Articles by Fraser Howard
Planning some activities this Easter? Perhaps buying some Easter eggs? Maybe hand decorating some eggs?
Before you go searching for tips, take a read of this post which highlights how seemingly innocent search terms can lead to malware.
Take a dive into some recent blackhat SEO attacks in this post to explore the facts behind the recent rise in reports of this threat. Site administrators in particular may be interested in some of the findings.
Step into the shoes of a site administrators attempting to check if their sites have been hacked or not, by taking a look at a couple of recent attacks against websites.
Have you ever wondered what is meant by the term 'Traffic Direction System' (TDS)?
Well, take a look at a widespread site injection attack that took place earlier today, and see exactly how a TDS server is used to control user traffic.
Have you been the recipient of an email claiming to be from George Osborne MP, the UK's Chancellor of the Exchequer? However tempting the offer of a large transfer of funds may be, do not become a victim of this latest scam.
Investigating a few compromised web sites reveals some interesting behaviour in the PHP hacks that are being used to compromised legitimate web servers in order to redirect unsuspecting users to exploit sites.
StopBadware has teamed up with other members of the computer security community to produce a set of best practices for reporting malicious links.
Find out more now.
Read more about a recent wave of attacks compromising legitimate web sites for the purpose of infecting users with Zeus malware.
Blackhat SEO attacks account for over 30% of all detections seen by Sophos customers protecting their web traffic.
Learn what you need to do at your company to protect yourself and your fellow users.
The use of search engine optimisation (SEO) for redirecting users to scareware sites is well known, but we also see the same techniques being used to redirect people to exploit sites. Take a look into some recent SEO attacks, and see exactly where the protection layers Sophos provide actually fit.
Hacking ad servers is a effective way of injecting malicious code into multiple third party web sites, potentially exposing huge numbers of users to the attack. Find out more about this latest attack being used to infect victims with TDSS.
After yesterday's concern about laptops being shipped with keylogging software installed, it has now been confirmed that the issue was all due to a false positive.
Fraser Howard takes a look at a recent browser 0wning attack in which the victim's search results are hijacked, and they are inundated with popups to adult dating sites.
Many readers will have seen the press around a series of hacking attacks that have been labelled the 'Night Dragon' attacks by McAfee. In this post, some of the common questions that these attacks pose are answered.
In malware analysis, it is quite common to come across attacks that you quite simply cannot believe could really work. I quite often find myself asking the question how anyone could actually fall victim to that? Yesterday, one of my colleagues was analyzing a banking Trojan that provided just such a case.
With an increasing number of legitimate web sites playing a role in malware distribution, never has it been so important for webmasters and site administrators to understand the threat and respond quickly when alerted to an issue. As Fraser discusses in this post, one of the problems they face is knowing when to trust the security vendor on the end of the phone.