-
- gcluley: Angry Birds malware – Firm fined £50,000 for profiting from fake Android apps http://t.co/zg2JeIWI45 minutes ago
- gcluley: How internet revenge by an ex-partner can lead to horrific violence http://t.co/yIDiD1enabout 2 hours ago
- gcluley: Comcast users being targeted with Constant Guard phishing emails http://t.co/vbeTjfrdabout 3 hours ago
- gcluley: Whoops! Yahoo leaks its own private key via new Axis Chrome extension http://t.co/YS1vidjFabout 5 hours ago
- gcluley: Anatomy of an exploit - six, in fact - as Google reveals details of Pwnium hack against Chrome http://t.co/bw9fBWgUabout 6 hours ago
Monthly Archives: March 2010
Automated SEO poisoning attacks explained
We've talked many times on this blog about how hackers exploit hot trending news stories using blackhat search engine optimisation (SEO) techniques to poison search engine results. Often this is with the intention of spreading scareware (also known as fake Read more…
Technical paper: SEO poisoning attacks
Regular readers will have seen numerous recent SophosLabs blogs describing how attackers are poisoning search engine results in order to hit victims with malware [2,4]. In recent months, these type of Search Engine Optimisation (SEO) attacks have become a route Read more…
When is a picture not worth 1000 words: obfuscated malicious VB script
When it is not actually a picture but an obfuscated malicious VB script! That's the story with W32/VBSAuto-F -- yet another autorun worm that sets a number of self-starting registry entries, spreads via USB drives, and downloads further malware. The Read more…
What price privilege?
The Brisbane Times reports a worrying exchange of words in the Industrial Relations Commission – a senior barrister admitting that his laptop, containing three years' worth of work, was recently stolen. Amusingly, the BT further quotes the sinned-against silk as Read more…
CanSecWest 2010 day 3 summary
The conference has now drawn to a close and Michael Argast and I have made CanSecWest this week's podcast topic. Our weekly podcasts have been going well so far and I would like to thank our editor/producer Maria Varmazis for Read more…
Critical Mac OS X update patches security holes
As Chet has described on his blog, Apple yesterday issued a major update to Mac OS X which fixes a number of security vulnerabilities. Many of the security holes could, if left unpatched, allow hackers to run malicious code and Read more…
Do you support Facebook's proposed privacy policy changes?
Facebook has announced that it is proposing a change to their privacy policy. One of things that Facebook wants to do is to make it possible for them to share your information automatically with "pre-approved" websites. That would mean that Read more…
Microsoft to release emergency Internet Explorer patch on Tuesday
Microsoft has announced that it will be issuing an emergency out-of-band patch for a critical security hole in some versions of Internet Explorer on Tuesday 30 March. According to a Microsoft advisory, the emergency fix is designed to protect users Read more…
Beware airplane ticket N648365 - it contains malware
The bad guys are up to their old tricks again, spamming out malicious attachments posing as airline tickets. The latest attack, which we're seeing in many of our spamtraps around the world, poses as an email from Delta Air Lines. Read more…
Spam filters force Beaver magazine to change its name
One of Canada's oldest magazines has reportedly changed its name because of the problem of spam and web filters incorrectly blocking its content. The magazine's name is "The Beaver". According to a BBC news report, The Beaver's attempts to expand Read more…
Patch Monday - Apple and Microsoft fix vulnerabilities
As has been suspected for a couple of weeks now Microsoft announced this morning an out-of-band emergency patch for the IE exploit that has been circulating in the wild. The patch known as MS10-018 will be released Tuesday morning 10 Read more…
The FarmVille 'Three Spring Eggs' virus is a hoax
Panic is spreading quickly amongst FarmVille's many online players following internet reports of a virus connected with sharing three eggs. The Facebook farming simulation game, which is a huge hit on Facebook with over 80 million regular players, is currently Read more…
Woman's Facebook status invites a burglar
Keri McMullen says that her house was burgled after she updated her Facebook status to say that she was going to a concert. Keri, and her boyfriend Kurt Pendleton, left a message on Facebook saying that they were heading out Read more…
US takes aim at Australian head-in-sand internet security
According to media reports in Australia, even the US Department of State is now laying into the Rudd government's internet filtering plan. According to The Punch, the Americans are against the Australian proposal because it "runs contrary to stated US Read more…
CanSecWest 2010 day 2 summary
The second day of CanSecWest was a beautiful day in Vancouver. The day was full of information-packed sessions and anticipation for the evening dinner party reception. "SEH overwrite and its exploitability - Shuichiro Suzuki" Shuichiro, who works for Forteenforty, demonstrated Read more…
Hacking forum or a sting operation?
Though it is true that malware is getting more and more sophisticated I am sometimes surprised by the lack of skills coming from wannabe botnet operators. Today, I stumbled upon a hacker's forum which nicely demonstrates just how low is Read more…
Apple Diversifies Into Online Pharmaceuticals
Spammers have decided that in order for Apple to meet sky-high growth expectations from its shareholders, Apple needs to diversify into selling drugs online. The spam looks similar to the following message below: Apple Store Call 1-800-MY-APPLE Dear Customer, Your Read more…
TJX hacker sent to jail for 20 years after stealing 40 million credit cards
Albert Gonzalez, the 28-year-old college drop out who was the mastermind of a hacking ring that stole over 40 million credit and debit card numbers from retailers including TJ Maxx, Barnes & Noble and BJ's Wholesale Club, has been sent Read more…
Mac users need to wake up to the social engineering threat
Clu-blog reader Peter directed my attention to a letter in this week's edition of "Computing" (a popular British IT magazine) earlier today. The letter from Jamie Forder is in response to an article written in a previous edition by Laurent Read more…
Celebrity Twitter hacker caught by French police
A French hacker who is alleged to have broken into Twitter's internal administration system, giving him access to the details of millions of Twitter users including those of Barack Obama, Britney Spears, Ashton Kutcher and Lily Allen, has been arrested Read more…
