-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 3 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 3 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 6 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 6 hours ago
Monthly Archives: April 2009
RBS, Rapport and OITC anti-virus test results
An email from a customer today brought my attention to some anti-virus test results that have been published on the website of RBS (Royal Bank of Scotland). At first glance, the test results look quite bad for Sophos (and even Read more…
Who's good at counting?
I've reported on a wide variety of tests on this blog. Some have been very good whilst others have been very questionable. Today, my attention has been drawn to another testing site that claims to have a new take on Read more…
Sinowal delivery: date-driven redirection scripts
Recently, there have been a few reports of new Sinowal (aka Mebroot or StealthMBR) variants having been spotted in the wild [1,2]. We have been seeing this activity ourselves at SophosLabs. In this post I will highlight some interesting characteristics Read more…
Teen hacker who made fake 911 calls punished
According to media reports, a teenage hacker has been sentenced to almost a year in juvenile detention after admitting running a botnet and bombarding the 911 emergency service with hoax calls. The 17-year-old hacker, from Worcester, Massachusetts, who was referred Read more…
Twitter users swamped by TheSmartECard messages
It seems that Twitter is becoming a major new playground for spammers and malware authors keen to target social networking users. Today we are seeing a new series of messages being posted to the streams of hundreds of unsuspecting Twitterers: Read more…
Sophos at RSA
Like just about every other security company on the planet, Sophos is exhibiting at the RSA 2009 Conference in San Francisco, California this week. If you happen to in the area of the Moscone Center, do pop by booth 1817 Read more…
Sophos sales magic in Boston
If you've been following the Clu-blog in the last week or so, you'll notice that it's been dominated by news about the various incarnations of the StalkDaily/Mikeyy Mooney worms that have been hitting users of the Twitter micro-blogging website. But Read more…
Fake AV Now Part of Security Center
The drudgery of fake antivirus. After countless permutations (Pn, Pn+1....Pn+9999) of these fake AVs, it is very hard to keep the enthusiasm high. Lately, a 'not-another-fake-av' groan came with a slight variation. This time, the authors have figured out a Read more…
I Spy Waled
This week Waled updated their main payload site again, this time pretending to offer software called "SMS Spy". In March Waled sites pretended to be Reuters reporting about an explosion, February saw them spoof the Couponizer site, and back in Read more…
New Mikeyy worm makes jokes at Twitter's expense
Another day, another Twitter worm. After yesterday's attack referencing the likes of Ashton Kutcher and Oprah Winfrey we are now seeing many Twitter users spreading messages on behalf of a new version of the Mikeyy worm, this time their common Read more…
Twitter XSS Strikes Again
It seems to be a bad week for Twitter as once again they have been targeted by an XSS attack which is spreading quickly across Twitter. It's still not certain as to who wrote it, though "Mikeyy" is being referenced Read more…
Malware unit testing
Malware analysis can be quite a complex task -- with all the different packing, code obfuscation, anti-emulation, anti-debugging, rootkit techniques, etc. etc. -- one can assume the development of such malware is equally challenging (I'll have to assume, not having Read more…
Mikeyy worm targets Oprah, New York Times and others
A new version of the Mikeyy cross-site scripting worm is spreading extremely rapidly across the Twitter micro-blogging network. Messages posted by the worm include: @oprah - sup? welcome to twitter. - mikeyy @TheEllenShow - hey baby, love me long time? Read more…
Sality Goes EPO
One of the more active families of file infecting viruses, Sality, has this week received a major overhaul in its infection method. Sality has been a major headache to AV companies and their customers due to constant changes in its Read more…
Firm hires Twitter worm author Mikeyy Mooney
Mikeyy Mooney, the 17-year old hacker who caused mayhem on Twitter with a series of worms on the micro-blogging website last weekend, has been rewarded with a job in web applications development according to media reports. Frankly, the news that Read more…
Who doesn't like fruit?!
Especially the ever easy to reach 'low-hanging fruit'. One of the over ripe, yet still tasty, low-hanging fruit of the AV industry, is the ever pervasive inclusion of "flames" or "tags" in ones warez.... These ( typically rude ) phrases Read more…
Perfect Job - Getting Paid to Post in Blogs
With the sharp rise of unemployment due to global economic crisis, more and more job related spam is found in the internet. This kind of spam usually offers job opportunities which sound very nice. The most recent example is to Read more…
April 2009 Microsoft Security Bulletins
March seems to have been a busy month for colleagues at Microsoft Security Response Center and the hard work resulted in 8 new Security bulletins of which five have received the rating Critical. Several vulnerabilities have a potential to be Read more…
Beware of PowerPoint boobies traps
In just a few hours time Microsoft will be releasing its regular month "Patch Tuesday" bundle of security fixes - this month including patches for critical vulnerabilities in the likes of Internet Explorer and Microsoft Excel. But according to the Read more…
