(get it in RSS or Atom)

Hot Lotto security chief found guilty of scamming his own lottery for $14.3m

Hot Lotto security chief found guilty of $14.3m lottery scam

Eddie Tipton was found guilty on two charges of fraud after rootkitting his way to a massive Hot Lotto win.

Notes from SophosLabs: Dyreza, the malware that discriminates against old computers

In another article in our occasional series "Notes from SophosLabs", we look at the (anti-)(anti-)anti-virus arms race.

In an effort to evade automated analysis, here's malware that deliberately avoids old-looking computers.

Hot Lotto security director suspected of tinkering with computer to win $14.3m

Lottery balls. Image courtesy of Shutterstock

What's luckier than a four-leaf clover? Maybe a rootkit on a handy thumb drive, with access to security cameras that can be tampered with.

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one now!

Thunderstrike - new Mac "ueberrootkit" could own your Apple forever‏


Security researcher Trammell Hudson wondered how deeply you could embed a rootkit into a Mac.

Forget hacking the kernel, or even the boot sector...what about targeting the Boot ROM chip itself?

SSCC 137 - Apple, rootkits, hacking and data breach laws [PODCAST]


What about support for OS X Lion and Mountain Lion? Can a rootkit be a blessing in disguise? Will federal US data breach laws make things better or worse?

Chester and Duck once again aim their entertaining expertise at the security news of the week...

Notorious "Gameover" malware gets itself a kernel-mode rootkit...


The Gameover botnet gang has been trying new techniques lately: most recently comes the introduction of a kernel-mode rootkit called Necurs, making the malware harder to find and remove.

Senior Researcher James Wyke of SophosLabs investigates...

Spanish Linux group runs to teacher, complains about Microsoft's Secure Boot

Spanish open source association Hispalinux, reports Reuters, has officially complained to the European Commission about the Windows 8 Secure Boot system.

Paul Ducklin gets quizzical about what happens next...

FLAMING RETORT: Linux rootkit news "provides some comic relief"

About two weeks ago, a posting on the Full Disclosure Mailing List announced a new Linux rootkit.

Indeed, the posting didn't just announce the malware, but included a fully-working sample...

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

The ZeroAccess rootkit, which hijacks PCs and recruits them into a botnet, has undergone a significant revision - SophosLabs researcher James Wyke reveals.

Technical paper: The ZeroAccess rootkit under the microscope


The ZeroAccess rootkit is quickly becoming one of the most widespread malware threats. SophosLabs' James Wyke takes a look at how ZeroAccess works and what its ultimate goal is.

Carrier IQ snoops on US cell users - Spyware or service monitoring tool?


Researcher Trevor Eckhart posted information showing that US mobile carriers were installing a rootkit on mobile phones that can record location, keystrokes and other sensitive data to mobile carriers. It can be included on Android, Nokia, Blackberry and other tablets causing privacy concerns among users.

Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks - 60 Sec Security


Lots of readers said they'd like to see our 'news-with-a-conscience' videos more than once a month.

So here you go. 60 Second Security, once every two weeks.

Security breach: and Linux Foundation remain "temporarily unavailable"

Linux world in security spinout as Linux Foundation and remain "temporarily unavailable"

The Linux world is in a bit of a security spinout at the moment.

Could this be the moment that you finally decide to try OpenBSD?

SSCC 66 - Popureb,, WordPress insecurities and Twitter hackers

Sophos Security Chet Chat 41

In this week's Chet Chat Paul Ducklin is Chet's guest as they cover the latest security news. Topics covered include a paper on the Popureb rootkit, the vulnerabilities in Apple's iOS exploited by, WordPress 3.2 and the latest Twitter account hacks.

'Indestructible' rootkit rumours are greatly exaggerated! Stand down from high alert!

'Indestructible' rootkit rumours are greatly exaggerated! Stand down from high alert!

LulzSec has sailed away - if not off the edge of the world, at least into a part of space and time from which it can no longer trigger scared, and scary, headlines.

It seems we needed something to replace LulzSec, and it looks as though we've found it: the indestructible rootkit!

Compromised ads leading to TDSS rootkit infections

HackingTheWeb series logo

Hacking ad servers is a effective way of injecting malicious code into multiple third party web sites, potentially exposing huge numbers of users to the attack. Find out more about this latest attack being used to infect victims with TDSS.

Buzz over Google's $8.5 million lawsuit settlement


Google today took what it labelled the exceptional step of mass-mailing all Gmail users to announce a settlement in the Buzz lawsuit. According to Google, that lawsuit is now sorted out. But those who were hoping to pick up some personal largesse from Google's deep pockets will be disappointed.

Certified uncertainty

Screenshot of Stuxnet stolen certificates

Just when we thought we understood what was happening with the Stuxnet rootkit the plot thickens. As I reported in my original story, the rootkit component and several other pieces were signed with a legitimate digital certificate from Realtek Semiconductor. Read more…

Android rootkits - malware on your smartphone

Android rootkits - malware on your smartphone

Many of you are probably familiar with the concept of rootkits - malicious software that lurks hidden at a low-level on your Windows or Unix computer, remaining undetected by conventional anti-virus software. Although new rootkits can be prevented from infecting Read more…