December 27, 2009 - Researchers have uncovered a flaw in the Transport Layer Security (TLS) protocol, allowing attackers to inject arbitrary text into an encrypted session. In some cases, this attack enables an attacker to completely compromise the secured (continue reading...) Read more
December 25, 2009 - Spammers are clearly putting the holidays to good use, as they have made Christmas just another reason to spread malware. Trend Micro threat analysts recently received a spammed message purporting to come from 123greetings.com, a legitimate site that users can access (continue reading...) Read more
December 24, 2009 - Firstly, Merry Christmas to all our readers! Unfortunately, Christmas doesn’t mean that the malicious activities in cyberspace is going to stop, hence this posting. Today we received a message that claims to have come from one of the Google Groups. The message looked like this: (continue reading...) Read more
December 24, 2009 - Researchers examining the directories of the URLs of some of the latest Koobface runs may stumble upon a Christmas greeting, directed at the security community: (continue reading...) Read more
December 24, 2009 - Activities associated with Koobface have increased during the month of December. Often it is for the sending of traffic to compromised servers in order to obtain more servers. Other times the activity centers around using those same compromised (continue reading...) Read more
December 24, 2009 - For those of you that are having to put up with looking after your parents over Christmas: Would you much rather selfishly indulge yourselves with partying? A kindly spammer has a very seasonal Christmas Eve message offering to make this (continue reading...) Read more
December 24, 2009 - Since first releasing detection (2 days ago) for Troj/JSRedir-AK SophosLabs have seen thousands of websites affected by it. Since blogging yesterday we have seen a few minor variants and have had to update the our detection. One of the (continue reading...) Read more
December 24, 2009 - Plugins, Glorious Plugins In 2009, Tenable released over 8,100 new plugins (and the year isn’t over yet!). These plugins have covered several different types of vulnerabilities, including web applications, embedded systems, local checks for operating systems and much more. We (continue reading...) Read more
December 24, 2009 - While scouting the Web for the latest threats, Trend Micro threat analysts stumbled upon FAKEAV variants riding on the impending eruption of the Mayon Volcano. Renowned for its “perfect cone” shape, the Mayon Volcano became one of the candidates (continue reading...) Read more
December 23, 2009 - I’m happy to share that Channel Insider has recognized the McAfee channel team with the 2009 Bull’s Eye Award for Turnaround of the Year. Our efforts in revamping the McAfee channel program, (continue reading...) Read more
December 23, 2009 - Posted on behalf of Dan Bleaken, Malware Data Analyst, Symantec Hosted Services Globally, for the past month, spam accounts for roughly 75 percent of all email in circulation. And about 75 percent of that spam is sent from one of the (continue reading...) Read more
December 23, 2009 - This morning we released version 3.3.3 of the Metasploit Framework - this release focuses on exploit rankings, session automation, and bug fixes. The exploit rank indicates how reliable the exploit is and how likely it is for (continue reading...) Read more
December 23, 2009 - The story: US and Russia Discussing Cyber Warfare and Cyber Security Officials from the US and Russia are meeting to discuss improving Internet security and establishing cyber warfare policy. The Russians would like to see a cyber warfare disarmament treaty between (continue reading...) Read more
December 23, 2009 - Yesterday, one of our technology partners Yandex notified us of some new malware. They use Sophos to scan webpages for malicious content while they scan the Internet and often report new threats. The (continue reading...) Read more
December 23, 2009 - After months of negotiations, US President Barack Obama has finally chosen a Chief of CyberSecurity – Mr Howard A Schmidt. Confirmation of the appointment is expected shortly.Mr Schmidt, who previously served with the Bush administration as (continue reading...) Read more
December 23, 2009 - Just a quick note — the sudden death of Hollywood celebrity Brittany Murphy last Sunday (BBC report here) has prompted a spike in searches on the subject — and of course, an SEO attack.Users who (continue reading...) Read more
December 23, 2009 - Steam from Valve is the largest digital distribution network in the world, with over 20 million active users.This is how people today buy their PC games and other content.In many ways, Steam is a (continue reading...) Read more
December 23, 2009 - SRI International has published an excellent technical report on the Ikee.B botnet that replicates on jailbroken iPhone devices.The full report can be viewed here. We're (continue reading...) Read more
December 23, 2009 - It's not a huge surprise that we are seeing some malware spam runs where the malicious attachment attempts to portray itself as a Christmas Greeting of some sort.Here's an example from today (md5: C670165AE6DFA8318F0EA795B1D3AD55). This one (continue reading...) Read more
December 23, 2009 - We read with interest about yet another PDF redaction snafu.In this case it was the attorney of TJX / 7-11 hacker Albert Gonzales, who posted an indictment that was redacted digitally and posted online as (continue reading...) Read more