Articles by Richard Wang

About Richard Wang

Richard manages SophosLabs' operations in the United States. His principal security interests are endpoint security and user education. When he's not worrying about digital perils he enjoys singing, much to the distress of his cat, whose name does not feature in any of his passwords.

USA is number one! (...for spam)

usa flag

USA! USA! USA! is back on top as the world’s leading spam-relaying country.

See what other countries top our 'dirty dozen' list and get the latest spam stats from SophosLabs.

Technical paper: Exploring the history and technology of ransomware


A new technical paper from SophosLabs explores the history and technology of ransomware. From payment by SMS to public key encryption, ransomware has certainly evolved.

Whitepaper: Security questions for your web hosting provider

Whitepaper: Security questions for your web hosting provider

Here are 10 questions you should be asking your hosting provider about features and services that will help to keep your site secure, covering general security practices, application security and operation of the site itself.

CAN-SPAM spammers with a sense of humor

Spam cloud

SophosLabs researcher Richard Wang ran into a unusual opt-out disclaimer earlier today in an email message. It would appear that this spammer has a sense of humor and is polite to boot!

Smart octogenarian foils scammer who said he would buy item via PayPal

Smart octagenrian foils scammer who said he would buy item via PayPal

A man in his eighties tries to sell a generator for his friend online.

When a potential buyer asks to send his payment through via PayPal - what could possibly go wrong?

Sudoku and malware with your coffee?

Sudoku and malware with your coffee?sudoku-250

As the end of the year approaches and things calm down around the office, what better way to while away a few minutes than with a harmless Sudoku?

Perhaps not so harmless...

Microsoft name the day for "Aurora" patch

Default image

As Chet mentioned yesterday Microsoft are going to release an out-of-band patch for the IE zero-day vulnerability used in the "Aurora" hacks. Today Microsoft have confirmed that the patch will be released on January 21. Microsoft's announcement : Although Read more…

Twitter banned passwords

Image (1) password-too-obvious.jpg for post 24912

As you may have heard in the last few days, Twitter has banned 370 passwords (actually only 369, 'password' appears twice in the list) as 'too obvious' to be safe for their users. A good move in theory but why Read more…

Apple fix Flash flaw in Snow Leopard and more

Image (1) applekey170x170.jpg for post 24382

As many people in the security community noticed, including our own Chet, upgrading your Mac to OS X Snow Leopard may have downgraded your version of Adobe Flash player. We have, of course, been recommending that you pop over to Read more…

Microsoft and Apple security patches

Image (1) security.jpg for post 24358

Yesterday we saw the monthly issue of patches from Microsoft and the disclosure of a new, unpatched vulnerability in SMB. Today it is Apple's turn to release updates to iPhone OS and Quicktime. From the iPhone to Windows 7, password Read more…

I need a ThousandFollowers

Image (1) followers.png for post 24048

Last week Graham blogged about Addfollowers spam on Twitter gathering usernames and passwords. Earlier today I saw a very similar series of tweets and had a closer look. It seems that the folks behind Addfollowers have been busy in the Read more…

Cybersecurity Czar

Image (1) presseal.jpg for post 23685

This morning President Obama announced that he would be appointing a Cybersecurity Coordinator. The appointment is one of the many recommendations of the 60 day cyberspace policy review (PDF) commissioned in February. Along with publication of the review itself comes Read more…

Windows Blocked

Image (1) ransom.png for post 23552

There's been a lot of talk in the last couple of days about a large botnet announced by the folks over at Finjan. We detect the malware behind that network as Mal/Dropper-DL which installs several more pieces of malware, including Read more…

Trouble in the Heartland

Default image

Heartland Payment Systems are reporting today that they had a data breach in their payment processing network last year. The full text of Heartland's statement can be seen here. Heartland are quite definite when explaining what was not stolen but Read more…

Hannah Montana Scammer

Default image

Today I came across a sad tale of a parent defrauded trying to buy a Christmas present. Even in the holiday season there are those mean enough to take advantage. This parent wanted to buy tickets for the extremely popular Read more…

Fast-flux pharmacies

Fast-flux pharmacies

It is another quiet Sunday afternoon in SophosLabs. I'd like to take advantage of the calm to write about a different aspect of spam. One of the things that makes the sites advertised in spam so hard to shut down Read more…

Have you seen this man?

Image (1) see2.jpg for post 19577

While analyzing a new worm from China one of our researchers found this picture buried inside the code. Who is he? We don't know but he's now immortalized in malware.

Meet SophosLabs at InfoSec Europe

Default image

SophosLabs will be at Infosec Europe next week. Come along and talk to our experts about security and control of your networks.