#1 Computer Virus Update

Computer Virus at Jun 6 2011

2011-06-06T09:30:00.000-07:00

Computer virus - Wikipedia, the free encyclopedia
A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other ...
List of computer viruses - List of computer viruses (all) - (c)Brain - Virus hoax
en.wikipedia.org/wiki/Computer_virus - Cached - Similar
►
Images for computer virus
- Report images
HowStuffWorks "How Computer Viruses Work"
A computer virus can cause a lot of damage. Find out about worms, computer virus history, origins, and evolution, and how to protect your computer.
computer.howstuffworks.com › ... › Computer & Internet Security - Cached
Antivirus Protection | What is a Computer Virus | Microsoft Security
Have a computer virus? Learn about types of computer viruses and Microsoft anti virus software to protect your computer and provide the best virus ...
www.microsoft.com/security/pc-security/virus-whatis.aspx - Cached
Computer viruses: description, prevention, and recovery
17 May 2011 ... Discusses the different types of viruses and how to deal ...
support.microsoft.com/kb/129972 - Cached - Similar
What is Computer Virus?
A computer virus is an executable program. Depend on the nature of a virus, it may cause damage of your hard disk contents, and/or interfere normal ...
www.ust.hk/itsc/antivirus/general/whatis.html - Cached - Similar
Computer Virus

4 min - 8 Oct 2007 - Uploaded by DigitalEdge93
this isnt my video but i have this on here because i know how to do everything and make it so if ur not an ass and eave bad comments ill let u ...
www.youtube.com/watch?v=KbV-U_amx4M
More videos for computer virus »
McAfee—Antivirus, Encryption, DLP, IPS, Firewall, Email Security ...
McAfee solutions deliver complete virus protection and Internet security. ... an integrated firewall to ensure their computer systems remain virus-free. ...
Show stock quote for MFE
www.mcafee.com/ - Cached - Similar
snopes.com: Computers (Virus Hoaxes & Realities)
Information about computer viruses and virus hoaxes.
www.snopes.com/computer/virus/virus.asp - Similar
Computer Virus Myths
The canonical reference for computer virus myths, hoaxes, and urban legends.
www.vmyths.com/ - Cached - Similar
What is virus? - A Word Definition From the Webopedia Computer ...
This page describes the term virus and lists other pages on the Web where you can find additional information.
www.webopedia.com/TERM/V/virus.html - Cached - Similar

Searches related to computer virus

computer virus removal

recent computer virus

types of computer virus

computer virus download

computer virus names

current computer virus

computer virus list

computer worm

Computer Virus Update at Jan15 2011

2011-01-15T04:13:00.000-08:00

1.
AVG Antivirus Free Download
A Browser With A Clean & Simple Design Made For Users. Download Now
www.Google.com/Chrome
►
2.
Free AntiVirus Software
Enhanced Protection To Keep Your PC Spyware, Spam & Virus Free!
ComputerShopper.com/TrendMicro

Search Results

1.
AVG Free - Antivirus Download | Free Virus Protection
Download the most trusted free antivirus and anti-spyware security software for Windows 7, Vista and Windows XP. Get free virus protection now!
Download - Antivirus Free Download - Get basic protection - Download Trial
free.avg.com/ - Cached - Similar
2.
AVG Free - Antivirus Free Download | Free Virus Protection
Basic protection for surfing, searching and social networking. Millions of ...
free.avg.com/us-en/download-avg-anti-virus-free - Cached
Show more results from avg.com
3.
United States - English - McAfee—Antivirus, Encryption, DLP, IPS ...
McAfee solutions deliver complete virus protection and Internet security. Download McAfee anti-virus and anti-spyware software to protect against the latest ...
Show stock quote for MFE
www.mcafee.com/us/ - Cached
4.
"Holistic" Enterprise Anti-Virus Protection | Symantec Connect
20 Jan 2002 ... Sound policies should address the following; requirements for anti-virus protection including any proactive measures the organization will ...
www.symantec.com/connect/.../holistic-enterprise-anti-virus-protection - Cached
5.
avast! Free Antivirus - Download Software for Virus Protection
avast! Free Antivirus is the best free virus protection currently available on the market. For non-commercial and home use only.
www.avast.com/free-antivirus-download - Cached - Similar
6.
Kaspersky Lab: Antivirus software
Free virus scan and antivirus trial downloads. ... for home and home office are specifically designed to provide hassle-free and quality protection. ...
www.kaspersky.com/ - Cached - Similar
7.
AVG Anti-Virus Free Edition 2011 - Free software downloads and ...

Rated 4.0 out of 5.0

Review by Seth Rosenblatt - Sep 30, 2010
30 Sep 2010 ... CNET Labs' benchmarks found that AVG Anti-Virus Free 2011 had the ... that AVG Anti-Virus Free 9 (version 2010) earned an overall protection ...
download.cnet.com/AVG...Virus.../3000-2239_4-10320142.html - Cached
8.
Free Virus Protection
There is no question that everyone needs to protect their computers from viruses but can it be done without spending lots of money to buy anti-virus ...
freebies.about.com/cs/computerfreebies/a/freeav.htm - Cached - Similar
9.
Virus Protection
The second most important principle is "run an anti-virus protection program". If your anti-virus program does not include a good firewall, you must obtain ...
www.livinginternet.com › Internet › Security Issues › Viruses - Cached - Similar
10.
Free Anti-Virus Software: Legally protect your PC for free...
4 Oct 2010 ... Since online banking has taken off in such a big way, a few banks now offer free anti-virus protection to cover themselves. ...
www.moneysavingexpert.com › Shopping & Spending - Cached - Similar

Computer Virus Update at Dec 11 2010

2010-12-11T10:29:00.000-08:00

#
Computer Virus - Google Books Result
Christopher Stitt, Lew Keilar - 2004 - Juvenile Fiction - 32 pages
books.google.com/books?isbn=1865092347...
►
#
Man infects himself with computer virus - Technology & science ...
26 May 2010 ... A University of Reading researcher has become the first human known to be infected by a computer virus. The virus infected a chip implanted ...
www.msnbc.msn.com/id/.../ns/technology_and_science-security/ - Cached
#
Computer Virus Hoaxes
Pointers to the best available information on computer virus hoaxes and misconceptions.
urbanlegends.about.com › ... › Internet / Web Hoaxes - Cached - Similar
#
Computer Virus Leads to $20 Million Scam Targeting Pianist ...
9 Nov 2010 ... A noted classical pianist, composer and Latin music producer found himself drawn into an elaborate years-long extortion scheme that cost him ...
www.wired.com/threatlevel/2010/11/pianist-composer-bilked - Cached
#
Free Virus Scan - Free Antivirus Software | Norton Security Scan
Test your computer's exposure to online security threats with free virus scan. Learn how free antivirus solution can make your computer more secure.
security.symantec.com/ - Cached - Similar
#
Scientist Infects Himself with a Computer Virus [VIDEO]

26 May 2010
The University of Reading's Dr. Mark Gasson has an unusual distinction: He's the first human to become infected with a computer virus.
mashable.com/2010/05/26/human-computer-virus/ - more videos »
Get more video results
#
How do I create a computer virus?
If you are interested in creating a computer virus, trojan, worm, or other malicious program as revenge, payback, or as a prank for an individual or a ...
www.computerhope.com/issues/ch000653.htm - Cached - Similar
#
Computer Virus Tutorial Introduction
3 Apr 2009 ... Welcome to the Computer Knowledge tutorial on computer viruses. We'll discuss what they are, give you some history, discuss protection from ...
www.cknow.com/cms/vtutor/cknow-virus-tutorial.html - Cached - Similar
#
Hunting an 'Industrial-Strength' Computer Virus Around the Globe ...
1 Oct 2010 ... Hari Sreenivasan has the latest on a powerful computer virus that could be targeting nuclear facilities in Iran.
www.pbs.org/newshour/bb/science/july.../computervirus_10-01.html - Cached
#
FoxNews.com - British Scientist 'Infects' Himself With Computer Virus
26 May 2010 ... British scientist becomes first person to be infected with a computer virus.
www.foxnews.com/scitech/2010/05/.../british-scientist-infects-virus/ - Cached

Computer Virus Update at Nov 28 2010

2010-11-28T10:28:00.000-08:00

#
What is a Computer Virus?
Article explaining what a Computer Virus is, and how it can affect your computer.
www.antivirusware.com/articles/computer-virus.htm - Cached - Similar
►
#
snopes.com: Computers (Virus Hoaxes & Realities)
Information about computer viruses and virus hoaxes.
www.snopes.com/computer/virus/virus.asp - Similar
#
How to Clean a Virus-Infected Computer | eHow.com
How to Clean a Virus-Infected Computer. Computer viruses are insidious, sneaky and--like their biological counterparts--constantly mutating.
www.ehow.com › ... › Computer Software › Antivirus Software - Cached - Similar
#
Viruses - Spyware - Internet Protection - Latest New Computer ...
Symantec Security Response provides comprehensive internet protection expertise to guard against complex threats, information about latest new computer ...
www.symantec.com/security_response/index.jsp - Cached - Similar
#
YouTube - Computer Virus
this isnt my video but i have this on here because i know how to do everything and make it so if ur not an ass and eave bad comments ill let ...
www.youtube.com/watch?v=KbV-U_amx4M - Cached - Similar
#
What is virus? - A Word Definition From the Webopedia Computer ...
This page describes the term virus and lists other pages on the Web where you can find additional information.
www.webopedia.com/TERM/V/virus.html - Cached
#
What is Computer Virus?
A computer virus is an executable program. Depend on the nature of a virus, it may cause damage of your hard disk contents, and/or interfere normal ...
www.ust.hk/itsc/antivirus/general/whatis.html - Cached - Similar
#
Virus Information | McAfee
See the latest information on virus, computer virus and viruses. McAfee is the leader in internet security and virus detection. Keep up to late on the most ...
home.mcafee.com/virusinfo/ - Cached - Similar
#
Computer Virus Timeline — Infoplease.com
Related content from HighBeam Research on: Computer Virus Timeline. Computer virus protection. ... The Computer Virus Handbook. (Computers in Libraries) ...
www.infoplease.com › ... › Computers - Cached - Similar
#
BBC News - First human 'infected with computer virus'
27 May 2010 ... A British scientist who has implanted a chip under his skin claims to be the first man to become infected with a PC virus.
www.bbc.co.uk/news/10158517 - Cached - Add to iGoogle

