SophosLabs has seen huge volumes of legitimate sites being compromised with malicious redirects in recent weeks.
Fraser Howard explains what's going on, and how the compromised web servers are almost exclusively running Apache.
Irrepressible cybercrime investigator and reporter Brian Krebs has written about yet another Java zero-day exploit.
This one, it seems, targets an exploitable vulnerability even in Oracle's most recent release, Version 7 Update 11, aka 7u11.
For those interested in exploit kits and how they work, Gabor Szappanos has published the second (and concluding) part of his technical paper looking at the Blackhole kit.
Recommended reading for all those that want a little more detail as to how one of the most prolific and widely used crimeware kits actually works.
When security researchers make available proof of concept code to demonstrate vulnerabilities, are they actually supporting the malicious exploit kit authors?
SophosLabs expert Gabor Szappanos shows that the creators of exploit kits aren't the ones discovering the zero day vulnerabilities.
Do you want to learn more about the exploit kit that is arguably responsible for the most malware infections this year?
Well read the latest technical paper from SophosLabs, where Gabor Szappanos uncovers some of the details behind the Blackhole exploit kit.
Computer users are getting infected with ransomware because criminals have managed to hack the DNS records of Go Daddy hosted websites.
A new round of spams proclaims you have been charged for a large purchase from Apple.
All links lead to webpages infected with the Blackhole exploit kit. Be cautious with your online shopping this holiday season.
The vulnerability is selling for up to $50K on the black market, security researchers say, and has been included in a package of banking Trojans called the Blackhole Exploit Kit, which is the most prevalent exploit kit out there.
Here you go. All the stories we wrote in the past seven days, in case you missed anything (or just want to read them again).
A malware attack has been spammed out widely via email to internet users, posing as a message about photos.
Facebook users are warned to be on their guard against unsolicited emails they might receive suggesting that someone has left an offensive comment about them on their wall.
In an attempt to cash in on the interest in the upcoming US presidential election, online criminals have begun circulating malicious emails pretending to be CNN news alerts about Mitt Romney pulling ahead in the polls.
The same team of Polish researchers who discovered a critical security hole in Oracle’s Java software say that they uncovered another such hole, which could be used to bypass the secure application “sandbox” on most recent versions of Java.
Duck joins Chet to take on the latest security news.
As usual, they don't mince their words, so take a listen and enjoy a quarter-hour mix of news, opinion, advice and research..
Online scammers are using a recent email from Microsoft Corp. as bait in a widespread phishing campaign that exploits vulnerabilities in Oracle’s Java software to install malicious programs on vulnerable systems.