-
- gcluley: RT @NakedSecurity 350,000 users exposed by hardcore porn hack http://t.co/gLuH4hn6about 2 hours ago
- gcluley: Anna at Naked Security received some - ahem! - "romantic" Valentine spam http://t.co/vBBpn684about 4 hours ago
- SophosLabs: RT @gcluley: Ticketmaster warns of hacked mailing list, Adobe Reader spams sent out http://t.co/8Z51uihkabout 4 hours ago
- gcluley: Ticketmaster warns of hacked mailing list, Adobe Reader spams sent out http://t.co/I7kYAiwIabout 5 hours ago
Latest Articles
FakeAV, now with sounds
Recently, creators of Fake Anti Virus software have been getting quite creative and somewhat "professional" in designing the look and feel of their fake software. Today I came across one with sounds. Whenever the malware does a fake scan and Read more…
Filet-O-Phish - Thieves target McDonald's
I ran across an interesting and improbable phish today while looking through our spam feeds. The attackers in this case decided that enough people in the world eat at McDonald's that it was worth having a go at convincing people Read more…
I Don't Care button spam on Facebook
It's possible that some of you are finding the seemingly endless wave of spammed-out scams on Facebook rather predictable. Clearly they must be working for the bad guys, though. Otherwise, why would they be putting effort into creating new variants Read more…
Month of undisclosed 0-day bugs and Chet Chat 24
As summer comes to an end there is nothing better than some security researchers who see fit to disclose a new zero day vulnerability every day for a month. That is in fact what the guys over at Abysssec have Read more…
Mark Zuckerberg spots friend's Facebook account is hacked
Early on Monday I blogged about the iPhone and iPad tester scams which had been affecting many Facebook users' accounts, posting images on their walls in an attempt to direct the unwary into the arms of the scammers. It appears Read more…
Twitter tightens security - Good news for social media safety
I have been waiting for this day for over a year now. Death to the Twitter HTTP API. Long live OAuth! I have written several times that Twitter needed to get rid of their old, insecure authentication mechanism if they Read more…
Don't panic! The ragtime jazz virus hasn't infected Gmail
Gmail users who run Google Chrome are up in arms today following the launch of the new Gmail priority inbox service. Not because the feature doesn't work for internet users who've chosen the Chrome browser to access their email, but Read more…
Fake TweetDeck update preys on Twitter users
It was a Bank Holiday weekend here in the UK meaning that we had the pleasure of a longer break than normal, with Monday not being a normal working day. But it appears that at least one bunch of criminals Read more…
Shocking hidden message on Coca-Cola logo, and other Facebook scams
Once the bad guys have tricked you into adding a rogue application to your Facebook account, don't be surprised if they use it to spread more of their scams. Here's an account which suddenly started advertising a scam page, even Read more…
Encryption with no separate external key
Most typical modern malware variants tend to hide critical parts of their functionality (strings, URLs/IPs of its dodgy servers, etc.) using some form of encryption. In most cases only trivial algorithms are used. However, these suffice as the intention is Read more…
PCI data security song [VIDEO]
If your company handles customer credit card payments from the likes of Visa, Mastercard and American Express, then it's paramount that you keep that information securely. The Payment Card Industry (PCI) has created a data security standard, explaining how firms Read more…
iPad and iPhone 4 tester scams hit Facebook
Can you really get a free iPad 3G or iPhone 4 by signing up just to be a tester? It sounds too good to be true, doesn't it? And it is. But, like me, you may have seen users on Read more…
This could save your LIFE!
The following internet advice, which may have a subject title such as above, could just get you killed. Like any other middle aged, balding, over-weight chap my mother still worries about me. So when her friend sent this to her Read more…
Guest blog: Snap a Marlin!
This week's guest blog comes from Rob Forsyth, Managing Director of Sophos in Asia Pacific, and long-time Manly Marlins mainstay. Over to you Rob... Snap a Marlin! Sophos, proud sponsors of the Manly Marlins for the last eight years, will Read more…
Phish net stockings, or spammer attempt at a phish?
An interesting phish was just escalated to me for analysis. Well, ironic more than interesting. Looking at the following phish: The message is a typical phish with clues to its nefarious origins. Dear Valued Customer, Your New Online Statement Summary Read more…
Did Gmail make you look like a spammer this week?
How mortified would you feel if you found that you had been spamming someone through no fault of your own? Well, up to 4 million Gmail users found out this week. I'm not talking about your computer being taken over Read more…
Girl who had sex with 5000 men exploited by sleazy Facebook scammers
The story of a British woman who claims to have slept with 5000 men over the course of the last nine years, has been exploited by Facebook scammers.
Outbreak: Fake Fedex Tracking Number emails carry malware
Cybercriminals have spammed out a widespread email attack, distributing malware in messages pretending to come from Fedex. The emails, which have subject lines beginning "Fedex Tracking number" followed by a random reference number, pretend to come from named personnel inside Read more…
Canada Revenue Agency decides your privacy isn't important
The largest data breach in the history of the Canada Revenue Agency (our version of the IRS) recently occurred here in Vancouver, but you probably didn't hear about it. Why? The CRA decided that you don't need to know. According Read more…
DLL pre-loading attack vector addressed by Microsoft
We have been discussing the issue of unsafe DLL loading in the lab since the release of the Microsoft advisory about a potential attack vector that uses the default Windows DLL Search Order to load a malicious DLL into the Read more…