Computer Virus Update at Oct 24 2010

2010-10-24T10:26:00.000-07:00

#
Computer virus - Wikipedia, the free encyclopedia
A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other ...
List of computer viruses - List of Computer Viruses (All) - Computer worm - (c)Brain
en.wikipedia.org/wiki/Computer_virus - Cached - Similar
►
#
What is a computer virus? | Types of Computer Viruses
Have a computer virus? Learn about types of computer viruses and Microsoft anti virus software to protect your computer and provide the best virus ...
www.microsoft.com/security/antivirus/whatis.aspx - Cached - Similar
#
Computer viruses: description, prevention, and recovery
Discusses the different types of viruses and how to deal with them.
support.microsoft.com/kb/129972 - Cached - Similar
#
News for computer virus

# Times LIVE
Shamed Chinese hacker turns panda protector
1 day ago
Having recently completed a four-year jail term, Li Jun, whose incense-waving panda computer virus once infected millions of computers, gave the cash ...
Reuters - 23 related articles - Shared by 10+

#
AVG anti-virus update could freeze Windows PCs
Telegraph.co.uk
#
Thousands fleeced in 'Microsoft' scam but police powerless to act
Sydney Morning Herald - 119 related articles - Shared by 10+
#
HowStuffWorks "How Computer Viruses Work"
A computer virus can cause a lot of damage. Find out about worms, computer virus history, origins, and evolution, and how to protect your computer.
www.howstuffworks.com › ... › Computer & Internet Security - Cached - Similar
#
McAfee – Antivirus, Encryption, DLP, IPS, Firewall, Email Security ...
Home and Home Office. 1 to 10 computers. Products; Virus Information; Security Advice; Support; Downloads; My Account · Small Business. 10 to 50 computers ...
Show stock quote for MFE
www.mcafee.com/ - Cached - Similar
#
Images for computer virus
- Report imagesThank you for the feedback. Report another imagePlease report the offensive image. CancelDone
#
Computer Virus
A computer virus is a program which reproduces itself. It may attach to other programs, it may create copies of itself (as in companion viruses).
www.tech-faq.com/computer-virus.html - Cached
#
Videos for computer virus
Computer Virus
4 min - 8 Oct 2007
Uploaded by DigitalEdge93
youtube.com

How Computer Viruses Work
1 min - 9 Mar 2007
Uploaded by HowStuffWorks
youtube.com
#
Computer Virus FAQ for New Users
29 Jun 2010 ... Why should I care about computer viruses? Isn't all this just a bunch of hype drummed up by marketing departments for anti-virus software ...
www.faqs.org/faqs/computer-virus/new-users/ - Cached - Similar
#
Computer Virus Myths
The canonical reference for computer virus myths, hoaxes, and urban legends.
www.vmyths.com/ - Cached
#
What are Computer Viruses
Computer viruses are programs written by "mean" people. These virus programs are placed into a commonly used program so that program will run the attached ...
www.newton.dep.anl.gov/teachers/compvir.htm - Cached - Similar
#
Massive Computer Virus Strikes ABC/Disney, Comcast, Google, Others ...
Massive Computer Virus Strikes ABC/Disney, Comcast, Google, Others. By Hunter Walker. Published: September 09, 2010 @ 1:02 pm ...
www.thewrap.com/.../computer-virus-outbreak-strikes-corporate-america-20721 - Cached

Computer Virus Update at Sep 18 2010

2010-09-18T09:10:00.000-07:00

#
AVG Free - Antivirus Download | Free Virus Protection
Download the most trusted free antivirus and anti-spyware security software for Windows 7, Vista and Windows XP. Get free virus protection now!
Download - Antivirus Free Download - Support Center
free.avg.com/ - Cached - Similar
#
AVG Anti-Virus Free - Free AVG
AVG Anti-Virus Free Edition 9.0. Award winning protection to meet your basic security needs. It's always been our philosophy at AVG that everyone has the ...
free.avg.com/us-en/download-avg-anti-virus-free - Cached
#
McAfee – Antivirus, Encryption, DLP, IPS, Firewall, Email Security ...
McAfee Total Protection 2009 – Get the Ultimate, Easy-to-Use PC and Online ... have” virus due to the email subject line the worm uses during propagation. ...
Show stock quote for MFE
www.mcafee.com/ - Cached - Similar
#
Symantec - AntiVirus, Anti-Spyware, Endpoint Security, Backup ...
Introducing Norton 2011. Advanced protection that does more to stop cybercrime. ... Virus Removal · Antivirus Software · Spyware Info · Norton & Windows 7 ... Symantec Positioned as a Leader in Mobile Data Protection Magic Quadrant ...
Show stock quote for SYMC
www.symantec.com/ - Cached - Similar
#
Kaspersky Lab: Antivirus software
Free virus scan and antivirus trial downloads. ... for home and home office are specifically designed to provide hassle-free and quality protection. ...
www.kaspersky.com/ - Cached - Similar
#
AVG Anti-Virus Free Edition - Free software downloads and software ...
Rated 5.0 out of 5.0
Review by Seth Rosenblatt - Oct 15, 2009
10 Jul 2010 ... AVG Anti-Virus Free Edition is an anti-virus protection tool available free of charge to home users. Rapid virus database updates are ...
download.cnet.com/...Virus.../3000-2239_4-10320142.html - Cached - Similar
#
Free Virus Protection
There is no question that everyone needs to protect their computers from viruses but can it be done without spending lots of money to buy anti-virus ...
freebies.about.com/cs/computerfreebies/a/freeav.htm - Cached - Similar
#
avast! Free Antivirus - Download Software for Virus Protection
avast! Free Antivirus is the best free virus protection currently available on the market. For non-commercial and home use only.
www.avast.com/free-antivirus-download - Cached - Similar
#
Best Virus Protection Software | Easy & Powerful Antivirus Tool
Get the best, top-rated, virus protection now! More than 110 million satisfied user worldwide and 19 years of experience in computer security and internet ...
protectionvirus.info/ - Cached - Similar
#
AVG - Antivirus and Internet Security | Virus Protection
Antivirus and security software products for home and business users. Free trial downloads. Virus and malware protection with firewall, anti-spyware, ...
Antivirus Free Download - Free Antivirus - Download
www.avg.com/ - Cached - Similar

Sophos enews at Sep 15 2010

2010-09-15T22:08:00.000-07:00

Sophos enews: the newswire which brings you up-to-the-minute reports on virus, spyware and spam issues, new Sophos products and enhancements.

"Here you have" virus strikes email inboxes
At the end of last week, email messages with the subject line "Here you have" were widely reported, pretending to point to documents or free sex movies, but really designed to infect Windows PCs. Learn more about the threat now, and ensure that you have in-depth protection in place to reduce the possibility of attacks in future.

"Here you have" virus interest exploited by YouTube scammers
The big news at the end of last week was the widely-reported "Here you have" virus which arrived in inboxes with a waft of nostalgia, in the style of old-school mass-mailing malware. What has brought things more up-to-date is that scammers have exploited the interest in the "Here you have" virus to make themselves a quick buck. Learn more now.

Verisign revokes certificate from malware fiends
Verisign has revoked the signing certificate used to sign a malware payload associated with an Adobe Reader zero-day attack. Discover more about the issue, and if you are buying Authenticode signing certificates make sure you are implementing sensible protection for your keys.

Suspected Facebook burglary gang arrested by police
Police in New Hampshire have arrested a group of men suspected of being part of a burglary ring that targeted Facebook users who had reported they were away from home. Make sure that you, your friends, and colleagues aren't sharing too much information online - and protect your Facebook accounts.

Free Facebook Credits? Be wary of scams spreading virally
Facebook credits are the virtual currency used on Facebook for purchases inside games and within applications. Normally they're bought with credit cards or PayPal, but some scammers claim to offer free credits to unsuspecting Facebook users. Find out what happens by reading this alert from Sophos.

Name Sophos's new blog, and win an iPod Touch
Our bloggers need your help - a brand new version of our blog will be launched in the coming months, but we don't have a good name for it. Help us and you could win an iPod Touch.

Become a fan of Sophos on Facebook
Over 23,000 people have found that Facebook is a great way to engage with Sophos. So why not officially "like" us too and join in the conversation on our Facebook page? Join in the fun today, learn about the latest security threats and say "hi".

