(get it in RSS or Atom)

Apple support to infected Mac users: "You cannot show the customer how to stop the process"


ZDNet reports that Apple is instructing tech support contractors not to help customers who are infected with Mac Defender fake anti-virus. This builds on ZDNet's report from last week, but provides insights that 60,000 or more Apple users may be affected.

Commodore 64 viruses - time for a comeback?

Commodore 64 viruses - time for a comeback?

The classic Commodore 64 is making a comeback!

But what about viruses on these much-loved home computers from the 1980s?

Memories of the Anna Kournikova worm


It's ten years since the Anna Kournikova worm spread around the world.

Graham Cluley reminisces about the worm, and tells the story behind one of the world's biggest virus outbreaks.

A funny virus outbreak in the Microbiology lab

A funny virus outbreak in the Microbiology lab

You see?

Viruses can be fun in the workplace. Especially if you work in a Microbiology lab.

October roundup - "90 Second News"


Don't just read the latest computer security news - watch it in just 90 seconds! This month: international success for law enforcement; rumour of the month pimps Adobe's shares by 17%; Google's CEO puts his privacy foot in his mouth yet again; and Facebook does something good!

Apple iPad and iPhone infection risk?

Apple iPad and iPhone infection risk?

Major Australian media outfit Fairfax ran a story throughout the weekend warning about "Apple store infection risk". This was understandably a hot story across most of its dailies, including the Sydney Morning Herald, Melbourne Age, Brisbane Times and WA Today. Read more…

'Here you have' virus interest exploited by YouTube scammers

'Here you have' virus interest exploited by YouTube scammers

The big news on the security front at the end of the working week was the widely-reported "Here you have" virus which arrived in inboxes with a waft of nostalgia, in the style of old-school mass-mailing malware. What has brought Read more…

Japanese virus writer arrested.. again

Japanese virus writer arrested.. again

According to media reports, a previously convicted Japanese virus writer has been arrested over allegations that he has again distributed a virus. 27-year-old Masato Nakatsuji is accused of writing malware known locally as "ika-tako" (squid-octopus) which was spread via the Read more…

Sality Links and shortcut exploit

Shortcut exploit: protect against it with this free tool

Shortcut exploits have made the news in malware circles this month. After Stuxnet first used them, it wasn't long before other malware started exploiting the zero-day vulnerability - Sality is among their numbers. The authors of the Sality family added Read more…

Certified uncertainty

Screenshot of Stuxnet stolen certificates

Just when we thought we understood what was happening with the Stuxnet rootkit the plot thickens. As I reported in my original story, the rootkit component and several other pieces were signed with a legitimate digital certificate from Realtek Semiconductor. Read more…

CPLINK Shortcut mitigation and certificate revocation

Default image

I have spent the last three days looking at how we can best protect ourselves against the latest Windows zero day vulnerability, aside from running up to date anti-virus software. We have named this exploit CPLINK within SophosLabs referring to Read more…

Windows zero-day vulnerability uses shortcut files on USB

Malicious link

The security community was buzzing today about a potential new zero-day vulnerability in Windows. The attack that exploits the vulnerability was originally discovered by VirusBlokAda in Belarus. It contains several components and is still being analyzed by SophosLabs. It starts Read more…

PDF spam phones home to Sality malware family

Europe leapfrogs Asia as top spam-relaying continent

Remember all those long distance phone calls we made? No, me neither - so if you see an email asking you that same question, don't open it. The spam messages have a subject of "phone calls" and look like this: Read more…

June roundup – "90 Second News"

Default image

Don't just read the latest computer security news – watch it in 90 seconds! Learn how Facebook 'clickjacking' actually works. Find out why Google is in the dogbox over vulnerability disclosure. See which companies had PR disasters sending out malware Read more…

Linux Trojan rears its ugly head

UnrealIRCd logo

Next to OS X users, Linux users are the most arrogant in their perception that they are immune to malware infections. Unfortunately for them, this morning the administrators of had to post that their Unix/Linux source code had been Read more…

World Cup 2010 – will you get through without losing?

Image (1) 2006-wc-schwartzer-lo.jpg for post 1559

In 2006, Australia qualified for the World Cup by beating Uruguay in a final decider match at home in Sydney's Olympic Park. (The oddity of Australia qualifying via South America, not Asia, was finally rectified after the 2006 competition.) John Read more…

3 types of "viruses" demystified

Image (1) virus-250.png for post 2790

In the anti-malware business we often quibble over details the general public does not care about. To us these differences are important, though, as classifying a piece of malware helps us define and understand its nature and helps those of Read more…

How to clean up the Duh iPhone worm

Image (1) installer-script.png for post 1348

I'm quite pleased about having been able to reveal the 'ohshit' password for iPhones infected with the Duh virus. I've already had emails from happy Dutch readers who have used it to get back control of their infected devices. This Read more…

"Payment request from" emails carry dangerous payload

Image (1) payment-request.jpg for post 15410

Cybercriminals are up to their dirty tricks again, this time spamming out en masse a dangerous email carrying a Trojan horse. The emails pretend to come from the "Customer Support" division of an online banking organisation and be in connection Read more…

Your mailbox has NOT been deactivated

Image (1) mailbox-deactivated.jpg for post 15402

SophosLabs is currently intercepting a widespread malware attack, being spammed out to innocent internet users under the disguise of a mailbox deactivation notice. The emails, which have a subject line of "your mailbox has been deactivated", pretend to come from Read more…