June 2, 2010 - We said we thought we were going to see a lot more Facebook “likejacking”, and sure enough that’s exactly what’s happened - there’s been an explosion of pages exploiting this technique to get users to “like” pages without them even (continue reading...) Read more
May 31, 2010 - During the weekend I came across a news item regarding an FBI indictment over “Scareware fraud”. The indictment, available here, alleges a scheme that employs malicious advertisements served on legitimate websites. (continue reading...) Read more
May 31, 2010 - SophosLabs global network of spamtraps are now seeing “snow-shoe spam” promoting litigation services against British Petroleum (BP) relating to the Gulf of Mexico Oil Spill disaster. They are targeting anyone who may be negatively affected by the oil (continue reading...) Read more
May 31, 2010 - Graham posted earlier about a new Facebook clickjacking worm, and as someone who saw this spreading like wildfire among members of my own contact list I thought I’d dig into it a little. The technique is exactly as Graham describes (continue reading...) Read more
May 27, 2010 - Billy blogged yesterday about the first day of this year’s CARO conference. He has since developed a nervous tick whenever the words “exponential”, “growth” and “samples” are used in the same sentence. Luckily, today’s talks were much more (continue reading...) Read more
May 26, 2010 - Today, media outlets are reporting that the Canadian federal government is reintroducing a previously set-aside Anti-spam legislation. Bill C-28 also known as the “Fighting Internet and Wireless Spam Act”, will be mostly identical to the previous version. Similar to (continue reading...) Read more
May 26, 2010 - Greetings from picturesque Helsinki where the 2010 CARO workshop (Computer Anti-virus Research Organisation) is being held. This year the focus is on the the scale of the malware problem, a (continue reading...) Read more
May 25, 2010 - The same breed of character that brought you rogue customer service are adding to their con-artist repertoire with rogue product testimonials for their FakeAV. These obviously bogus “True life stories” are just another (continue reading...) Read more
May 20, 2010 - There has been quite a lot of talk recently about botnets controlled through Twitter accounts. The other day I came across an interesting blog post by our colleagues at Sunbelt. Chet has also posted a post about a (continue reading...) Read more
May 18, 2010 - I was on Facebook checking all my security settings again, when I saw something pop up in my feed from Sophos. It was a link to a tool to check your (continue reading...) Read more
May 16, 2010 - The recent share market plunge has hit me hard. The Euro is crashing and everyone’s doubting the global economic recovery. I am faced with economic catastrophe and with inflation eating into my salary, I am plunging deeper into the darkness (continue reading...) Read more
May 16, 2010 - Search terms for the recent shuttle launch and the Southern Entertainment Rap awards are currently the targets of SEO poisoning campaigns. Unprotected users who take the bait will become infected with FakeAV. Searching for combinations of (continue reading...) Read more
May 13, 2010 - Can you believe that you have a chance to get a pre-release Apple iPhone 4G? Yes, you can now test and keep an Apple iPhone 4G by simply clicking on the link in the following email. How exciting! (continue reading...) Read more
May 11, 2010 - When I received the following email, it piqued my curiosity, as the scammers are targetting a very select group of individuals with their campaign: people who have, in the past, (continue reading...) Read more
May 11, 2010 - Hey Admins…. It’s that time again. The second Tuesday is upon us and May so far hasn’t been demanding as far as patching goes. So far …. this month Microsoft has only issued two security announcements. MS10-030 and (continue reading...) Read more
May 11, 2010 - Late last week, the wires were buzzing over news that the official site of PHP-Nuke “Professional Content Management System“ was serving malware (see 1, 2). I am frankly amazed to see the site still infected 4 days later. (continue reading...) Read more
May 6, 2010 - When I was watching the movie 2012, I was so jealous of those selected people who were to be saved from the coming disaster. In real life, I’ve always thought that if such a cataclysmic event was to happen, you can (continue reading...) Read more
May 5, 2010 - Very rarely nowadays do we find a piece of malware whose sole intent and purpose is to destroy the victim computer. W32/Scar-H is an example of one of those über twisted malware which in the literal sense detonates a (continue reading...) Read more
May 5, 2010 - The Philadelphia Tribune has been infected with the same malware as was reported on the US Treasury site earlier this week. Detection for Mal/Iframe-N was updated yesterday to detect this threat. Overnight several high profile sites (including a major (continue reading...) Read more
May 3, 2010 - When I was a child, I was fascinated by ATM machines. I had a savings account which my mother would deposit money regularly and I waited for the day that I could raid the account with the ATM card for (continue reading...) Read more