurant systems
A 21-year-old man has admitted planting malware on his former employer's computer network after he was fired, according to the US Attorney's Office. David Ernest Everett Jr stopped working on the helpdesk at Wand Corp, a firm which produces integrated Read more…
The Northwest Airlines malware attack
We're seeing a Trojan horse being widely spammed out at the moment posing as an email from Northwest Airlines. The emails have the following characteristics: From: "Northwest Airlines" <tickets@nwa.com> Subject line: E-ticket #<randomnumber> Attached file: Your_ETicket.zip or eTicket.zip Message body: Read more…
Delete files that don't exist
Here's a cute malware trick for today, utilising the seemingly infinitely flexible Windows registry to delete files that don't yet exist. The registry allows you to associate a debugger with any program you like. A genuine debugger is specialised software Read more…
Patch released for malicious BlackBerry PDF vulnerability
Research in Motion (RIM) has issued a patch which reportedly fixes multiple vulnerabilities in the way the BlackBerry Attachment Service handles Adobe Acrobat PDF files. According to a security advisory issued by the firm, hackers could send email message with Read more…
Breaking into Twitter accounts with a dictionary password attack
Last week we discussed how a hacker was able to break into the Twitter accounts of celebrities. It turned out that a Twitter employee, who had administrative access to members' accounts, had her account broken into because she chose a Read more…
January 2009 Microsoft Security Bulletin
When I received an advanced notice of the January security advisory earlier in the month, I was a bit surprised to see that there is only one security bulletin, which shows that even guys from MSRC are occasionally allowed a Read more…
Serious security vulnerability in Safari web browser reported
An open source software engineer with a history of uncovering flaws in Mac OS X, claims to have uncovered a security vulnerability in Apple's web browser Safari, affecting both Windows and Apple Mac users. Brian Mastenbrook has blogged that a Read more…
Continued Fake AV .htaccess attacks
A few months ago I blogged about attackers using malicious .htaccess files in order to redirect victims to malware infection sites [1]. Well the trend continues. In the past few days I was dealing with a query from an affected Read more…
Safe-cracker arrested after police post CCTV photos on Facebook
Regular readers of this blog must be getting used to hearing stories about criminals breaking into users' Facebook and Twitter accounts to cause mischief and make a quick buck. Well, here's a story of a rather different break-in that involved Read more…
Medical data on over 6000 prisoners lost on USB stick
More than 6,000 prisoners and ex-inmates from Her Majesty's Prison Preston, Lancashire, have had their personal medical details exposed by the loss of a memory stick, according to media reports. The memory stick carried data relating to 6,360 prisoners who Read more…
Indian police crack down on unsecured Wi-Fi hotspots
Police in Mumbai (formerly known as Bombay) are reportedly on the hunt for poorly secured wireless connections, following an incident last year where hackers sent a warning about an imminent bombing from an innocent person's Wi-Fi connection. At a conference Read more…
NASA hacker Gary McKinnon could be prosecuted in Britain
Gary McKinnon, the infamous hacker who broke into computer systems belonging to NASA, Department of Defense, the US Army, US Navy and US Army, has told the British Crown Prosecution Service (CPS) that he would plead guilty if prosecuted in Read more…
LNK Trojan Downloaders - when the shortcut becomes the program
Malware authors have recently revived a cunning tactic to get their malicious code onto your machine -- using a Windows Shortcut file both as the attack vector and the downloading payload itself. The use of Windows Shortcuts is nothing new Read more…
Government departments in New Zealand and Bulgaria hit by viruses
According to media reports, government ministries in New Zealand and Bulgaria have been hit by computer virus infections, shutting down computer systems and disrupting work. According to minister Mihail Mikov, Bulgaria's Interior Ministry was struck - with traffic police and Read more…
Hackers hide malware behind CNN headlines about Gaza conflict
Hackers love to jump on the tails of breaking news stories in their attempt to infect as many people as possible. One of the latest examples we have seen is a campaign of spammed-out messages that claim to come from Read more…
Anti-Israeli hackers bring cyberwar to Washington DC and NATO
The website of the US Army's Military District of Washington - www.mdw.army.mil - was hacked yesterday by hacktivists protesting against Israel's actions in Gaza. The hack, which is still viewable in Google's cache of the website, claims that the site Read more…
A simple way to phish for Twitter passwords?
SophosLabs received an interesting email today from a user who believed that high-tech news website Wired.com had been hacked. As Ted Russ posts on his blog, he had a strange dialog box pop up when he visited a page on Read more…
Sacked worker used spyware to read former colleagues' emails
According to media reports, a British man who lost his IT job after lying about his career history and qualifications hacked into his former employees' network and planted spyware on colleagues' PCs. 46-year-old Julius Oladiran of South Norwood, London, lost Read more…
Should hard drives be destroyed or wiped?
BBC News Online, one of the most popular websites in the UK, is running a story today advising people not to wipe old hard disks, but to take a hammer to them instead. The story claims that secure data erasure Read more…
