Articles by Chester Wisniewski
Windows RT "jailbroken", shows its Windows 8 roots
A security researcher has discovered a way to allow any code to run on Windows RT/Surface tablets, effectively "jailbreaking" Microsoft's latest foray into mobile computing.
Turkish Certificate Authority screwup leads to attempted Google impersonation
Another Certificate Authority has been caught out having issued certificates that were being used to impersonate Google. Does the SSL padlock not mean we are safe anymore?
Zero day vulnerability in Internet Explorer being used in targeted attacks, FixIt now available
Microsoft has released an advisory on a new zero day attack against users of Internet Explorer. While a Fixit is available it may be best to avoid using IE for awhile.
PowerPoint about the Mayan "end of the world" secretly boobytrapped with malware
Interested in the buzz around the Mayan calendar ceasing to increment after December 21st, 2012? Don't go looking for presentations about the topic, you might be in for a nasty surprise.
Java 7 update 10 introduces important new security controls
Last week Oracle released Java 7 update 10 to the world without fixing a single vulnerability. That doesn't mean there aren't serious security improvements though. New settings could make Java users much safer from here forward.
Iran claims discovery of new targeted malware
Iran's CERT has issued a warning about a new targeted malware attack that erases hard drives. Is this really the next Stuxnet? Hardly.
Sophos staff win Movember contest while raising money for prostate cancer research
Sophos Vancouver steps up to raise funds for men's health research and wins some contests in the process.
W32/VBNA-X worm spreads quickly through networks and removable media
A new particularly virulent version of the malware family known as W32/VBNA (also SillyFDC/Autorun) is spreading very quickly. It takes advantage of Windows Autorun and some very clever social engineering techniques to plant banking Trojans on victim computers.
Holiday hucksters won't stop at Cyber Monday
While the biggest shopping days of the year in the United States are now over, the scams are likely to continue through the end of the year. Read on for tips on what to look for.
SophosLabs wins coveted Swiss prize
The Swiss are known for their prestigious and generous gifts to those who achieve what others can only imagine. SophosLabs managed to impress the committee and earn one of these coveted prizes recently.
Fake Apple invoices lead to Blackhole exploit kit that drains your bank account
A new round of spams proclaims you have been charged for a large purchase from Apple.
All links lead to webpages infected with the Blackhole exploit kit. Be cautious with your online shopping this holiday season.
Critical Flash updates delivered early, be sure to update now
Adobe have released a critical update for Flash Player that fixes seven remote code execution vulnerabilities. Set phasers to patch!
Trojan horse designed to steal your photos
A new Trojan is on the scene designed to steal your images and memory dumps. Are the thieves digging for dirt or stealing state secrets?
Convenience trumped security bypassing passwords on Facebook
An authentication bypass vulnerability was found in Facebook leading to Google searches that could allow attackers to impersonate people on Facebook without a password.
SSCC 99 - Hurricane Sandy, DMCA, do not track, Barnes and Noble and Facebook
Michael Argast rejoined Chet this halloween to catch up on the week's news including new DMCA exceptions, Hurricane Sandy scams, Yahoo! ignoring do not track, Barnes and Noble credit cards skimming and Facebook's donation to spam research.
Hurricane Sandy spams lead to survey scams
As usual online scam artists have latched onto the interest in Hurricane Sandy to attempt to lure people into their traps. It is only spam and survey scams at the moment, but be on the lookout for further attacks.
Yahoo! rejects privacy arguments, ignores do not track from IE 10 users
Yahoo! has decided to ignore Internet Explorer 10 users privacy choices. Are IE 10 users losing out on a tailored advertising experience?
Windows 8 security overview - Safest Windows ever?
Windows 8 is now available and Microsoft is touting the entirely new user interface and app store. What security enhancements were made over Windows 7 and are these changes reason enough to upgrade?
Firefox 17 protects your privacy while enhancing the Facebook experience
The latest beta release of Mozilla's popular Firefox browser has introduced a new social media API. Can a web browser make it easier to use social media while protecing your privacy? Mozilla hopes so.
"Mitt Romney almost president" - Fake CNN alert leads to Blackhole malware attack
In an attempt to cash in on the interest in the upcoming US presidential election, online criminals have begun circulating malicious emails pretending to be CNN news alerts about Mitt Romney pulling ahead in the polls.
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
