Malware

(get it in RSS or Atom)

5 mobile device risks in your business

by Ross McKerchar on March 2, 2015 | 1 Comment
7 Sins: Mobile Negligence

5 security risks that you need to get on top of before you let employees access corporate resources from mobile devices, and how to mitigate them.

Bought PII from the government? PLEASE DON'T LOSE IT! 60 Sec Security [VIDEO]

by Paul Ducklin on February 28, 2015 | Leave a comment
60ss-video-250

Here's the latest episode of our weekly computer security roundup.

The latest news presented so you can enjoy it...in just one minute!

Europol takedown of Ramnit botnet frees 3.2 million PCs from cybercriminals' grasp

by John Zorabedian on February 27, 2015 | 2 Comments
Ramnit botnet

In an international operation coordinated with multiple law enforcement and industry partners, Europol led a takedown of the infrastructure of the Ramnit botnet that infected 3.2 million Windows computers.

SSCC 187 - The cryptography edition [PODCAST]

by Paul Ducklin on February 26, 2015 | Leave a comment
chet-chat-logo-featured-250

Sophos expert John Shier sits in for regular presenter Chester Wisniewski in this episode.

John and Paul Ducklin dissect the latest security issues, which were dominated this week by some thorny matters of cryptography.

$3m reward offered for alleged Gameover Zeus kingpin

by Lee Munson on February 25, 2015 | 2 Comments
Evgeniy Mikhailovich Bogachev

The US State Department has offered a $3m reward for the arrest or conviction of alleged Gameover Zeus admin Evgeniy Mikhailovich Bogachev.

From the Labs: more advances in Advanced Persistent Threats

by Paul Ducklin on February 25, 2015 | Leave a comment
apt-scene-250

SophosLabs researcher Gabor Szappanos is back.

He presents another insightful installment in the ongoing saga of PlugX and other "malware factories" that are part of the Advanced Persistent Threat scene.

What's SUPER and helps you to PHISH, sorry, FISH? 60 Sec Security [VIDEO]

by Paul Ducklin on February 21, 2015 | Leave a comment
60ss-video-250

Here's our weekly news roundup - from Superfish to Super Spectacles.

It's amusing, informative, and only takes a minute - enjoy!

Co-creator of Blackshades malware used to spy on Miss Teen USA pleads guilty

by Lee Munson on February 20, 2015 | Leave a comment
Blackshades malware co-creator pleads guilty, facing 10 years in jail

Alex Yücel has pleaded guilty to his involvement with the $40 program designed to secretly remotely control victims' computers.

How to get rid of the Lenovo "Superfish" adware

by Paul Ducklin on February 20, 2015 | 8 Comments

Here's how to get rid of the "Superfish" adware that was pre-installed on some Lenovo notebooks.

Lenovo "Superfish" controversy - what you need to know

by Paul Ducklin on February 20, 2015 | 13 Comments
sf-250

Controversy of the week is "Superfish," an adware program pre-installed on Lenovo computers that has some worrying security problems.

Here's what you need to know, in plain English...

Firefox to get a "walled garden" for browser extensions, Mozilla to be sole arbiter

by Paul Ducklin on February 17, 2015 | 16 Comments

Mozilla has announced that its Firefox browser is heading towards signed browser extensions only.

Even if you publish your extensions "off market," you'll have to get Mozilla to sign them first.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

by Paul Ducklin on February 11, 2015 | 1 Comment
patch-tuesday-denim-250

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

"Facebook porn Trojan" - here's how NOT to get caught

by Paul Ducklin on February 9, 2015 | 1 Comment
ffvid-250

You receive a Facebook posting that offers you something saucy, you click through to the website...

...and guess what happens next?

More iCloud phishing: don't get sucked in

by Paul Ducklin on February 6, 2015 | 4 Comments

It's easy to justify checking out spams and scams, on the "better safe than sorry" principle.

Don't do it!

You just end up one click closer to catastrophe.

Cat and mouse game is over for Japanese death threat hacker

by Lisa Vaas on February 5, 2015 | 5 Comments
Cat. Image courtesy of Shutterstock.

A Japanese programmer, who taunted police by leaving clues in a memory card that he tucked into the collar of a cat found wandering an island off Tokyo, has been sentenced to 8 years in jail.

SSCC 184 - What's the lifespan of a GHOST? [PODCAST]

by Paul Ducklin on February 5, 2015 | 4 Comments
chet-chat-logo-featured-250

Our weekly security podcast - the latest news in 15 minutes, entertaining *and* educational.

Enjoy!

New-style ransomware locks out your customers - demands money to let them log back in

by Paul Ducklin on February 4, 2015 | 7 Comments
key-250

The crooks took a low-key, annoyingly simple, and hard-to-spot approach.

Change usernames like JIMMY to FKOVWH3Z7LUV, but hide the changes...for a while, anyway.

"Exploit This": Evaluating the exploit skills of malware groups

by Paul Ducklin on February 3, 2015 | 3 Comments
exploit-this-paper-250

SophosLabs researcher Gabor Szappanos compares APT actors and cybercrooks.

A comparative review of malware writers!

A fascinating study, well worth a read...

News Flash! 3rd time unlucky! New 0-day hits Adobe's browser plug-in...

by Paul Ducklin on February 3, 2015 | 29 Comments

Ready to kiss goodbye to Flash in your browser yet?

Here's the 3rd zero-day in Flash since Adobe's last Patch Tuesday...

ZeroAccess click fraud botnet coughs back to life

by Mark Stockley on January 31, 2015 | Leave a comment
ZeroAccess

The once-mighty "ZeroAccess" botnet is now only a shadow of its former self, but its reputation alone still makes it a headline grabber...