Monthly Archives: July 2010
Sality Links and shortcut exploit
Shortcut exploits have made the news in malware circles this month. After Stuxnet first used them, it wasn't long before other malware started exploiting the zero-day vulnerability - Sality is among their numbers. The authors of the Sality family added Read more…
Greetings from Blackhat Las Vegas 2010
I have to admit that I am not a huge fan of Las Vegas, but, when the reason to visit is as good as attending Blackhat and Defcon I instantly forget the heat, endless rows of slot machines, big crowds, Read more…
Shocking real crimes on Google Streets? No, it's another viral Facebook scam
Once again a viral scam is spreading rapidly across Facebook, posting messages on users' profiles in an attempt to trick the unwary into installing a rogue application. Here's a video where I demonstrate the attack: (Enjoy this video? You can Read more…
Black Hat 2010 – are we headed for cybervictory?
Las Vegas in general, and the Black Hat conference in particular, really do seem larger-than-life, as you can see in the video I made at the outset of the event. Even the bookstand offers a bewilderingly eclectic range of publications, Read more…
Happy bitchday from Facebook
Yesterday my colleague Pablo Teijeira, who is based in our Madrid office, logged into Facebook as normal and was confronted with a rather unusual message in place of the usual reminder of whose birthday it was today: Rather than "Hoy Read more…
From Nigeria with Love - old sk00l spam
Every now and then we at SophosLabs receive a sample of malware or spam that (laughs aside) shows the true inventiveness of the spammers and malware authors. During the World Cup I received some SMS spam on my phone but Read more…
Android malware steals info from one million phone owners
Updated A developer of Android apps has been accused of using their apps to steal information from more than one million smartphone users. John Hering and Kevin MaHaffey, of mobile security firm Lookout, told the Black Hat security conference in Read more…
Details of 100 million Facebook users were *already* exposed on the net
Have you seen the headlines? They're pretty scary-looking. Here's just a handful - although there were hundreds more to choose from: "A fifth of Facebook users names 'leaked' to file-sharers", Techwatch "Details from 100 million Facebook profiles posted online", Network Read more…
Could this be the most stupid spam I have ever received?
Here's a spam email I just received: "I am not sure if you're aware of why your ranked this low.." Err.. I know this is a long shot, but could it possibly be because our website has nothing to do Read more…
Black Hat 2010 – Malware? SCADA? Privacy? Cloud?
Thousands of international security experts are congregating in Nevada, USA, for the Black Hat 2010 conference. But why? What is the single biggest issue which the 2010 conference will address? Is it malware? SCADA? Privacy? Cloud? Hear from the experts Read more…
'Mastermind' of Mariposa botnet arrested
Last week I blogged about the net closing in on a group of Slovenian hackers believed to be connected to the Mariposa botnet. Today it is being reported that a 23-year-old Slovenian, known as Iserdo, was arrested in the city Read more…
Fake anti-virus poses as free McAfee VirusScan
Fake anti-virus software (also known as scareware or rogue anti-virus) continues to be a big problem. Malicious hackers create programs that pretend to be legitimate anti-virus products, but are actually designed to frighten you into believing you have security problems Read more…
Shocking video link worms its way rapidly across Facebook
Teacher nearly killed this boy? Watch a video of a shocking scam spreading across Facebook.
How large is a piece of Malware?
Q. What is the average size of a typical malware file? Of course there is no definitive answer to this question, and different kinds of malware can have vastly different sizes, but for those wanting an answer I ran a Read more…
Citi iPhone banking app contains security flaw
iPhone-owning customers of Citigroup have been urged to update their mobile banking app immediately because of a security flaw that secretly stored account numbers, bill payments and security access codes in a hidden file. The Citi Mobile app allows customers Read more…
Australian Tax Refund Spam Again...
It is now Australian Tax Refund time again. And right on cue, spammers have re-emerged in producing phishing scams as they would never miss this opportune moment to steal money. So, what does this year's taxation spam look like? It Read more…
Shortcut exploit: protect against it with this free tool
Sophos engineers have been busy developing and testing a free tool that protects users from malware exploiting the critical zero-day vulnerability known as the "Shortcut exploit". We have begun to see more hackers taking advantage of the exploit, spreading malware Read more…
Are you ready for the Cyber Security Challenge?
The hunt is on - the UK is looking for online security gods and goddesses. As the breadth and depth of the security problem has increased over the past few years, so too has requirement for an increasingly diverse range Read more…
Shortcut exploit still quiet - Keep your fingers crossed
I have been closely monitoring the recently disclosed vulnerability in the method that all versions of Windows use to render shortcuts. Fortunately, no major attacks aside from Stuxnet have had much success, but we are starting to see malware authors Read more…
Why won't my sample run?
Here at SophosLabs we have recently been seeing samples of Zbot (also known as the Zeus crimeware kit) that refuse to execute on any of our testing machines. Often when this happens it is because the sample is corrupt or will Read more…
