Articles by Fraser Howard
A closer look at the malicious Redkit exploit kit
In the second technical article of this series, Fraser Howard investigates deeper into the workings of Redkit exploit kit.
Learn more about the internals of this kit; bypassing of security mechanisms within Java, the use of file encryption, and delivery of multiple payloads.
Lifting the lid on the Redkit exploit kit
In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit.
Learn more about how this kit works and the compromised web servers that are being used to host it.
Spicing up phishing attacks
Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.
Oh dear. SophosLabs has upset some malware authors
Sometimes an insult can be amusing.. and even strangely complimentary.
Here's something which raised a smile for researchers at SophosLabs.
Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit
SophosLabs has seen huge volumes of legitimate sites being compromised with malicious redirects in recent weeks.
Fraser Howard explains what's going on, and how the compromised web servers are almost exclusively running Apache.
Technical paper: Deeper inside the Blackhole exploit kit
For those interested in exploit kits and how they work, Gabor Szappanos has published the second (and concluding) part of his technical paper looking at the Blackhole kit.
Recommended reading for all those that want a little more detail as to how one of the most prolific and widely used crimeware kits actually works.
Protect against latest Java zero-day vulnerability right now: Mal/JavaJar-B
In the past 24 hours, many popular exploit kits have been found to be targeting what appears to be a new zero-day vulnerability in Java. Read this article for advice on how to fend off these attacks.
Abuse of .EU domains by malware gangs continues despite Registrar notification
What do you do when attackers are abusing legitimate domain Registration services?
How do you stop or at least disrupt the malicious attacks?
Reporting the incident to the appropriate Registrar is the correct course of action, but as you can read, doing so does not necessarily guarantee results.
Technical paper: Journey inside the Blackhole exploit kit
Do you want to learn more about the exploit kit that is arguably responsible for the most malware infections this year?
Well read the latest technical paper from SophosLabs, where Gabor Szappanos uncovers some of the details behind the Blackhole exploit kit.
Hacked Go Daddy sites infecting users with ransomware
Computer users are getting infected with ransomware because criminals have managed to hack the DNS records of Go Daddy hosted websites.
EU domain abuse, courtesy of the Blackhole exploit kit
Numerous .eu domains have been registered this month for the purposes of infecting computers with malware, via the Blackhole exploit kit.
Security expert Fraser Howard takes a closer look.
Blackhole exploit kit confusion. Custom builds or copycats?
Are some of the different variants of Blackhole exploit kit that SophosLabs are seeing actually new versions of this popular Exploit kit? Or simply copycats created by other groups?
Searching for images on Bing? Beware malicious search engine poisoning
Trust your search engine results? Read how image searches within Bing are being poisoned by attackers in order to drive web traffic to malicious sites.
New version of Blackhole exploit kit
Arguably the most successful exploit kit over the past couple of years is getting a facelift. We have seen announcements this week about a new version of Blackhole being released.
Find out more about some of the proposed features it includes.
Adobe Flash security update *is* coming to IE 10 (reportedly)
Exploit kits typically target plug-ins, using vulnerabilities within them to infect the machine. Disabling plug-ins by default is therefore a good thing as far as keeping your system secure. But it isn't always easy...
Dealing with mobile SMS / text spam [POLL]
From insurance claims to adult content subscription services, SMS spam seems to be a growing problem. Well, for me at least. Do you know how you should report such text messages?
Sophos sucks? Being insulted by malware authors can be the best reward
Sometimes things can get a little personal when dealing with the huge volume of malware that is discovered every day.
Police penalty-payment website makes amateurish coding errors
Trust is crucial for financial web transactions, which is why it is so important that legitimate organisations don't get sloppy with best practice.
Hacked email accounts unleash waves of weight loss spam
A weight loss spam campaign, being sent from hacked email accounts, is being seen in extremely high numbers.
SophosLabs expert Fraser Howard investigates.
Pseudorandom domain name generation and the Blackhole exploit kit
Take a look into the latest widespread attack against legitimate websites, in which many sites are hacked in order to redirect users to exploit sites.