Sophos.com

Video: Watch how easy it to steal an identity on the street

2009-10-19T04:32:00.000-07:00

Many of us are concerned about how well companies and organisations are protecting our personally identifiable information - but how good at we at protecting our own details, such as name, date of birth and email address? Sophos went onto the streets, asking people what they thought about identity theft - and also seeing if we could get the public to share their personal information with complete strangers.

http://www.sophos.com/blogs/gc/g/2009/10/19/video

Sophos.com

"The Wrong Browsers"

2009-10-17T04:31:00.000-07:00

Aardman Animation, the firm behind plasticine superstars "Wallace and Gromit", asked if we could help them stop Google's Chrome frame plugin from being used with Internet Explorer. The reason? It could have a negative effect on computer security as it can circumvent other security measures. Discover more about why you might want to have greater control over how your users access the web.

http://www.sophos.com/blogs/chetw/g/2009/10/17/wrong-browsers-giving-control-admins

Sophos.com

Victoria's Secret spam slams Twitter

2009-10-17T04:30:00.001-07:00

Some Twitter users have found that their accounts have been posting messages without their knowledge, apparently advertising gift cards for the glamorous Victoria's Secret lingerie store. Discover more about the attack now, and ensure you don't click on the spammer's links.

http://www.sophos.com/blogs/gc/g/2009/10/17/victorias-secret-spam

Sophos.com

Balloon Boy throws up on TV - sick hackers take advantage

2009-10-17T04:30:00.000-07:00

America has been transfixed with the story of Falcon Heene, the six-year-old boy who was believed to have accidentally hitched a lift in his father's experimental helium balloon on Thursday. Although doubts have been expressed about whether the incident was a publicity stunt or not, there is no doubt that hackers have been quick to take advantage - creating malicious websites preying on interest in the breaking news story. Find out more about the latest attack now.

http://www.sophos.com/blogs/gc/g/2009/10/17/balloon-boy

Sophos.com

Phishing attack heists Hotmail passwords

2009-10-05T04:29:00.000-07:00

Newwin.net is reporting that hackers have exposed over 10,000 usernames and passwords from users of hotmail.com, msn.com, and live.com email services. All of the accounts initially posted begin with the letter a or b, suggesting that this may be the tip of the iceberg. Find out more about this attack and Microsoft’s response.

http://www.sophos.com/blogs/chetw/g/2009/10/05/hotmail-passwords-heisted-hackers

Sophos.com

Fake anti-virus virus proclaims to be your Facebook friend

2009-10-01T04:28:00.000-07:00

After a small hiatus, it appears that the social media networking site, Facebook is being attacked once again. AVG reports that there is an attack in progress under the guise of anti-virus software. Attackers have found a way to break the captcha's of Facebook accounts and create a mass of new "friends" to try to join your social network. The invites from these friends include a link. Learn more as we replicate this attack in our own SophosLabs.

http://www.sophos.com/blogs/chetw/g/2009/10/01/fake-antivirus-proclaims-facebook-friend

Sophos.com

Job with Google? No, it's a scam on Twitter

2009-09-25T10:44:00.000-07:00

Twitter users have found themselves on the receiving end of a widespread spam campaign, claiming to offer them jobs at search engine giant Google. The purpose of the website users are directed to, of course, is not to hire genuine employees for Google, but to sell them a "working from home" kit. Learn more about this attack now.

http://www.sophos.com/blogs/gc/g/2009/09/25/jobs-google-scam-spammed-twitter

Sophos.com

The Partnerka: What it is and why you should care

2009-09-24T10:43:00.000-07:00

SophosLabs expert Dmitry Samosseiko presented a technical paper at the Virus Bulletin conference in Geneva last week, investigating the ever-booming spam industry in Russia and beyond. The partnerka are hundreds of well-organised affiliate networks, with thousands of affiliated 'webmasters', who make millions of dollars of profits per year through the online sale of fake watches, fake anti-virus, fake pills, fake love, and much more besides. Learn more and read Dmitry's fascinating paper.

http://www.sophos.com/blogs/duck/g/2009/09/24/money-online

Sophos.com

Earn 43 cents every time you infect a Mac

2009-09-24T10:42:00.000-07:00

One of the things Dmitry discovered while investigating the computer underground was that one website was offering $0.43 to its affiliates every time they managed to successfully install malware on users' Apple Mac computers. Read more now.

http://www.sophos.com/blogs/gc/g/2009/09/24/earn-43-cents-time-infect-mac

Sophos.com

Is cloud anti-virus ready for the mass-market?

2009-09-24T10:41:00.000-07:00

There was much talk at last week's Virus Bulletin conference about "the cloud" and the part it can play in protecting computer users from security threats. Sophos blogger Chester Wisniewski wonders if those who believe this approach gives complete security actually have their head in the clouds..

http://www.sophos.com/blogs/chetw/g/2009/09/24/cloud-antivirus-ready-mass-market

Sophos.com

Patrick Swayze's death exploited by scareware scammers

2009-09-15T10:37:00.000-07:00

The death of Patrick Swayze, star of movies such as "Dirty Dancing", "Point Break" and "Ghost", saddened many film fans around the world. Heartless hackers, however, took advantage of the hot news story by creating malicious webpages that lead to fake anti-virus (also known as scareware or rogue anti-virus) alerts. Find out more and watch our video explanation of what happened.

http://www.sophos.com/blogs/gc/g/2009/09/15/patrick-swayzes-death

Sophos.com

Hackers bought malvertising space directly from New York Times

2009-09-15T10:36:00.000-07:00

The hackers who exposed innocent internet users to malicious computer code, bought the advertising space on the New York Times website directly from the newspaper. The hackers posed as a legitimate company, and persuaded NYTimes.com to run ads that initially appeared as legitimate online adverts before turning dangerous. Discover more about this audacious plot to attack innocent users.

http://www.sophos.com/blogs/gc/g/2009/09/15/hackers-bought-ad-space

Sophos.com

The perfect system to beat the roulette wheel? No, it's spam

2009-09-14T21:47:00.000-07:00

An email posing as a foolproof betting system to beat casinos is, in reality, designed to drive traffic to a particular gambling website. Find out more about the latest trick being used by online gambling sites, but don't lose your shirt!

http://www.sophos.com/blogs/gc/g/2009/09/14/casino-spam-poses-foolproof-betting

Sophos.com

Adult webcam site promoted via Imeem spam

2009-09-14T21:46:00.000-07:00

The social media website Imeem allows its members to share videos, podcasts, photos and blog entries with each other, but it's also being exploited by spammers to spread their unwanted messages too. Learn more about the latest campaign by social media spammers.

http://www.sophos.com/blogs/gc/g/2009/09/14/spammers-promote-adult-webcam

Sophos.com

Fake anti-virus attack hits New York Times

2009-09-14T21:45:00.000-07:00

Stop the presses! The website of the New York Times has been found serving up malicious adverts, designed to frighten users into believing they have a malware infection. Find out more about the poisoned pop-ups and how hackers take advantage of third-party advertising networks.

http://www.sophos.com/blogs/gc/g/2009/09/14/fake-antivirus-attack

Sophos.com

Microsoft vs Adobe security smackdown

2009-09-13T21:43:00.000-07:00

Vulnerabilities in software from Microsoft and Adobe continue to give companies headaches, as hackers exploit security holes to commit cybercrime. So, how do the two companies stack up against each other?

http://www.sophos.com/blogs/chetw/g/2009/09/13/microsoft-adobe-security-smackdown

Sophos.com

iPhone, iPod Touch, and QuickTime security updates

2009-09-10T21:42:00.000-07:00

Multiple security vulnerabilities affecting the QuickTime software widely used by owners of Mac OS X and Windows computers have been patched - but have you installed the fixes? In addition, if you own an iPhone or iPod touch you should update your device to the latest version of Apple's operating system in order to defend against vulnerabilities that could allow hackers to run malicious code.

http://www.sophos.com/blogs/gc/g/2009/09/10/iphone-ipod-touch-quicktime

Sophos.com

Facebook Fan Check Virus scare leads to malware

2009-09-07T21:40:00.000-07:00

Beware of searching on the internet for information about something called "Facebook Fan Check Virus", as you're likely to end up on a website hosting malicious code. Watch our video to see how fears of a Facebook application is leading some net users into a hackers' trap.

http://www.sophos.com/blogs/gc/g/2009/09/07/facebook-fan-check-virus

Sophos.com

Sophos Anti-Virus for Linux version 6.6.6 - the number of the beast?

2009-09-06T21:38:00.000-07:00

Should we be worried that a new version of our software has reached version 6.6.6? Sophos blogger Paul Ducklin explores the issue in his unique style.

http://www.sophos.com/blogs/duck/g/2009/09/06/number-of-the-beast

Sophos.com

Five things you can do to improve security in Windows 7's XP Mode

2009-09-05T21:37:00.000-07:00

XP Mode in Windows 7 has been criticised for not providing proper security. Read this blog post from Chet Wisniewski to learn how you can configure your Windows 7 computers for a higher level of protection from threats.

http://www.sophos.com/blogs/chetw/g/2009/09/05/windows-7-security-5-things

Sophos.com

Upgrading to Apple Snow Leopard downgrades Flash security

2009-09-02T21:34:00.000-07:00

The last thing you expect when you upgrade your operating system, is that you will have some of your security silently downgraded. But that's precisely what seems to have happened with Mac OS X Snow Leopard, which ignores that you have been keeping Adobe Flash up-to-date and downgrades it to an earlier version. Learn more and watch a video about this potential security risk.

http://www.sophos.com/blogs/gc/g/2009/09/02/apple-ships

Sophos.com

Essential reading: Two new security blogs from Sophos

2009-09-01T20:38:00.000-07:00

Experts Paul Ducklin and Chet Wisniewiski join the ranks of official Sophos bloggers - helping you make sense of the latest security news, and determine what actions you may need to take inside your organization. Can you afford not to read what they have to say?

http://www.sophos.com/blogs/gc/g/2009/09/01/security-blogs
http://www.sophos.com/blogs/duck
http://www.sophos.com/blogs/chetw

Sophos.com

How good is Snow Leopard's built-in anti-virus protection?

