SophosLabs Principal Researcher Gabor Szappanos takes on a recent PlugX malware sample.
He finds a curious mixture of similarities and differences with earlier versions - and a brand new target group: users of the Japanese-language word processor Ichitaro...
Police advice if you are hit by CryptoLocker is to take it on the chin, and not to pay up.
That's a pretty hard demand to make of anyone, and all but impossible to insist on for everybody, but you would at least expect the police themselves to follow it...
The UK's National Crime Agency has put out a CryptoLocker ransomware alert - the malware is still a huge problem, even after weeks of high profile coverage.
Here's what YOU can do to help prevent it...
Microsoft just published its January-to-June 2013 Security Intelligence Report.
The results seem to PROVE that you should get rid of Windows XP as soon as you can.
Paul Ducklin checks the strength of the "proof"...
This article explains how the CryptoLocker ransomware works, including a short video showing you what it does.
The article tells you about prevention, cleanup, and recovery, and explains how to improve your security against this sort of threat in future.
Malware rarely gets into your network without some sort of tell-tale signs beforehand.
Learning to spot the metaphorical smoke that precedes the fire of a malware infection is a handy metaphor for keeping your network safe.
Oracle is about to release a new "feature" in its Java Runtime Environment (JRE) that allows enterprises (or anyone else) to turn off security features for backward compatibility.
US whistleblower-friendly site Cryptome recently suffered a short outage, after it was booted offline by its ISP and then let back.
Paul Ducklin looks for security lessons in the story...
Researchers at SophosLabs have come across samples of Android malware exploiting the so-called "Master Key" vulnerability.
Paul Ducklin investigates and explains...
You don't always have to break into someone's web server to get them to deliver your malware for you. You can just break into the server they get their online ads from.
Or you can pre-infect the online ad server software so you can own it as soon as it is installed.
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Once every three months, we tot up our country-by-country spamtrap statistics for the previous quarter and calculate the Dirty Dozen.
Of course, this is one "competition" in which getting promoted into the Premier Division - the SPAMMIERSHIP - is a cause for disappointment, not jubilation...
A special kind of malware has been hitting the headlines recently - that which attacks the RAM of Point of Sale (PoS) systems.. In this article, Numaan Huq from SophosLabs takes a step back from the technical details and looks at the evolution of these PoS RAM scrapers.
Popular SophosLabs writer Gabor Szappanos is back with more insights into the Tibetan-themed Advanced Persistent Threat (APT) scene.
This time, he looks at Smoaler, a new cousin of the PlugX family that starts off like what we've seen before, before branching off in new ways.
Here's the first 60 Second Security video of July, looking into some of the intriguing and interesting security stories of the past week.
Neatly compressed into a minute of video, why not give it a whirl?
Former US Gen James Cartwright, once a trusted member of the president's national security team and the reputed brains behind operation Olympic Games, has been told he's under investigation for leaking information about this very operation.