cplink
The Conficker worm, three years and counting
This week marks the third anniversary of Conficker's assault on our PCs. Where do we stand after doing 36 months of battle with this worm?
Sality Links and shortcut exploit
Shortcut exploits have made the news in malware circles this month. After Stuxnet first used them, it wasn't long before other malware started exploiting the zero-day vulnerability - Sality is among their numbers. The authors of the Sality family added Read more…
July roundup – "90 Second News"
Don't just read the latest computer security news – watch it in 90 seconds! See the CPLINK Windows shortcut vulnerability explained, learn why you need to burn those ageing legacy applications, and find out what's been going wrong on Facebook Read more…
Malicious shortcuts: now documents and webpages are risky too
There's more bad news for those troubled by the Microsoft zero-day vulnerability that allows a Windows shortcut link, known as an .LNK file, to run malicious code whenever Windows displays their icon. The Shortcut exploit is well known to be Read more…
CPLINK and Stuxnet – there is a silver lining
In case you've missed the big security story of the past few days, it's all about the Stuxnet malware, which brought to the world's attention a rather naughty bug in Windows – the "CPLINK shortcut vulnerability", or just CPLINK for Read more…
Yes, there's malware. But don't change your SCADA password, advises Siemens
If you were in charge of some critical infrastructure (such as a power plant or manufacturing facility) and there was some malware which exploited a zero-day vulnerability in Windows which targeted your systems you might be pretty concerned, right? In Read more…
CPLINK Shortcut mitigation and certificate revocation
I have spent the last three days looking at how we can best protect ourselves against the latest Windows zero day vulnerability, aside from running up to date anti-virus software. We have named this exploit CPLINK within SophosLabs referring to Read more…
Shortcut zero-day attack code goes public
There exists a vulnerability in versions of Windows which allows a maliciously-crafted Windows shortcut file (.lnk) run a malicious DLL file, simply by being viewed on a USB stick.
![Have your say - LulzSec: helpful, harmless or hideous? [VOTE NOW]](http://sophosnews.files.wordpress.com/2013/05/lulzsec-poll-thumb.jpg?w=75&h=75&crop=1)
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
![Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]](http://sophosnews.files.wordpress.com/2013/02/zombie-thumb.jpg?w=75&h=75&crop=1)