2009-08-28T20:37:00.000-07:00

Apple shocked the world by building protection against two families of Mac Trojan horse into the latest version of its operating system. However, the company is at pains to underline that the technology is not equivalent to running an anti-virus product (for instance, you can't scan your hard drive or clean-up an infection, and it won't intercept malware downloaded via BitTorrent or introduced via a USB drive). See for yourself how Apple's anti-malware protection performs in a short video from SophosLabs.

http://www.sophos.com/blogs/gc/g/2009/08/28/snow-leopard-malware
http://www.sophos.com/blogs/sophoslabs/post/6269
http://www.sophos.com/blogs/chetw/g/2009/08/29/snow-leopards-bundled

Sophos.com

Sophos Anti-Virus supports Snow Leopard

2009-08-28T20:33:00.000-07:00

Sophos product manager Sunil Choudrie comments on Apple's new operating system, our support for Mac OS X 10.6 Snow Leopard and what this mean for users. If you're upgrading to the latest version of Mac OS X, you'll want to read this.

http://www.sophos.com/blogs/gc/g/2009/08/28/guest-blog-sophos-antivirus

Sophos.com

Podcast: Windows 7 in the security spotlight

2009-08-25T20:31:00.000-07:00

Find out more about some of the improvements that you'll find if you make Microsoft's dreams come true and upgrade to Windows 7, including the new Action Center, enhancements to the Windows Firewall and the latest about DirectAccess and the controversial XP Mode. Senior technologist James Lyne is interviewed in this podcast which takes a closer look at Windows 7 from the security point of view.

http://www.sophos.com/blogs/gc/g/2009/08/25/podcast-windows-7

Sophos.com

Quick poll: Is your smartphone encrypted?

2009-08-20T20:30:00.000-07:00

Are you lucky owner of an iPhone, BlackBerry, HTC Hero or Palm Pre? What steps has your company taken to ensure that the data held on the phone is encrypted? Is the data encrypted at all? Let us know in this quick, anonymous poll.

http://www.sophos.com/blogs/gc/g/2009/08/20/smartphone-encrypted

Sophos.com

Twitter spammers post sexy profile pictures

2009-08-20T20:27:00.000-07:00

Spammers have created bogus accounts on Twitter, and embedded racy messages into their profile images. Find out more about the attack, and how it attempts to lure unsuspecting social networkers into a date with an adult website.

http://www.sophos.com/blogs/gc/g/2009/08/20/twitter-spammers

Sophos.com

Delphi W32/Induc virus - what you need to know

2009-08-19T20:28:00.000-07:00

A curious piece of malware called W32/Induc is designed to infect applications written using Delphi (a variant of the Pascal language originally developed by Borland, and now used to quickly develop Windows programs such as database applications). The virus inserts itself into the source code of any Delphi program it finds on an infected computer, and then compiles itself into a finished executable. Find out more about why we're seeing lots of reports of this virus, and how it has been discovered on a magazine's free CD ROM. You can even listen to a podcast and learn more straight from the malware experts at Sophos.

http://www.sophos.com/blogs/gc/g/2009/08/19/w32induca-spread-delphi-software-houses
http://www.sophos.com/blogs/gc/g/2009/08/20/magazine-ships-induc
http://www.sophos.com/blogs/gc/g/2009/08/21/podcast-delphi-induc-virus
http://www.sophos.com/blogs/sophoslabs/v/post/6117

Sophos.com

P2P file-sharing banned in Antarctica

2009-08-19T20:26:00.000-07:00

Authorities have poured cold water over scientists' desires to run file-sharing software like BitTorrent on their computers in the Antarctic. Find out more about the dangers of uncontrolled P2P usage, and how you can enforce a policy inside your company to prevent users putting security at risk or gobbling up bandwidth.

http://www.sophos.com/blogs/gc/g/2009/08/19/p2p-filesharing-banned-antarctica

Sophos.com

Twilight movie star used as lure by malware-spreading hackers

2009-08-14T20:23:00.000-07:00

Malware authors are explotiing interest in revealing pictures of actress Ashley Greene to entrap unwary surfers. Learn more about the attack, and remember to think twice before hunting for nubile snaps of Hollwood starlets online.

http://www.sophos.com/blogs/gc/g/2009/08/14/ashley-greene-dirty-pics

Sophos.com

Video: The danger of trusting Conficker clean-up advice on Twitter

2009-08-13T20:21:00.000-07:00

Can all tweets on Twitter be trusted, or are some "helpful" souls actually spreading advice on how to clean up malware without revealing that they are making cash from the click throughs? Watch this exclusive video and find out more now.

http://www.sophos.com/blogs/gc/g/2009/08/13/trust-conficker-cleanup-advice-twitter

Sophos.com

Multiple security updates for Windows and Mac users

2009-08-12T20:18:00.000-07:00

Users of Mac and Windows computers are once again being advised to update their systems as Apple and Microsoft have issued multiple security patches in the last week. Make sure you keep yourself informed of the critical patches, and update your computers before hackers have a chance to strike.

http://www.sophos.com/blogs/gc/g/2009/08/12/microsoft-issues-barrage-security-updates
http://www.sophos.com/blogs/gc/g/2009/08/12/security-holes-fixed-safari-403
http://www.sophos.com/blogs/gc/g/2009/08/13/day-security-update-apple

Sophos.com

Free download: New version of Sophos Anti-Rootkit

2009-08-10T21:32:00.000-07:00

We've updated our free rootkit detection and removal tool to support 64-bit versions of Windows and the upcoming Windows 7. Make sure you have updated to version 1.5 of Sophos Anti-Rootkit to ensure the highest level of protection.

http://www.sophos.com/blogs/gc/g/2009/08/10/sophos-antirootkit-updated
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html

Sophos.com

Twitter topples under denial-of-service attack

2009-08-07T21:30:00.000-07:00

Micro-blogging website Twitter was blasted off the internet last week, after suffering a massive denial-of-service attack. Find out more about the attack, including how an attempt to silence one Georgian blogger actually affected millions of users worldwide.

http://www.sophos.com/blogs/gc/g/2009/08/07/twitter-denialofservice
http://www.sophos.com/blogs/gc/g/2009/08/06/twitter-hit-massive

Sophos.com

Boobytrapped images pose threat to Apple users

2009-08-06T21:29:00.000-07:00

Users of Mac computers are being advised to install an important security patch, after Apple acknowledged that a serious flaw existed in its Mac OS X operating system that could be exploited by hackers. Discover more about the flaw and ensure that your Mac computers are properly defended.

http://www.sophos.com/blogs/gc/g/2009/08/06/boobytrapped-images

Sophos.com

US Marines banned from using Twitter and Facebook

2009-08-05T21:28:00.000-07:00

The US Marine Corps has banned troops from accessing social networking websites - such as Twitter, Facebook and MySpace - from its networks. Discover how military commanders are becoming increasingly concerned about the threat of hackers spreading malware via the systems.

http://www.sophos.com/blogs/gc/g/2009/08/05/marines-banned-twitter

Sophos.com

Exploiting trust with SSL vulnerabilities

2009-08-03T21:27:00.000-07:00

A serious flaw has been found in the way that SSL, browsers and Certificate Authorities work with each other to provide transport security and identity validation on the web. Learn more about the problem, and how Sophos's web appliance can automatically detect malformed certificates and block them before they get to the user or the web browser.

http://www.sophos.com/blogs/gc/g/2009/08/03/guest-blog-internet-identity

Sophos.com

Sophos wins VB100 award for virus protection

2009-08-03T21:25:00.000-07:00

Industry magazine Virus Bulletin describes Sophos's anti-virus solution as "a worthy winner" of the VB100 award in a comparative test, with "detection rates very impressive across all the sets." This is the 48th time Sophos has won the VB100 award from the independent testers at Virus Bulletin for its protection capabilities. Read more about the test now.

http://www.sophos.com/blogs/gc/g/2009/08/03/sophos-wins-vb100-award

Sophos.com

iPhone update fixes "SMS of death" vulnerability

2009-08-01T21:24:00.000-07:00

Apple has released an update to its iPhone operating system to protect against a vulnerability that could potentially allow criminals to hijack users' phones by sending booby-trapped SMS messages. Although the exploit has not yet been used in anger, make sure you update your iPhone now.

http://www.sophos.com/blogs/gc/g/2009/08/01/iphone-update-fixes-sms

Sophos.com

Michelle Obama's safehouse secrets leaked via P2P

2009-07-30T21:22:00.000-07:00

It has been revealed that details of the secret service safe house that would be used by Michelle Obama in the event of the White House being evacuated were accidentally shared via a peer-to-peer file-sharing network. Learn about the risks of uncontrolled use of P2P software, and how you can manage the danger inside your business.

http://www.sophos.com/blogs/gc/g/2009/07/30/michelle-obamas

Sophos.com

Firms braced for emergency patches from Microsoft

2009-07-26T21:21:00.000-07:00

Microsoft has announced that on Tuesday it will release two out-of-band security patches designed to fix vulnerabilities in Internet Explorer and Microsoft Visual Studio. Microsoft normally bundles its security updates into a monthly package, and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. Learn more and discover why considers the situation particularly important.

http://www.sophos.com/blogs/gc/g/2009/07/26/departments-braced

Sophos.com

Emma Watson has NOT died in a car crash

2009-07-24T21:19:00.000-07:00

Harry Potter actress Emma Watson has become the subject of a morbid and fast-moving rumor that has struck the internet, claiming that she has been killed in a car crash. Sophos advises computer users to check their facts and show caution when invited to click on unsolicited links.

http://www.sophos.com/blogs/gc/g/2009/07/24/emma-watson-died-car-crash

Sophos.com

BlackBerry users revolt over spyware scandal

2009-07-23T21:17:00.000-07:00

It has been revealed that an update sent to BlackBerry users in the United Arab Emirates, which claimed to improve performance of the mobile device, was actually spying on them. Intriguingly, it is a telecoms company that sent the update to their BlackBerry users. Learn more about the spyware scandal making big headlines in the Middle East.

http://www.sophos.com/blogs/gc/g/2009/07/23/blackberry-customers-revolt

Sophos.com

HSBC receives record fine after losing data in post

2009-07-23T21:14:00.000-07:00

HSBC has found itself on the receiving end of a record fine of over 3 million pounds, after it was found by the the Financial Services Authority (FSA) to have carelessly handled the data of thousands of customers. Is your company doing enough to keep its customer data confidential?

http://www.sophos.com/blogs/gc/g/2009/07/23/hsbc-fined

Sophos.com

Which is more secure - Internet Explorer or Firefox?

