Monthly Archives: September 2010

Adobe races to patch zero-day vulnerability in Flash Player

Adobe Flash

Adobe has issued a security advisory about an as-yet unpatched vulnerability in its popular Flash Player software, affecting users of Windows, Mac, Linux, Solaris and even Google Android. The critical security hole could allow an attacker to take control of Read more…

Facebook burglary gang suspects arrested by police

Image (2) facebook-burglar-suspects.jpg for post 17650

Police in Nashua, New Hampshire, have arrested a group of men suspected of being part of a burglary ring that targeted Facebook users who had reported they were away from home. According to local news reports, between $100,000 to $200,000 Read more…

No certificate for you! Verisign revokes cert from malware fiends

Image (1) crlpdfa-350.png for post 3503

I spent some time last week looking into the digital signature involved with the recent zero day malware targeting Adobe Reader. Similar to the Stuxnet situation, Verisign has revoked the signing certificate used to sign the payload associated with this Read more…

Digging Deeper on the TechCrunch Zbot

Digging Deeper on the TechCrunch Zbot

Last week the website belonging to TechCrunch Europe had malicious code planted on it, the payload of which was a variant of Zbot - Troj/Zbot-YP. There are several interesting aspects of this variant that are worth exploring in a little Read more…

'Here you have' virus interest exploited by YouTube scammers

'Here you have' virus interest exploited by YouTube scammers

The big news on the security front at the end of the working week was the widely-reported "Here you have" virus which arrived in inboxes with a waft of nostalgia, in the style of old-school mass-mailing malware. What has brought Read more…

Oz election outcome – I was right!

Image (1) 1300th-goal.jpg for post 1606

The dust has finally settled on the Australian federal election. As everyone ought to know, the previous ruling party, and the previous Prime Minister, managed to cling somewhat precariously to power. They didn't really win, since they ended up with Read more…

Google Instant - reaching further into your subconscious?

Guest blog: Google Instant - reaching further into your subconscious?

Rich Baldry looks after some of our web protection products here at Sophos, and he's been thinking about some of the possible implications of Google Instant. Over to you Rich.. So, Google has announced Google Instant - a new enhancement Read more…

'Here you have' virus strikes email inboxes

Here you have virus strikes email inboxes

If you were reading the SophosLabs blog overnight you'll have seen Boris Lau's report of a mass-mailing worm that has been reported widely. Email messages with the subject line "Here you have" are pretending to point to documents or free Read more…

The "Here you have" worm

The "Here you have" worm

Just a quick update that we are seeing reports of an old-school mass-mailing worm doing the rounds currently. The emails it sends contain a link that pretends to point to a PDF, but it in fact points to a VisualBasic Read more…

Name Sophos's new blog, win an iPod Touch

Name Sophos's new blog, win an iPod Touch

It's competition time! We're all very excited here at Sophos Towers because next month we hope to roll out a whole new blog for you, our faithful readers. We'll be bringing together our star bloggers (Chet and Duck, and yours Read more…

Cheerleaders Gone Wild clickjacking spreads virally across Facebook

Cheerleaders gone wild, spread virally on Facebook

We're seeing many messages right now being posted from the accounts of Facebook users saying: Cheerleaders gone wild - have to see this accompanied by the image of a midriff-baring cheerleader carrying two pom-poms. If that's enough to tempt you Read more…

APSA10-02: BOPs and the Adobe 0-day

APSA10-02: BOPs and the Adobe 0-day

Just a quick update on the latest Adobe zero-day vulnerability (APSA10-02) that has come to light this week. You may well have already watched the video Chet posted yesterday. We have also published an advisory page for this vulnerability as Read more…

Hacker behind $9 million RBS WorldPay ATM heist avoids Russian jail

cashmachine

Russian prosecutors have served a hacker with a six year suspended sentence after he admitted his involvement in a worldwide hack that withdrew $9 million from ATM cash machines. 29-year-old Viktor Pleshchuk, of St. Petersburg, Russia, received a reduced sentence, Read more…

iOS 4.1: Critical security update for iPhone and iPod Touch users

iOS 4.1: Critical security update for iPhone and iPod Touch users

Apple has released iOS 4.1, an updated version of its mobile operating system for the iPhone and iPod Touch. New features vary depending on which device you own, and how old it is, but some folks will benefit from better Read more…

If I had a nickel for every Facebook scam. . .

Image (1) omgschool1-500.png for post 3495

I'd be rich! Not to have my blog turn into the 24/7 social-media-scam network, but another Facebook scam is on the loose. This one is called "OMG! Look What this Kid did to his School after being Expelled!" and follows Read more…

TechCrunch Europe warns readers to scan their PCs for malware

TechCrunch Europe warns readers to scan their PCs for malware

At the start of this week I posted a warning on this blog that the TechCrunch Europe website had fallen victim to a hacking attack, and was spreading malware to its readers. At the time I was concerned that the Read more…

Adobe advises on new Reader and Acrobat vulnerability

Default image

Update: After analyzing the payload that is downloaded by the in the wild sample provided by @snowfl0w I can report that Sophos detects the payload as Troj/Agent-OOH. Kaspersky is reporting that payloads have been seen that are digitally signed using Read more…

Gentlemen, update your browsers!

Image (1) ripbrowsers250.jpg for post 3488

Apple announced a new release of Safari for Windows and OS X today. In their advisory they note three vulnerabilities for Windows and two for OS X. All of the flaws could cause arbitrary code execution or abnormal termination. OS Read more…

Phishers exploit HMRC tax error refund in UK

Phishers exploit HMRC tax error refund in UK

Tax authorities in the UK are contacting millions of people, telling them that they have paid the wrong amount of tax. As the BBC reports, the mistakes in tax payment calculations have been uncovered following the introduction of a new Read more…

Video fan or scammer? Survey spam on YouTube

Video fan or scammer? Survey spam on YouTube

One of the themes that has been coming through loud and clear in the security world for the last few months has been the use by scammers of revenue-generating surveys. I've reported about many of these on the Clu-blog, mostly Read more…