-
- SophosSupport: New Sophos Complete Security Suites: endpoint, data, email, web, mobile & groupware protection—on one license: http://t.co/13FVvp42about 2 hours ago
- SophosSupport: Scheduled Downtime. SophosTalk may be down for up to 2 hours today May 16, 2012 between 12:01am & 4:00am PDT (GMT -7:00) for scheduled work.about 2 hours ago
- gcluley: RT @NakedSecurity: Global Payments breach continues to bewilder, accusations abound http://t.co/AI64bgeeabout 3 hours ago
- duckblog: Congrats to #sophospuzzle winners at #auscert - David Zielezna and Phil Kernick - one prize still open to all online.about 5 hours ago
- duckblog: #sophospuzzle Stage 2 hint/discovery: if using simulation, even C's rand() with just 100,000 sample hands is about good enoughabout 11 hours ago
Social Engineering
Targeted emails exploit new Acrobat Reader vulnerability
Attackers are taking advantage of the latest zero-day vulnerability in Adobe's Reader software sending malicious attachments to specific targets. Adobe promises a fix is coming by the week of December 12 at the latest and Reader X users are protected already.
Kevin Mitnick - ghost in the wires, or scourge of the internet?
Duck has just finished reading Kevin Mitnick's autobiography, Ghost in the Wires.
He decided to review it for Naked Security.
Will you enjoy it? Should you buy it?
How hackers tried to break into my wife's 1&1 account - via the phone
Sophos senior security engineer David Schwartzberg describes how scammers tried to break into his wife's online account at web-hosting firm 1&1 - via the telephone.
Fake iTunes receipt spam
A rather poorly crafted email campaign is making the rounds today. People around the world are receiving messages that appear to be iTunes receipts from Apple. On closer inspection however there are several oddities. The message arrives as an iTunes Read more…
Are signed files safer than others?
Mike Wood of SophosLabs Vancouver presented "Want my autograph? The use and abuse of digital signatures by malware" at the 2010 Virus Bulletin conference. Mike's talk was focused on the trust that people and technology put into certificates and how Read more…
MS Patch Tuesday, Adobe Vulns and Firefox 3.6.10 - Sept 2010
What a busy week! Aside from not having time to blog, there were a lot of stories about new vulnerabilities and patches for recent vulnerabilities. Microsoft, Adobe, and Mozilla all had news. Microsoft released nine patches addressing 14 vulnerabilities, four Read more…
Sophos Security Chet Chat 25 & 26
Sophos Security Chet Chat episode 25 is now live in the Sophos podcast archive. Last week Michael Argast and I discussed this weeks social media news as well as Google's new adoption of OpenID with Yahoo! allowing federated login to Read more…
If I had a nickel for every Facebook scam. . .
I'd be rich! Not to have my blog turn into the 24/7 social-media-scam network, but another Facebook scam is on the loose. This one is called "OMG! Look What this Kid did to his School after being Expelled!" and follows Read more…
Filet-O-Phish - Thieves target McDonald's
I ran across an interesting and improbable phish today while looking through our spam feeds. The attackers in this case decided that enough people in the world eat at McDonald's that it was worth having a go at convincing people Read more…
Spam roundup - Am I getting Google's spam?
I spent some time today scouring the massive spam queues in SophosLabs and thought I would share some information on the latest email threats. I had a chuckle thinking I had accidentally received mail destined for Google. The subject of Read more…
Hot chick on Twitter? Bet it's a spammer
A new Twitter follower whose profile picture is a hot girl is usually a clue that you may be led to a spam. Especially if they are following hundreds of people and don't have a lot of followers. Fortunately this Read more…
Evolution of spam: Explained
Spammers are taking advantage of all this cloud computing nonsense to get past our best defenses. I presented at Infosec Europe on how Russian affiliate networks (Partnerka) have eased up on spamming via email and have migrated to the web, Read more…
Mac users need to wake up to the social engineering threat
Clu-blog reader Peter directed my attention to a letter in this week's edition of "Computing" (a popular British IT magazine) earlier today. The letter from Jamie Forder is in response to an article written in a previous edition by Laurent Read more…
Google Talk used to distribute Fake AV
When speaking in public and delivering presentations, I am often asked "Why would they want my Google/Yahoo!/MSN/Facebook credentials? It's only a throw-away email address." These services have transformed from simple webmail and messaging experiences into fully integrated platforms for video, Read more…