2009-07-20T21:13:00.000-07:00

Guest blogger Chet Wisniewski examines the two giants of the web browsing world, and tries to determine - is one safer than the other?

http://www.sophos.com/blogs/gc/g/2009/07/20/guest-blog-secure

Sophos.com

Erin Andrews peephole video: Hackers exploit interest to spread malware

2009-07-19T21:12:00.000-07:00

Glamorous female sports reporter Erin Andrews has taken legal action to force websites to remove video footage taken without her permission, but that isn't stopping hackers exploiting interest. Beware of visiting pages claiming to contain the footage of Ms Andrews undressing, as they can infect your Mac or PC with malware. Learn more and watch a video demonstrating what happens.

http://www.sophos.com/blogs/gc/g/2009/07/19/erin-andrews

Sophos.com

Opinion: Security is never Microsoft's first priority

2009-07-17T21:10:00.000-07:00

Sophos CTO Richard Jacobs believes that Microsoft's inclusion of XP mode in Windows 7 reveals something very obvious about the operating system giant - it isn't taking security seriously. Learn more in this controversial opinion piece and find out why - without built-in management, XP mode is a security disaster.

http://www.sophos.com/blogs/gc/g/2009/07/17/guest-blog-xp-mode

Sophos.com

Twitter users struck by AddFollowers spam

2009-07-14T21:09:00.000-07:00

In their desperate desire for more followers on Twitter, some users are turning to third party websites to help them. But can you trust these sites with your Twitter username and password? Find out more in this video.

http://www.sophos.com/blogs/gc/g/2009/07/14/addfollowers-spam

Sophos.com

Alert: Zero day vulnerability in Microsoft Office Web Components

2009-07-13T21:07:00.000-07:00

Microsoft says it has seen a limited number of attacks exploiting a serious vulnerability in software which allows you to embed spreadsheet content on a webpage. The flaw leaves unsuspecting computer users potentially wide open to hackers installing malicious code. Although Microsoft has not yet issued a patch, there is a workaround to defend your PCs. Find out more now.

http://www.sophos.com/blogs/gc/g/2009/07/13/day-vulnerability

Sophos.com

Congressman urges USA to launch cyber attack against USA

2009-07-13T21:05:00.000-07:00

Sophos experts believe it's dangerous to jump to conclusions without checking all the facts, and that's certainly true in the case of US politician Pete Hoekstra. He's pointing the finger at North Korea for recent denial-of-service attacks, and believes that America should respond in kind. But is there any evidence of North Korea's involvement?

http://www.sophos.com/blogs/gc/g/2009/07/13/republican-urges-obama

Sophos.com

Twitter warns users of Koobface worm

2009-07-10T21:02:00.000-07:00

The Koobface worm has been spreading for some time on sites like Facebook, MySpace and Bebo - but now it's causing problems for Twitter user too. Make sure your computer is protected, or risk being disconnected from the social networking site.

http://www.sophos.com/blogs/gc/g/2009/07/10/twitter-warns-users

Sophos.com

South Korean arrested for denial-of-service attack

2009-07-10T20:55:00.000-07:00

Although security headlines have focused on whether or not North Korea is behind a series of DDoS attacks, a South Korean man has been arrested in connection with an unconnected attack which paralysed one of his own government's websites. Learn more in this report from Graham Cluley's blog.

http://www.sophos.com/blogs/gc/g/2009/07/10/south-korean-arrested

Sophos.com

Critical zero-day vulnerability in Microsoft DirectShow

2009-07-06T19:04:00.000-07:00

A serious flaw has been found in Windows systems, leaving unsuspecting users potentially wide open to drive-by downloads. Although Sophos can prevent the exploit happening on customer's computers, there is no patch yet from Microsoft. Find out more now.

http://www.sophos.com/blogs/gc/g/2009/07/06/zeroday-vulnerability

Sophos.com

Are your workers safe on Facebook?

2009-07-05T19:00:00.000-07:00

The incoming British Secret Service chief found himself in a pickle this weekend, after newspapers reported that his wife had left her Facebook account open for millions of people to view - including family photos and details of the family flat. Learn how your employees can better defend themselves on social networking sites, and check their privacy settings are in order.

http://www.sophos.com/blogs/gc/g/2009/07/05/mi6-chiefs-wife

Sophos.com

Bogus Twitter invites carry dangerous payload

2009-07-02T18:55:00.000-07:00

Hackers are exploiting the name of the blossoming micro-blogging website Twitter in their attempt to infect innocent computer users with malware. Make sure that you are familiar with the latest tricks being used by cybercriminals to attack computers in your company.

http://www.sophos.com/blogs/gc/g/2009/07/02/hacker-invitation

Sophos.com

When is a hack not a hack? When's it Sarah Palin's email account

2009-07-01T10:20:00.000-07:00

The university student accused of hacking into Sarah Palin's email account is arguing in court that accessing the unsuccessful Vice Presidential Candidate's Yahoo account cannot be classified as identity theft. Find out more about the case, and how Palin's email account was compromised.

http://www.sophos.com/blogs/gc/g/2009/07/01/legal-arguments-sarah-palin

Sophos.com

Is Britney Spears dead or has she been Twitter-hacked?

2009-06-29T10:18:00.000-07:00

Tasteless hackers posted a message to Britney Spears's two million followers on Twitter,
saying that the star had died. Experts at Sophos report that a vulnerability in the third
party service TwitPic is likely to be the route by which the hackers were able to plant
their offensive message. Find out more about the attack now.

http://www.sophos.com/blogs/gc/g/2009/06/29/britney-spears-dead-hacked

Sophos.com

Gossip Girl sex tape lure spreads Mac and Windows malware

2009-06-24T10:14:00.000-07:00

The Twitter account of former Apple evangelist and celebrity blogger Guy Kawasaki published a link to a webpage claiming to contain an adult video of TV star Leighton Meester on Tuesday.
However, anyone visiting the page could find themselves infected with a Mac or Windows Trojan
horse. Find out more about how Kawasaki's 140,000 followers were put at risk in our video.

http://www.sophos.com/blogs/gc/g/2009/06/24/leighton

Sophos.com

Was Lindsay Lohan's Twitter account hacked?

2009-06-22T10:12:00.000-07:00

Was she or wasn't she? That's the question being asked about Hollywood celebrity Lindsay Lohan
who says that a Twitter posting about Justin Timberlake did not come from her fair hands, but from a hacker instead. Read more about the incident, and make sure your own passwords are
properly secured.

http://www.sophos.com/blogs/gc/g/2009/06/22/lindsay-lohans-twitter

Sophos.com

So you want a job? Just hand over your passwords.

2009-06-20T10:09:00.000-07:00

The City of Bozeman in Montana found itsel in the media spotlight last week after it was revealed that it had been insisting job seekers must not only reveal if they have accounts with the likes of Facebook, MySpace, Yahoo, Google and YouTube, but must also hand over their user ids and passwords. Discover why that is such a bad idea, and how the city eventually saw sense.

http://www.sophos.com/blogs/gc/g/2009/06/20/job-give-social-networking-passwords

Sophos.com

iPhone OS 3.0 brings 46 security patches

2009-06-18T10:07:00.000-07:00

According to an advisory on Apple's website, iPhone OS 3.0 patches 46 vulnerabilities, including some that could potentially allow hackers to run malicious code on a user's iPhone or iPod Touch if they visited a booby-trapped website or viewed a specially-crafted image file. Find out more and ensure your mobile device is properly protected.

http://www.sophos.com/blogs/gc/g/2009/06/18/apple-update-fixes-46

Sophos.com

Is Friends Reunited taking password security seriously?

