Global websites

Press

About us

Monthly Archives: December 2009

The five most popular Clu-blog posts of 2009

by Graham Cluley on December 31, 2009 | Comments Off

The five most popular blogs of 2009

(You may want to read the first half of this countdown first) The tension is building, the champagne is nicely chilled, and I've crowbarred myself into a tuxedo, because it's almost time to reveal the most popular postings I made Read more…

Cross words take weak GSM crypto into 2010

by Paul Ducklin on December 31, 2009 | Leave a comment

Cross words take weak GSM crypto into 2010

The Summer Holiday Crossword Competition is open until the end of 2009 in any regular timezone, so you have until 2009-12-31T23:59:59-12:00 to enter. (That's 11pm on NYD in Sydney.) The guaranteed prizes for the first three correct entries were snapped Read more…

The top ten Clu-blogs of 2009

by Graham Cluley on December 30, 2009 | Comments Off

Top ten blog posts of 2009

2010 is looming large, which can only mean one thing - it's time to break my holiday sabbatical and compile my annual list of the most popular Clu-blog posts of the year. Yep, fill your glasses, put another log on Read more…

What do you see?

by Andrew Ludgate on December 29, 2009 | Leave a comment

Image (1) iseespam.jpg for post 24916

Here in the labs, we recently had an interesting message arrive in our systems; after viewing the message, 100% of those polled agreed on what it was. What do you think? If you answered spam, you're on your way to Read more…

Not-so funny jokes

by SophosLabs on December 25, 2009 | Leave a comment

Image (2) animal.jpg for post 24908

Firstly, Merry Christmas to all our readers! Unfortunately, Christmas doesn't mean that the malicious activities in cyberspace is going to stop, hence this posting. Today we received a message that claims to have come from one of the Google Groups. The message Read more…

Are you caring for your Mom and Dad at Xmas?

by John Bryan on December 24, 2009 | Leave a comment

Default image

For those of you that are having to put up with looking after your parents over Christmas: Would you much rather selfishly indulge yourselves with partying? A kindly spammer has a very seasonal Christmas Eve message offering to make this Read more…

More on Troj/JSRedir-AK

by SophosLabs on December 24, 2009 | Leave a comment

Image (1) script.jpg for post 24895

Since first releasing detection (2 days ago) for Troj/JSRedir-AK SophosLabs have seen thousands of websites affected by it. Since blogging yesterday we have seen a few minor variants and have had to update the our detection. One of the updates Read more…

GNU GPL malware?: Troj/JSRedir-AK

by SophosLabs on December 23, 2009 | Comments Off

Image (2) appended_code.jpg for post 24892

Yesterday, one of our technology partners Yandex notified us of some new malware. They use Sophos to scan webpages for malicious content while they scan the Internet and often report new threats. The malware in question, Troj/JSRedir-AK, is appended to Read more…

Geeky Christmas fun?

by Paul Ducklin on December 23, 2009 | Leave a comment

Default image

Are you working over Christmas and New Year, like Sophos Support and SophosLabs? If so, here's a bit of fun – official, educational fun! – to tide you over those hours in the office when everyone else is taking your Read more…

Christmas Bo(g)us

by Prashant Kumar on December 21, 2009 | Leave a comment

Image (1) christmas2.jpg for post 24887

Well, it didn't take long for the Christmas E-Card scams to start. Recently we have seen email messages pretending to be from Hallmark, suggesting that you have received an E-card from a friend. The complete email message looks like this: You Read more…

CNNIC changes have effect on spam tactics

by Brett Cove on December 19, 2009 | Leave a comment

Image (1) image001.png for post 24883

As was announced on Dec 11th, CNNIC (China Internet Network Information Center) now requires a "formal paper based application material when making the online application to the registrar." The motivation behind this seems more related to cracking down on porn Read more…

An essay on Australian internet filtering

by Paul Ducklin on December 18, 2009 | Leave a comment

Image (1) senator-conroy.jpg for post 1382

The dust is starting to settle after the Australian government's announcement three days ago that it will legislate in 2010 to compel Australian ISPs to censor local internet access. The cabinet minister in charge of the project, Stephen Conroy, infamously Read more…

A shady domain

by Onur Komili on December 17, 2009 | Comments Off

Default image

When investigating a domain hosting malware one of the first things we normally do is look at the domain's 'whois' information. The first thing I look at is the creation date since you can usually distinguish an infected site from Read more…

Who's the quickest? Only one way to find out...

by SophosLabs on December 17, 2009 | Leave a comment

Image (1) infmeds0.jpg for post 24874

Earlier on this morning I happened to notice a redirect page used in a meds spam campaign that just happened to also be compromised with a malicious script. You can see the META tag redirect that will instruct the browser Read more…

Spam for the visually impaired

by Brett Cove on December 16, 2009 | Leave a comment

Default image

Starting at ~3:20pm GMT today, Canadian Pharmacy spammers began using attached MP3 files as the call-to-action for their latest campaign. The message had no subject, no "text" body content, just an attached "audio/mpeg" file with a random lower case file Read more…

New Adobe 0-day

by SophosLabs on December 15, 2009 | Leave a comment

Yesterday, murmurings of a new Adobe exploit surfaced [see for example here]. Adobe have also posted some brief information about this vulnerability (CVE-2009-4324) here. At this point it is not clear exactly how widespread attacks targeting this vulnerability actually are. Read more…