-
- gcluley: iCloud used to recover stolen iPhone after thief took photos of himself and pals on Disney cruise http://t.co/3BUgez3Rabout 3 hours ago
- chetwisniewski: iCloud used to recover stolen iPhone from thief after he took photos of himself and friends on a Disney cruise http://t.co/sc7TgvcUabout 4 hours ago
- gcluley: R/t Whoops! Yahoo leaks its own private key via new Axis Chrome extension http://t.co/YS1vidjF #facepalmabout 6 hours ago
- SophosLabs: Angry Birds malware – How a firm has been fined £50,000 for profiting from fake Android apps http://t.co/EIqV32iWabout 8 hours ago
Monthly Archives: January 2010
Privacy is not dead, in fact it's more important than ever
My wife has recently had an issue that illustrates why privacy is important, even in 2010. And without further commentary I share with you Mrs. Wisniewski's guest blog. I'm a full-time student. About two weeks ago, I started getting bizarre Read more…
Leet Chrome bug finders can bag $1337 reward from Google
Google has launched a new initiative to encourage vulnerability researchers to report any security holes they find in the Google Chrome browser. Anyone who find a bug in Chrome or Chromium, the open source code used as the foundations of Read more…
Twitter list spam
Like many other people I'm on Twitter. Unlike most of the other websites which fall under the social networking umbrella, I've found it an essential part of my professional life - helping me share information about breaking internet threats and Read more…
Facebook unnamed app: Hackers poison search results
Thanks to Clu-blog reader Jamie for contacting me regarding a scare that is currently spreading bewteen Facebook users. Users of the social-networking site are warning each other of what is rumoured to be a rogue application, spying on their activities Read more…
Second man admits involvement in Scientology DDoS attack
A second man has admitted his role in a distributed denial-of-service attack (DDoS) against websites belonging to the highly controversial Scientology organisation that struck the sites in January 2008. According to media reports, 20-year-old Brian Thomas Mettenbrink of Nebraska has Read more…
TechCrunch hacked again, as intruders turn potty-mouthed
Top technology blog TechCrunch has been hacked for the second time in 24 hours, with visitors being greeted by an offensive message directed at site founder Michael Arrington. Part of the message posted by the hacker reads: So Arrington, how Read more…
Troj/JSRedir-AK morphs into Troj/JSRedir-AR
On Friday, while researching the blog on Troj/JSRedir-AK I noticed a website with an infection of Troj/JSRedir-AK and a new piece of malware (Troj/JSRedir-AR). Like Troj/JSRedir-AK, Troj/JSRedir-AR has two distinct forms: injected into HTML files as a malicious <SCRIPT> tag Read more…
TechCrunch hit by hack attack, says 'we'll be back soon'
TechCrunch, one of the world's top blogs, has been hacked. At approximately 6:20am GMT the site was replaced with this message, linking to a site containing links to adult and pirated material: As far as we can tell at this Read more…
Rogue customer service from rogue antivirus
Not only do you get the best in rogue antivirus protection... ... you get the best in rogue customer service as well. Unsatisfied customers are invited to perpetuate their own victimization -- by contacting the very same scammers who conned Read more…
Oil companies attacked, espionage not just for Google
The Christian Science Monitor reported today that Marathon Oil, ConocoPhillips, and ExxonMobil were compromised in 2008 by hackers. This attack follows the pattern outlined in the press this month about the Operation Aurora, attacks on Google, Adobe, and other unnamed Read more…
Troj/JSRedir-AK: 40% of a month's malware
It has been a month since we added detection for Troj/JSRedir-AK and figures generated today show that over 40% of all web-based detections have been from this malicious code. [Graph shows malware hosted on websites from 2009-12-22 11:00:00 to 2010-01-21 Read more…
Johnny Depp has NOT died in a car crash, but hackers exploit rumours
Hollywood movie actor Johnny Depp, famous for his roles in Edward Scissorhands, Sleepy Hollow and Pirates of the Caribbean, became the unwitting star of an internet hoax.
Hotmail password phishing again
I am a very lucky guy. In fact, I must be the luckiest person in the world since spammers like to send all kinds of lucky spam to me. These days, I get inundated with lucky spam. The last spam I Read more…
Can we *prove* China is behind Operation Aurora?
Is it possible to prove that the recent hacks against Google, Adobe, and others were sponsored by the Chinese government? It's not that easy. You see, although there's unlikely to be anyone with a better motive for cracking into the Read more…
Continued Sinowal activity
After one of my recent blog postings concerning the recent zero day IE vulnerability [1], I received a few questions and comments thanks to one of the comments I made: Finally, and perhaps most worryingly, this type of advice feeds Read more…
Firefox 3.6 checks your plugins are up to date
Yesterday, Mozilla released the latest version of its web browser Firefox and it comes with a rather nice-sounding security feature. Firefox 3.6 claims to be faster than ever before, but that's not why it's caught my attention. The new functionality Read more…
Operation Aurora: Microsoft knew about Internet Explorer flaw for four months
On Thursday there were sighs of relief from all corners as Microsoft released a security patch for a vulnerability that had been exploited by hackers. The patch fixed a critical zero-day vulnerability in versions of Internet Explorer that would have Read more…
Top 20 website passwords you shouldn't be using
The folks at Imperva have released a report examining the 32 million passwords that were exposed in a breach of the RockYou website last year. What they discovered (and it matches the findings of other studies conducted in the past) Read more…
Mal/Badsrc-C: Why is Kitchenaid.com still infected?
Update: SophosLabs can confirm that the website has now been cleaned up. In August last year, SophosLabs first noticed that a Sophos customer was blocked from visiting a page on the KitchenAid website due to a detection of Mal/Badsrc-C. Over Read more…
Virus Bulletin 2010 Conference - call for papers
Those awfully nice people at Virus Bulletin magazine are asking for people to submit papers for the VB2010 conference they will be holding later this year. The conference leapfrogs around the world from city to city, and this time it Read more…