2009-06-15T10:03:00.000-07:00

Popular school reunion website Friends Reunited is disappointing some by exposing portions of users' passwords, and make sure your own websites aren't exhibiting similar behavior.

http://www.sophos.com/blogs/gc/g/2009/06/15/friends-password-security

Sophos.com

Firefox and Google Chrome receive fixes for security vulnerabilities

2009-06-12T10:00:00.000-07:00

Google Chrome and Mozilla Firefox have been updated to fix a number of security vulnerabilities which, if exploited, could be used by hackers to run malicious code on your computers. Users of the web browsers are advised to update their systems as soon as possible. Discover more about the threat now.

http://www.sophos.com/blogs/gc/g/2009/06/12/security-updates-chrome-firefox

Sophos.com

Adobe releases its critical security patches

2009-06-10T09:58:00.000-07:00

Adobe has released a fix for 13 different vulnerabilities in its Adobe Reader and Acrobat software, widely used to handle PDF files. It's critical that you patch your software as if a hacker exploited the vulnerabilities they could cause your computer to crash or run malicious code that could take over your system. Read more now.

http://www.sophos.com/blogs/gc/g/2009/06/10/adobe-releases-patch-tuesday

Sophos.com

Video: Twitter goes off the rails with the Twittertrain

2009-06-05T09:49:00.000-07:00

If someone promised they could get you hundreds of new followers on Twitter every day would you believe them? Would you be prepared to hand over your Twitter username and password to them? Find out how an advert for a website called Twittertrain was spammed out from hundreds of innocent Twitter users' accounts, and how you can avoid it happening to you in future.

http://www.sophos.com/blogs/gc/g/2009/06/05/rails-twitter-passwords

Sophos.com

How to make Windows 7 more secure

2009-06-03T03:54:00.000-07:00

Sophos security expert Chester Wisniewski takes an early look at Windows 7's security, and finds it lacking. Find out ways in which Windows 7 could be improved by Microsoft, before it's officially released.

http://www.sophos.com/blogs/gc/g/2009/06/03/guest-blog-windows-7

Sophos.com

9 out of 10 work PCs fail on basic security

2009-06-02T03:51:00.000-07:00

Unpatched and unprotected - that's the story being heard loud and clear following the publishing of research by Sophos into the state of security of PCs at thousands of different companies. Find out which security patches your users are least likely to have in place, and how many people have a firewall - but fatally don't have it properly enabled.

http://www.sophos.com/blogs/gc/g/2009/06/02/ten-work-pcs-fail-basic-security

Sophos.com

UPS malware attack bombards inboxes with dangerous attachment

2009-06-01T03:43:00.000-07:00

In the early hours of June, computer users were deluged with a malicious spam campaign spreading a Trojan horse. The emails, which claim to come from UPS, lure you into opening an attachment believing it to be information about a failed delivery. Discover more, and ensure that you are defended.

http://www.sophos.com/blogs/gc/g/2009/06/01/week-failed-delivery

Sophos.com

Cracked Windows - Microsoft warns of critical flaw

2009-05-29T09:09:00.000-07:00

Microsoft has published a security advisory warning of a critical vulnerability in Microsoft DirectX on older versions of Windows.

The problem is in the way that Microsoft DirectShow handles QuickTime format files - meaning that if a user opened a maliciously crafted QuickTime media file, the hackers could run dangerous code on your computer.

According to Microsoft, all versions of Windows Vista and Windows Server 2008 are not vulnerable but Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are affected.

A proper patch for the problem is not yet available, but the company has issued a workaround that can be used by vulnerable Windows users.

The workaround, which disables QuickTime parsing, involves making changes to the Registry. But if the thought of doing that gives you goosebumps, they've produced a natty automated method that will do it for you. All you need to do is click on a "Fix It" button on their site to run the workaround.

More information about the flaw can be found in Sophos's analysis of the problem.

There's no word yet on when Microsoft will make available a proper fix for this problem, or indeed whether it will be included in their regular scheduled "Patch Tuesday" bundle of patches next month or released as an out-of-bound fix.

But I think it's good that they gave the less geeky users of computers a fairly easy way to implement the workaround, rather than leaving them befuddled by complicated instructions.

Posted on May 29th, 2009 by Graham Cluley, Sophos

Sophos.com

Why Geo-tagged Twittering could be bad for security

2009-05-28T08:57:00.000-07:00

The web is becoming increasing about where you are, not just what you're doing/saying/reading/writing.

For instance, earlier this week I was standing in a horrendously long queue to be admitted into a recording of the BBC TV show QI, hosted by national treasure and well-known Twitter user Stephen Fry.

It became obvious to me pretty early on that there were many more people in the queue than there were likely to be seats in the studio - but there didn't seem to be any official in charge to ask what our chances of being admitted were. So, I went to Twitter and searched for "QI".

I got a number of results - many of them useless - but some of them were from other people in the queue. Now, wouldn't it have been handy if I could only have seen Tweets from people within - say - 400 yards of me?

Well, if rumoured forthcoming changes coming to Twitter are true then that may soon be possible. At a conference earlier this week, Twitter API guru Alex Payne told attendees that one of the new features that the micro-blogging site might introduce shortly is sharing of your geographic location at the point of your tweeting.

Yuck! I'm not sure I like that.

There's little enough privacy in the way many people are using Twitter right now, without also providing complete strangers with precise details of where you are.

Yes, I can see why marketroids and developers might love to be able to work out where people are at a particular time, in order to advertise to them more precisely or provide location-specific services, but I can also imagine many circumstances when I would want to keep my precise position completely private.

And let's not forget the Twitter celebrities like Ashton Kutcher, Ellen DeGeneres, Oprah Winfrey, Ryan Seacrest have over a million followers. There are bound to be a few bad apples in that bunch who may have a less than healthy interest in the precise coffee bar where their favourite star is currently having a Skinny Caffe Latte.

Just ask Yoko Ono (46,137 followers and counting) about the dangers of obsessed fans.

I'm no celebrity, but I don't want people to know where I am. If nothing else, information like that could be valuable for burglars who want to know when is the best time to raid my house.

So, here's my message to Twitter. Please don't turn on geo-tagging by default. Force people to make a conscious decision that they want their Tweets to reveal where they are at the time they Tweeted.

Otherwise, I think you can expect an almighty backlash.

(By the way, as it was, I didn't get to see QI. It turned out I was about 10 minutes too late joining the queue. Instead I went to see Star Trek. It was pretty good for what it was - but I will always be a Doctor Who fan at heart).

Posted on May 28th, 2009 by Graham Cluley, Sophos

Sophos.com

How to control a Blackberry Enterprise Server with just a PDF

2009-05-27T08:54:00.000-07:00

Sorry, I'm not actually going to tell you how to do that.

But Research In Motion (RIM), the company who make the BlackBerry smartphones beloved by corporate workers worldwide, has warned of a vulnerability in the way its devices handles PDF files which could allow hackers to remotely execute code.

According to a security advisory issued by the firm, hackers could send email message with an attached PDF file that, when opened by a BlackBerry mobile user, could cause code to be launched on the computer that hosts the BlackBerry Attachment Service. Of course, this isn't the first time that this kind of problem with RIM's BlackBerry has bubbled up.

RIM is advising that companies disable PDF file processing on the BlackBerry server until the patches are rolled out.

As we've reported umpteen times before, hackers are increasingly exploiting the PDF file format to deliver malicious code to unsuspecting computer users.

As PDFs are so widely used and shared in business, most people wouldn't think twice of clicking on them, making it imperative that corporations keep their security patches and anti-malware defences up-to-date.

Posted on May 27th, 2009 by Graham Cluley, Sophos

Sophos.com

NHS accused of "cavalier attitude" after data security leaks

2009-05-26T08:53:00.000-07:00

The British National Health Service (NHS) has been accused of losing almost as much personal data in the first three months of this year, as the entire private sector.

With over 140 security breaches by the NHS logged by the Information Commissioner since January, outranking all local and central government data losses combined, it has been confirmed as the public sector's main loser of personal data.

Richard Thomas, the Information Commissioner, and assistant commissioner Mick Gorrill told the Independent newspaper that NHS workers were demonstrating a "cavalier attitude" and that "there is a complete disconnect between the procedures laid down by managers and what happens on the ground. We need a complete audit to try to change the culture."

Here are some of the security breaches that rang alarm bells at the Information Commissioner's Office:

A GP downloaded sensitive details of 10,000 patients to an insecure laptop. The laptop was stolen and still remains missing.
Old NHS computers containing the medical notes, names and addresses 2,500 people, which were stolen from a skip.
A lost memory stick containing medical details of over 6,000 prisoners was encrypted and password-protected, but sadly the password was written on a note attached to the device.

One of the challenges facing the NHS is that it's the largest employer in Europe (in fact, apart from the Chinese Army and the Indian Railway system it's probably the biggest in the world), and trying to ensure that all staff treat data securely and sensibly is always going to be a challenge.

That's why it's essential that full disk encryption becomes a norm inside organisations that are handling sensitive data, such as patient records. Accidents like lost laptops will continue to happen - but something can be done to ensure that any data lost is gobbledygook that will be useless even if it does fall into the wrong hands.

Alongside encryption, organisations need to centrally monitor compliance with internal policies and external regulations through comprehensive logging and reporting.

Other organisations would be wise not to sit smugly and smirk at the NHS's misfortune. These are problems that more and more companies are going to be facing sooner rather than later.

Posted on May 26th, 2009 by Graham Cluley, Sophos

Sophos.com

Fear of blackmail after RAF loses sensitive personal data

2009-05-25T09:17:00.000-07:00

Highly personal information about senior officers of the Royal Air Force (RAF) - including details of extra-marital affairs, debt, drug abuse, and the use of prostitutes - is alleged to be amongst the data lost from a base in Innsworth, Gloucestershire.

When I originally reported on the stolen USB drives last September, it was suggested that the information stolen had been names, service numbers, addresses and dates of birth.

Now it seems secrets of a much more sensitive nature were also lost.

Why does the RAF have such information? Because before staff are allowed access to highly sensitive information they are put through a gruelling vetting procedure - to see if they have any skeletons in their cupboards which others may use for blackmail purposes.

A former serving officer in the RAF, who uncovered the memo after reportedly worrying about his own data being lost told the BBC, "They'd ask you questions such as: is there anything unusual about your sex life? Have you had affairs? Used prostitutes? That sort of thing. If the information got into the wrong hands then it could leave people wide open."

An internal email from an unnamed wing commander, seen by the media, says that the lost data "provides excellent material for Foreign Intelligence Services, investigative journalists and blackmailers".

The fact that the RAF did not reveal that vetting data had also been lost has lead some to suggest a cover-up has occurred to save the force's embarrassment. For its part, the RAF is keen to stress that there is no indication that the data has fallen into hostile hands.

Of course, this would probably hardly be a story if the RAF had taken the sensible step in the first place of ensuring that this information was properly and securely encrypted - thus making the lost drives as useful to potential blackmailers as handlebars on a surfboard.

