Monthly Archives: June 2009

It's all a masquerade!

by SophosLabs on June 5, 2009 | Leave a comment
Image (1) yourgoog.png for post 23750

Earlier this week the security folks at Google posted an interesting blog entry, illustrating the top 10 malware sites seen recently. Included in that list are some domains which attempt to cloak their dubious nature by using similar names to Read more…

Share

Iranian media falls for Obama BlackBerry hack hoax

by Graham Cluley on June 5, 2009 | Comments Off
Image (1) obama-hackberry.jpg for post 14302

A news website in Iran has been left with egg on its face after falling for a "joke" story about Barack Obama's BlackBerry being hacked, and secret emails between the US President and his closest aides being released to the Read more…

Share

Don't download Google Chrome for Mac or Linux

by Graham Cluley on June 5, 2009 | Comments Off
Image (2) chrome-mac-linux.jpg for post 14296

When Google released its very own web-browser, called Chrome, last year it generated enormous attention and many Windows users rushed to try it out. There were some grumblings, however. In particular from members of the Mac and Linux communities who Read more…

Share

Hallmark of a Bank Phisher

by SophosLabs on June 5, 2009 | Comments Off
Image (2) qhostat.png for post 23723

Yes folks, those bank phishers have not given up and are constantly finding new ways to steal your banking details. SophosLabs analysts received yet another sample (detected as Troj/Qhosts-AT) manifesting itself as a Hallmark e-card attachment. True, this sort of Read more…

Share

eWay - Online phishing made easy!

by Rowland YU on June 5, 2009 | Leave a comment
Image (2) ewayphish1.png for post 23730

After we have seen a surge in phishing scams targeting one of Australia's biggest banks, Commonwealth Bank (2), SophosLab witnessed another Australia leading payment solution campany, eWay, falling  victim to being a phish. The interesting thing in today's phishing scam Read more…

Share

530,000 Virginia patients individually warned of SSN hack

by Graham Cluley on June 4, 2009 | Comments Off
Image (2) virginia.jpg for post 14290

Officials working for the State of Virginia have announced that they are sending breach notifications to over half a million patients whose Social Security Numbers (SSNs) may have been compromised. The warnings, which are being sent to 530,000 people whose Read more…

Share

Sex trial can hear spyware evidence, judge rules

by Graham Cluley on June 3, 2009 | Comments Off
Image (1) tattletale.jpg for post 14287

A former high school teacher, accused of having sex with one of his underage pupils has failed to stop evidence - gathered via spyware installed by the girl's mother - being used by prosecutors. Ray Samuel Clement III, of Baton Read more…

Share

Windows 7 security - close, but still room for improvement

by Chester Wisniewski on June 3, 2009 | Leave a comment
Default image

I have been quite impressed with Microsoft's focus on security with the upcoming Windows 7 release. In addition to them entering the anti-virus market, they have stepped back and taken a serious look at how to better secure the Windows Read more…

Share

Postcards from a family member really contain malware

by Graham Cluley on June 3, 2009 | Comments Off
Image (1) postcard-family-member.gif for post 14275

SophosLabs has intercepted a widespread attack by hackers who have spammed out a Trojan horse posing as an electronic greeting card from a family member. The emails have the following characteristics: Subject line: Postcard from a Family Member Attached file: Read more…

Share

Empty PDF delivers nothing but pain

by SophosLabs on June 3, 2009 | Leave a comment
Image (1) pdf_blog1.png for post 23709

Exploited PDFs are becoming the new rage [1] amongst the malware authoring circles due to various factors including ease of creation, cross-platform and being web-triggerable. They are also allowed by most perimeter scanners due to the PDFs popularity as a Read more…

Share

Microsoft Outlook re-configuration redux

by Mike Coulter on June 2, 2009 | Comments Off
Microsoft Outlook re-configuration redux

Yesterday, my colleague Graham Cluley blogged about a phish campaign claiming to be a "Microsoft Outlook Notification". The messages contained a phish link to microsoft.com.outlook.[deleted].org: Today, we see a redux of the campaign, this time with a malware attached to Read more…

Share

Sophos wins VB100 award for virus protection

by Graham Cluley on June 2, 2009 | Comments Off
Image (1) vb2009-06.jpg for post 14269

The folks at Virus Bulletin magazine have published their latest edition, including details of their most recent comparative test of anti-malware products. Virus Bulletin tested 22 products from different vendors, examining their ability to detect 100% of the in-the-wild viruses Read more…

Share

Swine flu and Troj/JSRedir-R

by SophosLabs on June 2, 2009 | Leave a comment
Image (1) swine.jpg for post 23698

After a couple of weeks vacation I came back to work to see that Troj/JSRedir-R was still going strong. In my last post (blacklisted by Google. So what has Swine flu got to do with Troj/JSRedir-R? Well looking through lists Read more…

Share

Apple plugs security holes in QuickTime and iTunes

by Graham Cluley on June 2, 2009 | Comments Off
Image (1) apple-security-update.jpg for post 14266

Apple has released an updated version of QuickTime (version 7.6.2) which fixes a number of security vulnerabilities. If left unpatched the security holes could be exploited by hackers who could create a booby-trapped movie or audio file, programmed to execute Read more…

Share

Nine out of ten work PCs fail on basic security

by Graham Cluley on June 2, 2009 | Comments Off
Image (2) antivirus-firewall.jpg for post 14261

Ninety percent of corporate PCs are a security risk because they are not fully patched, or do not have basic security such as anti-virus software and firewalls properly installed. That's the rather staggering revelation made by the results from Sophos's Read more…

Share

You DON'T have "(1) New Message from Outlook Microsoft"

by Graham Cluley on June 2, 2009 | Comments Off
Image (1) ms-phish-notification.jpg for post 14257

Here's an interesting phishing campaign we caught automatically in our spam traps yesterday: The email claims that you have a new message in Microsoft Outlook, but you need to reconfigure your settings (by clicking on the helpful link) in order Read more…

Share

Another week, another "failed delivery" malware attack

by Graham Cluley on June 1, 2009 | Comments Off
Image (1) ups-malware.jpg for post 14251

You may have come into work this morning to find an email in your inbox which claims to be from United Parcel Service of America. Well, if you did receive such a message then you're far from alone - as Read more…

Share

Blox at Bletchley Park

by Graham Cluley on June 1, 2009 | Leave a comment
Image (1) blox-at-bletchley.jpg for post 14245

In the late 1980s/early 1990s I was an impoverished student writing computer games for fun and pocket money. A couple of my text adventure games (Jacaranda Jim and Humbug) did pretty well as shareware, and I also wrote some simple Read more…

Share

Tory MP hacked on Facebook

by Graham Cluley on June 1, 2009 | Comments Off
Image (1) michael-fabricant.jpg for post 14241

Michael Fabricant, Conservative member of parliament for the constituency of Lichfield, has had his Facebook page suspended after his account was taken over by hackers. The British MP fell foul of a phishing campaign that stole his username and password, Read more…

Share

Call a Commonwealth phish?

by Prashant Kumar on June 1, 2009 | Leave a comment
Image (1) comm_new.jpg for post 23693

Recently we have seen a surge in phishes targeting Commonwealth Bank of Australia. Following on from last week (2), today we have seen a 'phone phish'. The phone number listed is a valid Australian number which can be dialed. Once dialed, Read more…

Share