-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 3 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 3 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 6 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 6 hours ago
Monthly Archives: February 2009
More PDF activity - BOPs protection confirmed
Today we saw another malicious PDF attempting to exploit the new zero-day vulnerability in Adobe Reader and Acrobat [CVE-2009-0658, APSA09-01]. The Sophos advisory for this vulnerability can be found here. This latest sample is also proactively detected, as Mal/JSShell-B. I Read more…
Sneaky survey adverts prey on ham-fisted Wikipedia users
Do you have Wikipedia bookmarked as one of your favourite websites, or do you just type its URL into your web browser? Well, be careful if you're a clumsy typist because advertisers may be trying to take advantage of you Read more…
Beware "Error Check System" Facebook application
Some Facebook users were bombarded with bogus warnings this weekend saying that friends had had problems viewing their profile. The reason? A rogue Facebook application called "Error Check System" that was sending misleading notification messages. The typical warning read: [Name] Read more…
Wikileaks secret donor list leaks onto Wikileaks
Whistle-blowing website Wikileaks has not been far from the headlines in the last few years. With its interest in publishing anonymously submitted leaked documents such as details of Sarah Palin's hacked Yahoo email account, membership list of the British National Read more…
Sunday banking Trojan blues
Considering the current financial crisis which makes lots of banks, especially in UK, less popular than a year ago I was hoping that the number of banking Trojans would also be on a decrease. Although it is true that traditional Read more…
Sweet rabbits phish login details from PayPal users
Since earlier on today, we have been seeing an ongoing phishing attack against PayPal, and not the usual phishing email enticing the victim to click on a rogue site. Instead, the attackers have spammed out malware within a RAR attachment, Read more…
PDF exploit - proactive detection confirmed
After a significant number of enquiries yesterday, following the reports of the new zero-day vulnerability in Adobe Reader and Acrobat [CVE-2009-0658, APSA09-01], we finally got our hands on a sample to confirm the detection status. The malicious PDF is proactively Read more…
University of Florida warns students and staff of security breach
The University of Florida is contacting more than 97,000 people after an intruder gained access to a computer system containing personal information. According to an announcement by the university, which is one of the largest in North America, say that Read more…
Critical security hole in Adobe Acrobat PDF readers
Adobe has issued a security alert after a critical zero-day vulnerability was discovered in their popular PDF reading program which could allow hackers to take control of computers. In a security bulletin issued yesterday, Adobe warned that the security hole Read more…
Fake Sophos sponsored advert on Flickr
Christoph Hardy, a keen photographer and a colleague of mine from Sophos's offices in Germany, noticed something strange when uploading some pictures on Flickr yesterday. As he searched for Sophos pictures on Flickr, he noticed on the right hand side Read more…
Phishing mule caught on CCTV escapes jail
A man who helped steal €12,000 from Irish bank accounts through a phishing email campaign has managed to avoid being sent to jail. Dublin Circuit Criminal Court imposed a three year suspended sentence on 38-year-old Eghosa Aigbe after he was Read more…
Careless Twittering can lead to identity theft
I have a friend called Harry (not his real name, for reasons which will become obvious) and in the last week or so he's had his very own experience of being on the sharp end of identity theft. Someone has Read more…
Tech journalist falls for Facebook phish
Bravo to David Berlind, an editor at InformationWeek magazine. He could have just kept schtum about falling for a phishing attack that stole his email address and Facebook password today, but instead he shared his experience with others in the Read more…
A neat add-on for Twitter
I'm finding myself using Twitter more and more in my everyday work. It's an effective way of quickly sharing and gathering information about emerging security threats from other internet users. But one of my concerns with the system is a Read more…
Happy Ten pyramid game can lead to identity theft
Katherine in our marketing department received this letter through her postbox yesterday, inviting her to take part in a pyramid game called "Happy Ten". The idea is that you put £10 in the bank account of player number one, and Read more…
Have you patched Internet Explorer 7 yet?
We're seeing evidence of a vulnerability in Internet Explorer 7 being exploited in the wild. The vulnerability (known as MS09-002) allows malicious webpages to run code on your computer which could, of course, infect your PC, commandeer your computer to Read more…
Backlash forces Facebook to return to old terms of service.. for now
The controversy over Facebook's revised terms of service has prompted a turnaround overnight by the immensely popular social networking website. Facebook founder Mark Zuckerberg has said in a blog post that the company has decided to return to its previous Read more…
IE7 exploit in the wild
Within the February 2009 Microsoft Security Bulletins we posted about last week [1], was a vulnerability relevant to Internet Explorer 7 (MS09-002). Yesterday you may have seen that the vulnerability assessment page for this one [2] was updated to reflect Read more…
Facebook terms of service controversy
Arguments are raging about a change Facebook has made to its terms of service (TOS). On one side, privacy protestors who claim that the changes mean that Facebook "Can Do Anything [it wants] With Your Content. Forever." On the other, Read more…
Twitter attack: Miley Cyrus falls foul of sex-obsessed hacker
Last year, candid photographs of Hannah Montana star Miley Cyrus were posted on the internet after a hacker broke into her email. Now it seems she's been hacked again - but this time it's her Twitter account that has been Read more…
