December 31, 2010 - Yesterday's post titled "New Year themed Malicious Email on the Prowl" and the emails mentioned were an early campaign done by what's now believed to be Storm v3 or Waledac v2. As our friends over at ShadowServer mention (continue reading...) Read more
December 31, 2010 - Pierre-Marc tells me that he has received two malware samples that grabbed his attention due to their resemblance to Storm/Waledac. They use the same kind of distribution mechanism: that is, spam with links to a New Year eCard for New (continue reading...) Read more
December 31, 2010 - The December ThreatSense report, being the last report of the year, is a little bigger than usual, and takes a longer view. It includes: A feature article by Pierre-Marc Bureau and Alexis Dorais Joncas on the Bflient.K malware kit. A feature article (continue reading...) Read more
December 31, 2010 - There has been something of a sting in the tail of the year for lovers of the Android mobile operating system, as researchers uncovered a new Trojan horse. The Troj/Geinimi-A malware (also known as "Gemini") (continue reading...) Read more
December 31, 2010 - Hacktivists have struck a blow against the regime in Zimbabwe by attacking a number of government websites. The cyber-assault appears to have been in support of newspapers who published secret cables in (continue reading...) Read more
December 31, 2010 - The Lab handles tens of thousands of suspicious binaries every day. The only way a relatively small group of human researchers can handle such volume is of course with automation. Each sample that is imported into our malware (continue reading...) Read more
December 30, 2010 - The Lookout Mobile Security company is reporting a new trojan horse program that runs on Android based phones. The novel thing about this trojan is that it has enough functionality to allow the criminals to assemble an Android based (continue reading...) Read more
December 30, 2010 - Are you working over New Year, like Sophos Support and SophosLabs? If so, here's a bit of fun - official, educational fun - to tide you over the (continue reading...) Read more
December 30, 2010 - A post today at Shadowserver gives a heads-up on what might be the next version of Storm. (continue reading...) Read more
December 30, 2010 - Happy New Year everyone! Since I am about to take a few days off to spend with my family, I thought for this blog I would share some of my favorite holiday sites. For New Years Eve, I found (continue reading...) Read more
December 30, 2010 - This short video blog explains a bit about typo squatting. For our readers who are not native English speakers, typo means typographical error, or in plain English, it means you typed the wrong letters in. Some websites buy domains with (continue reading...) Read more
December 30, 2010 - The recent WikiLeaks disclosure of more than 250,000 U.S. State Department diplomatic cables got people worked up. Running opposite much public opinion, the main WikiLeaks defender in the hacktivism field is the “Anonymous” group. After earlier engaging in various cyberdemonstrations against (continue reading...) Read more
December 30, 2010 - The 27th Chaos Communications Congress (27C3), a computer security conference held in Berlin, has offered several good mobile and embedded security talks in the past few days. SMS-based vulnerabilities, vulnerabilities in mobile phone radios, and (continue reading...) Read more
December 30, 2010 - Hey look, it’s a “this is what happened this year” post. Don’t worry, I won’t be making any security predictions (because unless I'm Nostradamus I can’t tell you what’s going to happen next week, never mind in six months time) (continue reading...) Read more
December 30, 2010 - Websense Security Labs™ ThreatSeeker™ Network has discovered a slew of New Year-themed malicious emails circulating today. Websense customers are being protected proactively against this ongoing malicious spam campaign by ACE, our Advanced Classification Engine. (continue reading...) Read more
December 30, 2010 - And some Web sites will be a lot safer! While reviewing incidents and deobfuscating a Web site today, I discovered an installation of a particular exploit kit that won't work after New Year's Eve. The site I found caught my attention because the (continue reading...) Read more
December 30, 2010 - The WordPress team has alerted WordPress users to a critical XSS flaw in versions 3.0.3 and previous. WordPress has not sent out many alerts of (continue reading...) Read more
December 30, 2010 - The last podcast of the year is here and my guest this week (on his vacation!) was Tony Ross, one of our Global Product Specialists. To wrap (continue reading...) Read more
December 29, 2010 - A Naked Security reader (you know who you are - thanks!) just reported that a friend posted an unexpected message on her wall - and on the walls of numerous mutual friends. (continue reading...) Read more
December 29, 2010 - It is generally well-understood that antimalware programs—the software which detects computer viruses, worms, trojan horses and other threats to your system—work by scanning files using signatures they already have. A signature could be as simple as a string (continue reading...) Read more