(get it in RSS or Atom)

Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit

Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit

SophosLabs has seen huge volumes of legitimate sites being compromised with malicious redirects in recent weeks.

Fraser Howard explains what's going on, and how the compromised web servers are almost exclusively running Apache.

How do you compare to Steve Wozniak? Take our survey and (maybe) win a new iPad Mini


Last year, Apple co-founder Steve Wozniak showed off his travel backpack to Gizmodo readers. He needed a whopping seven containers to get through airport security!

Question is how do the rest of us compare. Tell us what you lug around and have a chance of winning an iPad Mini.

FLAMING RETORT: Linux rootkit news "provides some comic relief"

About two weeks ago, a posting on the Full Disclosure Mailing List announced a new Linux rootkit.

Indeed, the posting didn't just announce the malware, but included a fully-working sample...

Ubuntu pipes search queries to Amazon, worrying privacy experts

Ubuntu pipes search results to Amazon

Revolution OS - or adware? An update to the popular Ubuntu Linux distribution will pass searches through's search engine. Now the Electronic Frontier Foundation calls that move a "major privacy problem."

Sophos Techknow - All about Java


Java brings with it some significant risks, yet for many people, it's "just there on my computer."

In this episode, Duck and Chet tell you All about Java, and help you to make an informed decision in balancing its risks and rewards at work and at home.

Multi-platform backdoor malware targets Windows, Mac and Linux users

Multi-platform backdoor malware targets Windows, Mac and Linux users

A web-based malware attack has been discovered, targeting users of Windows, Mac and Linux.

Although the amount of malware written for different operating systems can vary, it's becoming increasingly hard to argue that it's safe to surf the web on any OS without anti-virus protection.

FLAMING RETORT: All this new Mac malware - whose fault is it?

FLAMING RETORT: It's all your fault!

Flaming Retort is back, this time trying to Coole and Explayne the flames we've had from some Mac users in the past few days.

In a back-to-front way of making Mac fans feel better, I'll start by making everyone feel slightly worse, taking a small potshot at Windows, OS X and Linux fans alike.

Welcome back, Linux kernel!

Welcome back, Linux kernel!

Just under a month ago, the official distribution site for the Linux kernel was taken offline following an embarrasing malware incident.

The good news is that is back online. It's not all roses, though.

Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks - 60 Sec Security


Lots of readers said they'd like to see our 'news-with-a-conscience' videos more than once a month.

So here you go. 60 Second Security, once every two weeks.

Security breach: and Linux Foundation remain "temporarily unavailable"

Linux world in security spinout as Linux Foundation and remain "temporarily unavailable"

The Linux world is in a bit of a security spinout at the moment.

Could this be the moment that you finally decide to try OpenBSD?

IT security - what you must know in the mobile era

IT security - what you must know in the mobile era

Worried about the cloud? Data breaches? Mobile devices? Identity theft?

Join presenter James Kirby and experts Stephen Wilson, Charis Palmer and (ahem) me as we talk on the subject of IT security - what you must know in the mobile era.

Skype protocol cracked - what happens next?


A chap by the name of Efim Bushmanov has just published a claim that he has reverse-engineered the Skype protocol.

But how did he do it? And will the lawyers take it from here?

FLAMING RETORT: Cooling the friction when Linux meets anti-virus


Welcome to the first installment of a brand new Naked Security column, Flaming Retort!

This week, Sophos Voice of Reason Paul Ducklin soothes the friction which seems to warm things up whenever Linux meets anti-virus.

New variant of cross-platform Boonana malware discovered

Cross-platform malware attack strikes again

Mac user? Windows user? It doesn't really matter when it comes to cross-platform malware. A new version of the Boonana Trojan horse has been discovered.

VIDEO: Cross-platform malware runs on Windows, Mac and Linux


Watch a video of the Boonana malware as it infects on Windows, Mac and Ubuntu Linux via a malicious Java applet.

Cross-platform Boonana Trojan targets Facebook users

Cross-platform malware spreads via Facebook

The Boonana malware targets Mac OS X, Linux and Windows, and is being spread via Facebook. Don't think you're immune from attacks just because you don't run Windows..

PerlBot: A reason to run anti-virus on Linux?

PerlBot: A reason to run anti-virus on Linux?

This morning I noticed that SANS were talking about a Perl bot that has been reported on various Unix systems. I went looking for this file and noticed that a colleague had already updated the identity for Mal/PerlBot-A to detect Read more…

Linux Trojan rears its ugly head

UnrealIRCd logo

Next to OS X users, Linux users are the most arrogant in their perception that they are immune to malware infections. Unfortunately for them, this morning the administrators of had to post that their Unix/Linux source code had been Read more…

CanSecWest 2010 day 3 summary

Image (2) rfidguardian150.png for post 2789

The conference has now drawn to a close and Michael Argast and I have made CanSecWest this week's podcast topic. Our weekly podcasts have been going well so far and I would like to thank our editor/producer Maria Varmazis for Read more…

CanSecWest 2010 day 2 summary

Image (1) cansecwest200.png for post 2787

The second day of CanSecWest was a beautiful day in Vancouver. The day was full of information-packed sessions and anticipation for the evening dinner party reception. "SEH overwrite and its exploitability - Shuichiro Suzuki" Shuichiro, who works for Forteenforty, demonstrated Read more…