-
- chetwisniewski: #Comcast users being targeted with Constant Guard phishing emails http://t.co/jx52bYneabout 2 hours ago
- gcluley: Man behind Bredolab botnet gets 4 seconds jail for every single PC he infected (but, 30 million PCs..) http://t.co/Sr9Ea3EYabout 3 hours ago
Monthly Archives: July 2009
Clomp - using & abusing PsExec
We've been following the Clomp family of malware, also known as Clampi, for some time now. It's a strange beast, and its nasty polymorphic packed code changes with each new release. It also has some slightly unusual features; we've already Read more…
Black Hat deja vu - Stoned again
End of July is the time of the year when SophosLabs, prompted by press coverage, start receiving a lot of questions about newly published undetectable pieces of malicious code that will change the threat landscape once and forever. It is Read more…
Will Lagos's loss be our gain?
Damage to an undersea cable has caused severe problems for internet users in Western Africa. But has it also hindered cybercriminals? Guest blogger Paul Ducklin, Sophos's Asia-Pacific head of technology, gives us his perspective.. Earlier today I was contacted by Read more…
BIOS Rootkit talks.....
Two very talented researchers from CoreSecurity have recently presented at BlackHat about a new twist in the saga of security products whose presence may actually be a security risk. Anibal Sacco and Alfredo Ortega have exposed the presence, and potential Read more…
Video: Gary McKinnon's supporters to lodge an appeal
This story about Gary McKinnon failing in his attempt to get the UK to overturn its decision not to try him in his home country (and thus allow him to be extradited) is making headline news in the UK today. Read more…
A bad day for NASA hacker Gary McKinnon
The latest page of the long-running saga of Gary McKinnon has been written. And it doesn't read well for the London-based hacker and his many supporters. Today McKinnon lost a judicial review, which he hoped would have lead to a Read more…
Update your Adobe Flash Player now
Adobe has issued a security bulletin detailing critical vulnerabilities that have been discovered in the current versions of Adobe Flash Player for Windows, Macintosh and Linux. An update issued by Adobe claims to resolve 10 vulnerabilities in Flash Player and Read more…
BEEP! Now you see it, Now you don't!
While in the process of analysing a recent malware sample, I noticed that there was a kernel rootkit involved. This rootkit wasn't loaded via direct kernel injection but via the old-school technique of dropping and loading a kernel driver file. Read more…
What happens in Vegas
If you follow the world of security news at large, you're probably aware that the BlackHat conference is currently taking place in Las Vegas. This year there appear to be quite a number of fascinating talks. For those that would Read more…
Countdown for Gary McKinnon extradition judgement
Tomorrow morning, at 10am UK time, the Royal Courts of Justice, in the Strand, London, will be the setting for an important event in the long-running saga of NASA hacker Gary McKinnon. McKinnon is desperately trying to avoid being extradited Read more…
BBC Tech journalist falls into common Twitter trap
Rory Cellan-Jones is a busy chap. He's the BBC expert on all things technological and pops up with alarming frequency on television, radio and online talking about the hot tech story of the day. He also has a faithful following Read more…
MI5 website hack overhyped by Daily Express
Apologies dear Clu-blog readers, as I've let you down. Earlier today I blogged about an "exclusive" report in The Daily Express newspaper claiming that MI5's website had been compromised by hackers. (You can read that original blog post here). Lucian Read more…
Michelle Obama's safehouse details leaked via P2P
President Barack Obama, his wife and two daughters, must be the most closely protected family on the planet - so it's disturbing to hear that sensitive information about the emergency measures that would be taken to protect them in a Read more…
MI5 website hacked - a threat to national security?
Update: It turns out that the story in The Daily Express may not be entirely reliable. Read an update to this blog post: "MI5 website hack overhyped by Daily Express" British tabloid The Daily Express claims to have an exclusive Read more…
Everywhere a tweet, tweet
I've been noticing a lot of spam on Twitter recently, especially tweets touting the latest and greatest malware, er I mean "PC cleaners". How are all these tweets being generated in such a short period of time? The answer - Read more…
New York Stock Exchange network exposed by server security sloppiness
Uh-oh. This is pretty worrying. According to a Wired report, sensitive details about the New York Stock Exchange's network was left unprotected on a public server visible for anyone in the world to view. Information, including the names of servers, Read more…
Phish me up Scotty!
Australian outfit Rainmaker has produced a series of shows called "The Decision Makers", looking at the most pressing IT security issues concerning the financial services industry. The latest star of one of these five minute films is our very own Read more…
Language Is Not A Problem For Michael Jackson
Michael Jackson's record sales have risen dramatically since his death. It is thus not surprising that spammers will not pass up on this great commercial opportunity. Today, SophosLabs received a Chinese spam campaign advertising Michael Jackson albums on DVD (highlighted Read more…
Oh the irony: Dilbert sends out 419 scams
As many of the blog readers are aware, Advance Fee fraud scammers will abuse any free service they can get their hands on to send out their spam messages. Previously, we blogged about the scammers abusing services such as web Read more…
Microsoft Active Template Library patches published out-of-band
One of the updates in the July set of Microsoft security bulletins (MS09-032) addressed a vulnerability which was exploited by instantiating the Microsoft Video ActiveX Control (msvidctl.dll) and seen in the wild on many malicious websites. Sophos published detection for Read more…
