-
- duckblog: Get into RSA 2012 in San Francisco for free! Use the code SC12SPH - http://t.co/DXO28TCYabout 2 hours ago
- ChetWisniewski: Update on the KPN compromise in The Netherlands, company says "password are encrypted with UTF8" http://t.co/EmDuXfqSabout 2 hours ago
- gcluley: Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/aN78hlkpabout 5 hours ago
- ChetWisniewski: Leaks website Cryptome was hacked this weekend directing users to Blackhole exploits. Advice for web admins http://t.co/OxSK9sifabout 5 hours ago
Monthly Archives: May 2009
Scammer tricks
After I leave the lab after a busy day, I often ponder what tricks scammers will use next? For example, we see a constant stream of fake security applications that fraudulently suggest a user should offload a sum of money Read more…
Cybersecurity Czar
This morning President Obama announced that he would be appointing a Cybersecurity Coordinator. The appointment is one of the many recommendations of the 60 day cyberspace policy review (PDF) commissioned in February. Along with publication of the review itself comes Read more…
Guest blog: Single vendor or multi-vendor security - that is the question
John Metzger, a product marketing manager in our Columbus office, has found a large pile of Sophos polo-shirts which he would like to give Clu-blog readers. Unfortunately, there's a catch - he wants you to answer his survey. So it's Read more…
109,000 pension holders at risk after laptop stolen
It seems hardly a day goes past without news of a lost laptop containing sensitive unencrypted data or a mislaid USB memory stick. The latest victims are some 109,000 pension holders whose data was on a laptop computer at the Read more…
A data-stealing trojan under the microscope
Recently I had received a call to assist a potential customer with a virus outbreak in a segment of their network. The victim had been using a competitor's product, which unfortunately was not protecting them from the spread of this Read more…
Cracked Windows - Microsoft warns of critical flaw
Microsoft has published a security advisory warning of a critical vulnerability in Microsoft DirectX on older versions of Windows. The problem is in the way that Microsoft DirectShow handles QuickTime format files - meaning that if a user opened a Read more…
Sophos Australia at AusCERT 2009
Dear Diary, Last week was AusCERT 2009 - the biggest, and arguably the best, computer security conference and trade show in Australia. The event takes place at the Royal Pines resort in South East Queensland, far from the madding crowds, Read more…
Explore the anatomy of an attack
Guest blogger James Lyne has tied me up with bedsheets in order to hijack the Clu-blog for a minute. Below you'll find a blatant advert for an event he's involved in at Sophos's HQ in Oxfordshire. Take it away James.. Read more…
Leaked German poll results lead to Twittergate
According to newspaper reports, Twitter has been at the centre of a political storm in Germany after news of the president's re-election leaked out on the micro-blogging website. Julia Klöckner, of chancellor Angela Merkel's CDU party, posted on Twitter "People, Read more…
Stupid way to end piracy
Here in SophosLabs, we are quite used to seeing popular musician's images and names being used to spread malware. But this piece of malware I saw today attempts to stop global music piracy, which incidentally seems to be on the rise Read more…
Why Geo-tagged Twittering could be bad for security
The web is becoming increasing about where you are, not just what you're doing/saying/reading/writing. For instance, earlier this week I was standing in a horrendously long queue to be admitted into a recording of the BBC TV show QI, hosted Read more…
That guy phishing you could be 14 years old
The US District Court in Minneapolis has sentenced a 23-year-old Romanian immigrant to 8.5 years in jail for stealing a total of approximately $700,000 from over 7,000 innocent people. Sergiu Daniel Popa spammed out emails pretending to come from financial Read more…
Western Union malware attack rides into inboxes
Our labs are seeing a stampede of emails claiming to come from Western Union's support team, but are actually carrying a malicious payload in the form of a Trojan horse. The emails, which pretend to have been sent from support@westernunion.com, Read more…
How to control a BlackBerry Enterprise Server with just a PDF
Sorry, I'm not actually going to tell you how to do that. But Research In Motion (RIM), the company who make the BlackBerry smartphones beloved by corporate workers worldwide, has warned of a vulnerability in the way its devices handles Read more…
Which they ate with a runcible spoon
Spam campaigns often include text from commonly-available books and websites to try to make them look more like legitimate emails. This week I've seen runs that are using lines from the nonsense poetry of Edward Lear in their hashbuster, for Read more…
NHS accused of "cavalier attitude" after data security leaks
The British National Health Service (NHS) has been accused of losing almost as much personal data in the first three months of this year, as the entire private sector. With over 140 security breaches by the NHS logged by the Read more…
Ten years at Sophos
I didn't believe them when they told me, but apparently today is the 10th anniversary of me joining Sophos. Sophos wasn't my first job in the computer security industry. In December 1991 I went for an interview at S&S International Read more…
Fear of blackmail after RAF loses sensitive personal data
Highly personal information about senior officers of the Royal Air Force (RAF) - including details of extra-marital affairs, debt, drug abuse, and the use of prostitutes - is alleged to be amongst the data lost from a base in Innsworth, Read more…
Common Fish
Today I came across a phish, nothing new there but it was targeted at one of Australia's biggest banks, Commonwealth Bank. The phish claims to be from the Commonwealth Bank, and looks like this -------------------------------------------------------------------------------------------------------------------------------- Dear Member, Your Online banking Read more…
Acai Berry spammers hack Twitter accounts to spread adverts
Hundreds of innocent user's accounts on the Twitter micro-blogging service appear to have been hacked by spammers. A typical message posted on the compromised accounts will say something similar to the following: Howdy my friend! I just lost 13 pounds Read more…
