Monthly Archives: December 2009

The Greys & Politics

by John Bryan on December 14, 2009 | Leave a comment
Image (1) lotusflower.jpg for post 24799

No I don't mean government policy on little men in flying saucers, our Klingon subscribers might object to that. I refer to the occasions when deciding what is malicious can become uncertain and a potentially political question. Often we find Read more…

Share

Naked elves distract nerds

by SophosLabs on December 14, 2009 | Leave a comment
Image (1) elfblog.jpg for post 24846

What's the best way to distract an online gamer while you drop some undesirable files onto their system? We saw what's probably a pretty effective method today in Troj/Lneage-A. This particular Trojan leaves the user viewing a slideshow of topless Read more…

Share

Facebook safety and privacy in podcast and video

by Paul Ducklin on December 14, 2009 | Leave a comment
Facebook safety and privacy in podcast and video

This podcast with Sean Richmond, Senior Technology Consultant at Sophos Australia, examines Sophos's 2009 Facebook ID Probe, which suggests that social networkers are too open with personal information. Many people want to know, "Does it really matter?" In this podcast, Read more…

Share

12 tips of Christmas - A safer Twitter for 2010

by Chester Wisniewski on December 13, 2009 | Leave a comment
12 tips of Christmas - A safer Twitter for 2010

As we roll into the holiday season and many of us are taking more time away from work to spend with our families, we inevitably geek out. We have more time to read blogs, play video games, and reach out Read more…

Share

Tiger still hot stuff

by James Wyke on December 13, 2009 | Comments Off
Tiger still hot stuff

Despite talk of Tiger Woods' sponsors "limiting his role" in their advertising campaigns, he is still very much hot stuff when it comes to search engine queries which means he's still a viable target for the malware writers. We can Read more…

Share

Christmas, Amazon and Zbot - it's that time of year again.

by SophosLabs on December 12, 2009 | Leave a comment
Image (1) zbot-hlmrk-msg.png for post 24835

"All I want for Christmas is ... a zbot.exe". If you are too cheerfully ignorant when opening e-cards this holiday season, that's just what you'll end up with. Be especially careful when you receive messages from those close personal contacts Read more…

Share

Active Sinowal distribution

by Fraser Howard on December 11, 2009 | Leave a comment
Default image

A couple of days ago I posted about some interested malicious PDFs we were seeing in high numbers. Further investigation revealed the payload of these attacks to be Sinowal (aka Mebroot). Well, I should say predominantly Sinowal, because we have Read more…

Share

Fake Apple Software Store Spam

by SophosLabs on December 11, 2009 | Leave a comment
Fake Apple Software Store Spam

Recently, I received an email from what appeared to be an Apple software store with a catchy subject line of "huge discount of up to 80% off Apple software". Wow! What a great offer this is! I immediately opened the Read more…

Share

Scribble malware scrambled

by Cliff Wright on December 10, 2009 | Leave a comment
Default image

Since we first mentioned it on the blog we have seen rather a lot of our favourite polymorphic, mid-infecting friend that is the W32/Scribble virus. So much so that it has almost become a nuisance for us. But not quite... Read more…

Share

Facebook privacy settings: What you need to know

by Graham Cluley on December 10, 2009 | Comments Off
Default image

Facebook is making big changes to its privacy settings that may mean millions of people begin to expose information that they previously considered to be restricted to only their Facebook friends to the entire internet. This YouTube video explains more. Read more…

Share

Will RAM scraping loosen the sky and make it fall?

by Paul Ducklin on December 10, 2009 | Leave a comment
Image (1) henny-penny.gif for post 1377

The Henny Penny story of the moment concerns something called RAM scraping, which has the headline-friendly characteristics of sounding not just new and dangerous, but also painful and probably interestingly distasteful. A recently-released data breach report identifies RAM scraping malware Read more…

Share

My encounters with the greatest Britons in IT history

by Graham Cluley on December 9, 2009 | Comments Off
Image (3) humbug-scr.jpg for post 15577

Christmas came early for me this weekend, when I heard that journalists Iain Thomson and Shaun Nicholls had compiled their list of "Top 10 Great Britons in IT history". It's a great read - celebrating the enormous achievements of the Read more…

Share

Sarah Palin hacker suspect had spyware-infected PC

by Graham Cluley on December 9, 2009 | Comments Off
Default image

The 21-year-old student accused of hacking into Vice Presidential hopeful Sarah Palin's Yahoo account was working on a spyware-infected computer, according to his legal team. David Kernell was mid-way through a student party in September 2008, when the FBI swooped Read more…

Share

Yuletide PDF gymnastics

by SophosLabs on December 9, 2009 | Comments Off
Image (1) pdfg1.jpg for post 24811

Whilst browsing some reports yesterday, I noticed an unexpected detection at the top of the charts. Over the past few days, Troj/PDFJs-ER is neck and neck with Mal/Iframe-F as the most prevalent item of malware currently being detected on web Read more…

Share

'Jobs with Google': Search engine giant sues alleged scammers

by Graham Cluley on December 9, 2009 | Comments Off
Image (1) pacific-webworks.jpg for post 15569

According to reports, Google has filed a law suit against a US firm alleged to have used their trademark to advertise "working from home" kits. Salt Lake City-based Pacific WebWorks is in the firing line because of allegations that it Read more…

Share

Black Tuesday - and December so far...

by SophosLabs on December 9, 2009 | Leave a comment
Default image

Well December's not looking so bad. Microsoft have released all their security bulletins for the month. (I hope - MS09-072 addresses last month's out of band security advisory 977981) Out of this month's batch, Microsoft has rated 3 as critical Read more…

Share

An internet Green Cross Code for kids

by Graham Cluley on December 8, 2009 | Comments Off
Image (1) zip-it-block-it-flag-it.jpg for post 15563

English primary schoolchildren (5-11 years old) will be taught about how to stay safe on the internet from 2011, as part of a Government awareness strategy being unveiled today called "Click Clever, Click Safe". Echoing the "Green Cross Code" which Read more…

Share

Danger lies in bogus emails claiming to be from DHL and Facebook

by Graham Cluley on December 8, 2009 | Comments Off
Image (1) dhl-services-parcel.jpg for post 15550

Malicious hackers are posing as DHL and social networking site Facebook in their latest attempts to infect computers with malware. Today we are seeing widespread spam campaigns being cannoned around the world, posing as messages from the companies. However, files Read more…

Share

Evil Maids on the rise

by Michael A Schmidt on December 7, 2009 | Comments Off
Image (4) bitlocker-pin.jpg for post 15544

The opportunities for evil maids seems to be soaring. Some weeks ago, I blogged about how a malicious room maid could install a software password sniffer on a portable PC with TrueCrypt Full Disk Encryption (FDE) - needing only a Read more…

Share

Could a rubber duck steal your identity on Facebook?

by Graham Cluley on December 7, 2009 | Comments Off
Image (2) daisy-fetelin-small.jpg for post 15541

Two years ago, I took a small plastic frog given to me by my nephew, and used it to demonstrate how easy it was to extract personal information from complete strangers on Facebook. Now, Sophos's Australian office has conducted the Read more…

Share