Botnet

(get it in RSS or Atom)

Hacking, spamming, rogue SMSes and browsers - 60 Sec Security [VIDEO]

by Paul Ducklin on July 26, 2014 | 2 Comments

The week's security news, turned into an entertaining lesson, turned into a 1-min video...

60 Sec Security, 26 July 2014

SSCC 157 - Routers, Browsers, Zombies and Sysadmins [PODCAST]

by Paul Ducklin on July 23, 2014 | Leave a comment

Here it is...this week's Chet Chat security podcast.

In this episode: fixing routers, trusting browsers, killing zombies and showing TLC to sysadmins.

It's all about trust! 60 Sec Security [VIDEO]

by Paul Ducklin on July 19, 2014 | Leave a comment

Watch 60 Second Security for 19 July 2014 - it's all about trust!

Notorious Shylock banking malware taken out by law enforcement

by John Zorabedian on July 18, 2014 | Leave a comment

Law enforcement action led by the National Crime Agency (NCA) in the UK has knocked out the infrastructure of a banking malware known as Shylock, because of excerpts from Shakespeare's Merchant of Venice hidden in its code.

Here's how to check to make sure you weren't among the more than 30,000 PCs that were infected.

SSCC 156 - Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]

by Paul Ducklin on July 16, 2014 | Leave a comment

Sophos experts Chester Wisniewski and Paul Ducklin are back with this week's security podcast, turning plain old news into advice you can use.

"Gameover" malware revival - is it really up from the canvas?

by Paul Ducklin on July 15, 2014 | 5 Comments

Is the recent re-appearance of the Gameover malware a flash in the pan, or part of a concerted effort at reviving the threat?

What do we need to do to knock it out altogether?

"Gameover" malware returns from the dead...

by James Wyke on July 13, 2014 | Leave a comment

In early June 2014, a internationally co-ordinated law enforcement effort against the criminals behind the infamous Gameover malware pretty much wiped out their botnet altogether.

Bad news - it looks as though Gameover is back...

Microsoft takes down No-IP DNS domains in cybercrime fight - right or wrong? [POLL]

by Paul Ducklin on July 3, 2014 | 30 Comments

Vote in our poll!

Was Microsoft's takeover of 23 of another company's domain names a justifiable step in dealing with cybercrime, or a disruptive step too far?

Gameover and CryptoLocker revisited - the important lessons we can learn

by Paul Ducklin on June 9, 2014 | 9 Comments

Which is worse - Gameover or CryptoLocker?

What can we learn from the recent US-led takedown of this notorious crimeware?

More importantly, what advice should we be passing on to other people?

SSCC 150 - TrueCrypt, Gameover, CryptoLocker and whither mobile malware? [PODCAST]

by Paul Ducklin on June 5, 2014 | Leave a comment

This week, Chet and Duck dig into the bafflement of the disappearing TrueCrypt encryption software: did it jump, or was it pushed?

They also look at the takedown of Gameover and CryptoLocker, and look into what we can learn from ten years of mobile malware.

Has CryptoLocker been cracked? Is Gameover over?

by Paul Ducklin on June 3, 2014 | 11 Comments

Gameover is one of the most notorious botnets of recent times. And CryptoLocker is the Big Daddy of the ransomware scene.

But a team of global law enforcement agencies has taken them on...and YOU can help them win!

SSCC 148 - Cloud privacy policies not related to data security [PODCAST]

by Chester Wisniewski on May 21, 2014 | Leave a comment

The Chet Chat comes to you this week from Hanoi, Vietnam with special guest Sean Richmond from Sophos Australia.

This week they tackle the FBI's crackdown on the Blackshades malware, more flaws in Chip-and-PIN, the latest Apple updates, and the EFF's "Who has got your back" report.

The Dirty Dozen Spampionship: Who's who in the global spam-sending league?

by Paul Ducklin on April 17, 2014 | 3 Comments

It's once again time for our quarterly Spampionship charts.

We looked at the sending countries for all our spam in the first three months of 2014, and turned the figures into a League Table - the sort of league you *don't* want to win!

Zeus malware - nine charged with conspiracy to steal millions of dollars

by Lee Munson on April 14, 2014 | Leave a comment

US charges 9 with stealing millions of dollars with Zeus malware

The US Department of Justice (DOJ) has charged nine individuals over their alleged involvement in a criminal organisation that stole millions of dollars from victims' bank accounts.

Smucker's online store gets stuck in thieves' web

by Lisa Vaas on March 6, 2014 | 3 Comments

The US jam and jelly maker is just the latest fly to get stuck in the same web that ensnared dozens of companies last year, including some of the world's largest data brokers and at least one credit card processor.

Guilty plea for SpyEye banking malware author

by John Hawes on January 31, 2014 | 4 Comments

Panin, a Russian national, admitted to developing and distributing the banking malware, which was sold to over 150 clients through underground cybercrime forums, and is designed to compromise PCs and connect them to botnets of similarly backdoored systems.

Leaks in logfiles, malware on Macs and Korean credit compromise - 60 Sec Security [VIDEO]

by Paul Ducklin on January 25, 2014 | Leave a comment

Leaky logic leaves logins loose in logfiles; mendacious mails menace Macs with Mavericks malware, and criminal contractor compromises Korean credit company!

60 Sec Security - 25 Jan 2014...

SSCC 130 - Botnets, banking, breaches, patching and the Mavericks controversy [PODCAST]

by Paul Ducklin on January 14, 2014 | 5 Comments

What's the best way to deal with botnets? Should you use your bank's mobile app? Why all these data breaches? What about Patch Tuesday? Do you really *have* to update your Mac to Mavericks?

Listen as Chet and Duck dissect and explore the week's security stories...