Monthly Archives: October 2009

Barack's donor data may be safe, but site was not properly secured

Image (1) mybarackcookies.png for post 2947

On Monday this week I reported on donate.barackobama.com being hacked. While Blue State Digital and the Democratic Nationinal Committee may disagree, I stand by the statement. It was clear that something was incorrectly configured, whether the data that was exposed Read more…

There's Malware on Elm Street this Halloween ... with pumpkins!

Image (2) halloweenpumpkingame.jpg for post 24587

  It appears that this Halloween the malware writers preferred choice of infection vector is by using SEO (Search Engine Optimization) techniques to poison popular search terms. We at SophosLabs have seen relatively few email campaigns that exploit Halloween this year, but there have been Read more…

How many zombies in Australia?

Image (1) tdt.jpg for post 1326

As you may have seen, we declared 31 October 2009 to be International Kill-A-Zombie Day. Unsurprisingly, we suggested, amongst other things, that you scan your PC with an up-to-date anti-virus. The cynics amongst you are probably thinking, "But you would Read more…

Guest blog: Pink Friday at Sophos

Default image

Senior security analyst Carole Theriault shows its not all hard work at Sophos, as she tells us how staff raised some money for the fight against breast cancer. Oh, and she shares some pretty good cake recipes too. Over to Read more…

Why not become an employer to snatch personal data?

Image (4) job-portal.jpg for post 15238

It's not really breaking news that personal data can be at risk on internet job portals, as hackers have recently demonstrated with the Guardian Jobs website breach. But why should you even consider all the hassle to hack the web Read more…

Easy as pie: Apple anti-virus is a peach at detecting infected BlackBerries

Image (4) savmacvirus.png for post 2940

Guest blogger Tony Ross is our Global Sales Trainer at Sophos Vancouver. Tony had a friend recently discover the virtues of running anti-virus on his Mac and thought he would share his story with us today. A friend of mine Read more…

Facebook wins $711 million in spam lawsuit - but will it ever see the money?

Default image

There should be some smiles at Facebook today, after it was announced that they had been awarded $711.2m in damages against notorious spammer Sanford "Spamford" Wallace. San Jose Federal Court ordered Wallace to pay up after Facebook complained that he Read more…

Spammers play dirty - hijack Twitter accounts once again

Image (1) cleancolon.jpg for post 15235

Spammers are up to their dirty tricks once again on Twitter, using compromised accounts to send direct messages to unsuspecting users of the micro-blogging network. A number of Twitter users are reporting receiving private direct messages (known as "DMs" in Read more…

Look and feel great! Try this pill (Or how to make your wallet lighter?)

Image (1) cleanse.jpg for post 24576

Another Twitter direct message (DM) scam was happening today, but apparently this time the hook was to prey on users' vanity. Several messages were seen with the following text: "I lost 25lbs using this " "whoa this works. i feel Read more…

Kill A Zombie Day - Will you join the fight on Halloween?

Image (1) kill-a-zombie-day.jpg for post 15227

Sophos declares October 31st to be International Kill A Zombie Day, dedicated to cleaning-up the millions of computers around the world that have been comandeered by criminals to send spam, distribute malware, and commit identity theft.

Twitter phishers are after your password

Image (1) tw-phishing-550.jpg for post 15223

Twitter has warned its ardent users to be on the lookout for dangerous direct messages, which could lead to cybercriminals phishing their account login details. As SophosLabs briefly reported earlier today, the offending direct messages take the form of: hi. Read more…

Are you old enough to watch this?

Default image

I was watching some of the activity on Twitter today and noticed a really some really odd tweets. It was only one, every couple hours and while the text "Haha, look at this vid" didn't change, the link did. It Read more…

No, it's not you on there

Default image

Twitter users should be especially careful this morning as there's a new Twitter phish campaign going on. The message that is being seen is using a known tactic where it tries to trick the user into believing there's some content Read more…

UPS Invoice 5305325782943? It's another malware attack

Image (1) ups-invoice.jpg for post 15216

Yes, there are lots of web-based threats out there - but that doesn't mean that cybercriminals have stopped abusing email systems to spread their malware. In the past few days we've seen hundreds of thousands of dangerous emails posing as Read more…

Critical flaws fixed in Firefox 3.5.4

Image (2) firefox-3-5-4.jpg for post 15212

If your a user of the Firefox web browser then it's time to update your software again, as Mozilla has issued an important update that fixes a number of critical flaws. In total, 16 vulnerabilities are patched in Firefox 3.5.4 Read more…

Cooking Your Own Goose

Image (1) pasta-b1.png for post 24564

SophosLabs analysts today encountered a strange looking application called "Anonymous E-Mail Sender". Interested to download and try this anonymising email doohickey if you'd ever chance upon it? If you've just said "Yes", you've just agreed to installing a Trojan on Read more…

Web seminar: Learn about social networking threats

Default image

Earlier this year I gave a talk at the RSA Conference in San Francisco all about how cybercriminals are targeting users of social networks like Facebook, Twitter, etc. The talk went down very well, even if I do say so Read more…

Twitter is down - or not!

Image (1) twitter-down.jpg for post 15208

There's no information as to what the problem might be (and there's no mention on the Twitter status webpage which is designed to inform users of problems), but the micro-blogging site Twitter is currently down. In August, Twitter suffered a Read more…

UK Home Secretary "stops clock" on NASA hacker's extradition

Image (1) alan-johnson.jpg for post 15204

British Home Secretary Alan Johnson has confirmed the House of Commons that he has "stopped the clock" on the extradition of Gary McKinnon to the United States. Answering a question yesterday from Conservative MP David Burrowes, who counts McKinnon amongst Read more…

Facebook Password Reset Confirmation emails carry malware

Image (1) facebook-password-reset-confirmation.jpg for post 15199

Are you one of the more than 300 million active users of Facebook? If you are, then be very careful if you receive an unsolicited email claiming to come from "The Facebook Team" <service@facebook.com> which tells you that they have Read more…