Posted on May 25th, 2009 by Graham Cluley, Sophos

Sophos.com

Acai Berry spammers hack Twitter accounts to spread adverts

2009-05-24T09:15:00.000-07:00

Hundreds of innocent user's accounts on the Twitter micro-blogging service appear to have been hacked by spammers.

A typical message posted on the compromised accounts will say something similar to the following:

Howdy my friend! I just lost 13 pounds in 12 days. It only costs me $5. Take a look at this: http://[random].cn

If you do click on the link you get taken to a website with a .cn tld (top level domain) like the following:

Some victims of this latest Twitter hack attack are noticing that their account is sending Acai Berry spam, however. Take this example, for instance, where the user has apologised for the security breach on his account:

The question is - how have these accounts on Twitter been hacked? At the moment, that's not clear. But what is evident is that users need to take more care with their Twitter passwords.

If your account on Twitter has been compromised, make sure you change your password to a non-dictionary word - and be sure to also change any other online accounts where you might be using the same password. Far too many people use the same passwords on multiple sites, which obviously increases your chances of becoming hacked.

Posted on May 24th, 2009 by Graham Cluley, Sophos

Sophos.com

Podcast: Defeating hackers is hard

2009-05-22T03:13:00.000-07:00

When I was at the RSA show in San Francisco last month I had the opportunity to spend a little time with Robert Westervelt, news editor at SearchSecurity.com.

Below you'll find a podcast we recorded where Rob lets me ramble on about the anti-virus industry, the threat landscape, the Conficker worm and why it's a struggle to bring international cybercriminal gangs to justice.

Rob had a cameraman with him, but I haven't seen the video of our conversation yet. If it does show up, I'll try and embed it here on the website too.

Posted on May 22nd, 2009 by Graham Cluley, Sophos

Sophos.com

Beware tvviter.com - video of a live Twitter phishing attack

2009-05-21T03:09:00.000-07:00

I got an email this morning saying that someone called "3XNJTVJG0SYIKDH (NinaOchoa)" was following my updates on Twitter.

That's rather an odd name, I thought, and investigated further.

Turns out that 3XNJTVJG0SYIKDH (lets call her 3XNJTV for short) was already following nearly 400 people on Twitter, but had only ever posted one update:

check this guy out [followed by a tinyurl address]

Fortunately, I use LongUrl. I've blogged about LongUrl before, but in a nutshell it's a cool add-on for Firefox which converts short urls - like those often used on Twitter - into into their true much longer form.

And I was able to see that 3XNJTV (okay, lets call her "Nina"), was trying to point me towards a website called tvviter.com.

Did you read that right? tvviter.com (Double V, not W)

Yup, it's not the real Twitter site.

But if you do make the mistake of clicking on the link you will be taken to a bogus website which is pretending to be Twitter, and hopes to fall you into handing over your username and password (which could lead ultimately to some painful identity fraud, as well as your account being used for the purposes of spam or spreading malware).

At the time of writing the user and the website are still live - I wouldn't recommend visiting either.
And further analysis suggests that there are many other bogus Twitter users out there telling you to "check this out" and pointing to the same TinyURL link this morning.

Be careful out there.

Posted on May 21st, 2009 by Graham Cluley, Sophos

Sophos.com

Bad news - it's child's play for anyone to recover your deleted Twitterings

2009-05-19T09:27:00.000-07:00

Following last night's discussion about British TV celebrity Jonathan Ross accidentally revealing his personal email address on Twitter (and how, despite his attempts to delete the Tweet, it's still available for anyone to read) I've found about an online service which makes it even easier to find those Tweets that all of us would like to retract.

Tweleted is a simple website that allows you to enter anybody's Twitter name and it will then uncover their "deleted" Tweets by comparing the individual's Twitter history to the results from Twitter Search.

The outcome? Anyone can easily find out all they would ever want to know about your deleted Tweets.

The only good news is that it appears it only searches back in the last 1000 of your messages or so, but that'll be scant relief for those who've accidentally pressed a little prematurely.

As I said in the earlier video Twitter really needs to get this problem fixed. Twitter users expect their Tweets to be deleted when they press the delete button, not for strangers to be able to uncover them at will.

At the moment, all Twitter can suggest if you want to really remove a public Tweet you made in error from their search results is that you contact them.

Shouldn't it be simpler than that?

Deleted should always mean deleted, and nothing less.

Posted on May 19th, 2009 by Graham Cluley, Sophos

Sophos.com

BBC film of remote Trojan horse attack

2009-05-18T09:22:00.000-07:00

A couple of months ago, the BBC broadcast a film that many people believe showed them breaking the law, by accessing the computers of unsuspecting members of the public without their permission in order to demonstrate how easy it was to send spam.

There was a right royal stink about it.

I must admit that I was disheartened with the way the BBC behaved (as I felt it was completely unnecessary to break the law in order to demonstrate the problem of botnets), and felt even more let-down when they censored me from making my views heard!

Anyway, today the BBC has published another movie - again with assistance from Jacques Erasmus of PrevX.

It's a short and basic video, and doesn't demonstrate anything that anyone who hasn't been following IT security for the last few years doesn't already know. But this time they seem to have gone out of their way to make it clear that they did have the permission from the owner to access the PC.

It's good to see that they seem to have learnt something from the earlier furore.

Posted on May 18th, 2009 by Graham Cluley, Sophos

Sophos.com

Guest blog: Security = safety? Sounds risky!

2009-05-15T09:19:00.000-07:00

Graham Lee, is not only a near namesake of mine, but also a senior Mac software engineer at Sophos and the author of "Ten tips to secure Apple Mac laptops". Over to you Graham...

Earlier this week, Dennis Fisher wrote a column for ThreatPost declaring that Snow Leopard security is all relative, which Jon Gruber linked to with a discussion on Daring Fireball, called the difference between security and safety.

I wanted to address both, but realised I was in danger of rambling - so I have decided just to look at Gruber's post.

One thing which annoys me, and which I addressed in my talk to NSConference in April, is this idea that security means something different in the online world than the real world.

No, it doesn't.

If we try to claim that words have different meanings when used about computers then all we end up doing is confusing people. Do any of the keys you lock your doors with have a piece you give away freely to other people? No? Then why do we have public keys in asymmetric encryption?

Anyway, in the Daring Fireball post, we see "Security is about technical measures, like the strength of the locks on your doors and windows."

Those are security measures. Security is being (or feeling) free from threat, both in the real world and online. I saw a definition of security as a state where "things which should happen, do, and things which shouldn't happen, don't" and to me that seems like a good meaning. Notice too that it isn't a technosphere-only definition.

So why has Gruber taken a narrower view?

Maybe he wanted to avoid the "Macs are more secure" canard by giving "the likelihood that you’ll
actually suffer from some sort of attack" another name; safety. So it doesn't matter whether Macs are more secure or not, says he, they're more safe and that's what people are after.

Well, it isn't; it's (along with the cost of such an attack) risk. Safety is the state of not suffering or causing harm.

But even ignoring the lexical games, risks are like stock prices - previous performance isn't always a good indicator of future behaviour. When CISOs write security policies they consider (or at least they should consider) what looks likely to happen - or expensive if it were to happen, or both - in the future. Relying too much on previous personal experiences is a known effect, though. It's a form of the availability heuristic.

Just as people who've never been burgled tend to consider the likelihood of being burgled in the future to be lower than those who have, could it be that the Mac users who've never knowingly experienced a malware attack have an artificially low opinion of the future likelihood?

What we really know is that Macs have a lower historical frequency of being targets of malware attacks.

Risks are also like shares in that there are many of them, and they all perform differently.

In fact, going back to the burglaries, many burglars get in through an unlocked window or door - the real-life analogy to having a guessable or empty password.

That's going to let people in, malware or no malware.

Posted on May 15th, 2009 by Graham Lee, Sophos

Sophos.com

Malicious JSRedir-R script found to be biggest malware threat on the web

2009-05-14T09:43:00.000-07:00

Research done by experts in SophosLabs has revealed that a new web-based threat has blown all previous web-based malware out of the water, being found six times more often than its nearest rival.

Troj/JSRedir-R accounts for some 42% of all malicious infections found on websites in the last seven days, massively overshadowing its nearest rival - Mal/Iframe-F - at 7%.

Typically, JSRedir-R is found on legitimate websites, hidden behind obfuscated JavaScript, loading malicious content from third-party sites without the user's knowledge. In the below case, the obfuscated script tries to download dangerous code from a site called gumblar.cn.

High traffic websites which have been hit by the attack include the highly unpleasant 2 Girls 1 Cup viral video site (I've never been there, but its Wikipedia entry tells me that I probably would never want to, and neither should you), as reported by SophosLabs at the beginning of the month.

For JSRedir-R to have overtaken the previously seemingly unbeatable Mal/Iframe-F in the web malware charts is quite an event. Users of Sophos security solutions, including our web appliance, are already protected against this threat - but if you use another vendor's product make sure that you are updated and protecting against JSRedir-R before it drags malicious code onto your desktops.

In addition, if you run a website make sure it is properly hardened to prevent hackers from injecting their malicious code into your pages, or you could be passing an unpleasant pox onto your visitors.

No-one should be in any doubt that the web is the primary vector by which hackers are trying to infect computers today. Our most recent security threat report revealed that we see a new infected webpage every 4.5 seconds - that's three times more than the rate in 2007 - and it doesn't look like things are getting any better.

Update: Read the blog entry from Paul Baccas of Sophos to read more about how this malware is being planted, and how to clean-up your website afterwards.

Posted on May 14th, 2009 by Graham Cluley, Sophos

Sophos.com

Alarm raised over Adobe PDF zero-day vulnerability

2009-04-29T09:37:00.000-07:00

If you are one of the world's many users of Adobe's Acrobat PDF Reader software then there's good reason to prick up your ears and listen today, as details emerge of a critical zero-day vulnerability in the software that could allow hackers to run malicious code on computers.

According to a warning from the security response team at Adobe, a serious vulnerability in all currently supported versions of Adobe Reader and Acrobat ((Adobe Reader and Acrobat 9.1, 8.1.4, and 7.1.1 and earlier versions) are affected by the flaw.

The vulnerability, which is not limited to Windows users but also affects Mac and Unix users, means that Adobe users are being advised to disable JavaScript in Adobe Reader and Acrobat until a proper fix is available.

Adobe advises that JavaScript can be disabled by following these instructions:

1. Launch Acrobat or Adobe Reader.
2. Select Edit/Preferences
3. Select the JavaScript Category
4. Uncheck the ‘Enable Acrobat JavaScript’ option
5. Click OK

Of course, this is far from the first time that critical vulnerabilities have been found in Adobe's software, and there is growing concern that the vendor's dominant market share of the PDF reader market is proving extremely attractive for hackers hellbent on infecting as many PCs as possible.

As we predicted in the Sophos 2009 Security Threat Report, hackers are increasingly looking at commonly used browser plugins like Adobe Flash and PDF in their attempts to infect innocent computer users.

In the past I've suggested that computer users may want to use FoxIt, an alternative to Adobe PDF Reader. However, on reflection, I think that advice wasn't that great because if everyone switched en masse to the same alternative to Adobe Reader we'd all be in the same pickle again.

A world of everyone using the same software as everyone else is never healthy for security.

Instead, make your own choice of which PDF reader to use. You can find a helpful list of some suggestions at http://pdfreaders.org/

Posted on April 29th, 2009 by Graham Cluley, Sophos

Sophos.com

Ever been spammed on a social network?

2009-04-28T09:35:00.000-07:00

How about received a phishing message? Or sent a malicious link?

It seems occurrences of cybercrime on social networking sites like Twitter and Facebook are becoming more and more commonplace. Today, we've published some research looking into just how common it is to be hit, and how companies are trying to control access to the various Web 2.0 sites.

Our survey quizzed over 700 security professionals - I wonder how much higher the percentages would have been if we had also asked teenagers who typically spend longer on these kinds of sites.

Posted on April 28th, 2009 by Graham Cluley, Sophos

Sophos.com

Guest blog: Canadian anti-spam laws take an important step forward

2009-04-27T09:31:00.000-07:00

Guest blogger Michael Argast, director of global sales engineering at Sophos, discusses changes in anti-spam legislation in his home country of Canada. Over to you Michael..

The Conservative government in Canada last week introduced the Electronic Commerce Protection Act to help cull sources of spam and other malicious activity from within Canadian borders.

Although it was introduced as "the Government of Canada protecting Canadians" those of us in the industry recognize that this is a global problem, and the amount of spam and other malicious stuff ending up on Canadian's computers will not likely be significantly impacted as a result.

Our latest threat report had Canadian sources of spam being only 1.1% of the global total, and of course most of that will be from compromised machines forming parts of a botnet.

However, I do think this is a positive step for Canada as a "good neighbour" in the global community. We have seen a lot of previously US-based spam operations move to Canada due to a lack of this type of legislation – hopefully those same people will find it more inconvenient to move further overseas and cease operations.

Another nice thing about this legislation are specific prohibitions on installation of non-desired software such as spyware, keyloggers, adware, etc, during commercial operations.

So, while this is an important step forward, ultimately the spam and malware problem requires a global response.

The person breaking into your house to steal your flatscreen TV likely lives in your community. The one sending you malware via a spam campaign likely lives in Russia, breaks into a site in the US to get you to into the threat tree, delivers the code off a compromised machine in Brazil and fires the spam off a botnet with compromised machines in Canada, China and South Africa. He then sells your credit card number or identity to a mule in your neighbourhood, who may not even be aware they’re part of a global operation.

This sort of problem requires a global response, and the Electronic Commerce Protection Act is a good local step in a global effort.

Posted on April 27th, 2009 by Michael Argast, Sophos

Sophos.com

Salma Hayek's email account is hacked

2009-04-25T09:19:00.000-07:00

Acording to reports, Hollywood actress Salma Hayek has fallen victim to hackers, who have broken into her email account and released images of her private communications.

The actress, remembered equally well for her Oscar-nominated role in the biopic of Frida Kahlo as her erotic snake-dancing performance in "From Dusk Till Dawn", had her MobileMe account hacked after hackers reset her account password by correctly entering her date or birth and guessing her secret question (reportedly the name of her most famous film role).

As a result, the world knows details of what iPhone applications Salma Hayek has download from the Apple iTunes Store, when she has arranged to have her Japanese face massage, and that her billionaire French husband François-Henri Pinault pays her bills.

Of course, it's worth remembering that Salma Hayek is the victim of a crime.

Maybe she did choose to protect her online email account with weak security that anyone with access to Wikipedia could probably bypass, but breaking into her MobileMe account is still an offence.

The public should take this as a warning to be very careful about what "secret answers" they choose in case they need to ever reset their passwords. Too many people when they are asked "What was your mother's maiden name?" or "Tell us the name of your favourite pet" choose to answer honestly with information that is a matter of public record, or can be found out by visiting their Facebook profile.

My advice is if you're asked to tell website what your mother's name is, answer something memorable that no-one else will be able to guess, like "Xena Warrior Princess" or "Artichoke Sandwich".

By the way, Salma Hayek isn't the first figure in the public eye to have her email hacked. Watch this video: "Paris Hilton & Sarah Palin - what's the connection?".

Posted on April 25th, 2009 by Graham Cluley, Sophos

Sophos.com

New Zealand websites hijacked

2009-04-23T09:14:00.000-07:00

Turkish hackers have managed to break into New Zealand domain registrar Domainz.net, redirecting unsuspecting surfers to defaced versions of popular websites by changing DNS records.

Websites such as www.hsbc.co.nz, www.sony.co.nz, coca-cola.co.nz, www.xerox.co.nz, www.msn.co.nz, www.microsoft.co.nz and hotmail.co.nz as well as security vendors www.f-secure.co.nz and www.bitdefender.co.nz had their traffic redirected to third party servers containing a defaced page after hackes took advantage of a SQL Injection attack.

In the case of the Microsoft site, the usual webpage was replaced with an image of Bill Gates being on the receiving end of a custard pie. (Funnily enough, this isn't the first time the image has been used by hackers.)

The hackers responsible for the attack are believed to members of the Turkish "Peace Crew" defacement gang.

You can't help but feel sorry for the innocent companies affected by this attack. It's not as though they did anything wrong in terms of security - the attack was against the domain registrar looking after their internet records. Rival domain registrars would be wise not to feel too smug at Domainz.net's misfortune, but asking themselves urgently if they might be vulnerable to similar attacks.

Posted on April 23rd, 2009 by Graham Cluley, Sophos

Sophos.com

RBS, Rapport and OITC anti-virus test results

2009-04-22T09:41:00.000-07:00

An email from a customer today brought my attention to some anti-virus test results that have been published on the website of RBS (Royal Bank of Scotland).

At first glance, the test results look quite bad for Sophos (and even worse for Symantec and McAfee).

But if you dig a little deeper into the methodology used by OITC to come up with the results - published by RBS on their page promoting a security add-on called Rapport - then you actually find that the methodology is flawed, and that these test scores are about as useful as a chocolate teapot.

As Stuart Taylor describes in a post on the SophosLabs blog, OITC's methodology actually penalises the likes of Sophos for their ability to proactively detect brand new malware using (in our case) behavioral genotype protection. That's because they exclude from their tests any piece of malware which they find 25% or more of security products already detect.

That's bonkers. (They did this I presume in the mistaken hope of determining if a piece of malware was new or not, but in the process penalised products which proactively detected it).

Furthermore, these results don't give any allowance for layers of protection such as run-time suspicious activity or buffer overflow detection, both of which would be defending customers in the real world.

My advice? Check out the independent comparative tests from the likes of AV-Test, AV-Comparatives and Virus Bulletin. They may not always put Sophos top of the class for virus detection, but I sure trust their testing methodology more than OITC.

I hope in the future RBS might link to some of those tests for a more helpful indicator of the performance of anti-virus products in the future.

Posted on April 22nd, 2009 by Graham Cluley, Sophos

Sophos.com

Twitter users swamped by TheSmartECard messages

2009-04-20T09:22:00.000-07:00

It seems that Twitter is becoming a major new playground for spammers and malware authors keen to target social networking users. Today we are seeing a new series of messages being posted to the streams of hundreds of unsuspecting Twitterers:

You'll like this one! Check out www.TheSmartEcard.com

and

Retweet: You'll love this one! Check out www.TheSmartEcard.com

Note that the "retweet" isn't really a retweet as it says "love" whereas all the original messages seen so far say "like".

Twitter's security department have described the problem as a "scam/phishing site" rather than a virus problem.

Hopefully it should be obvious from the website's opening page of legalese banning staff from Twitter, MySpace, Facebook, Microsoft and Google, that something odd is afoot - even before it starts to quiz you for personal information. But if not, let me just say that visiting the website is not recommended.

Anyone who has passed on their credentials to a third party website like TheSmartECard would be wise to change their passwords at the earliest opportunity.

Posted on April 20th, 2009 by Graham Cluley, Sophos

Sophos.com

New Mikeyy worm makes jokes at Twitter's expense

2009-04-18T09:20:00.000-07:00

Another day, another Twitter worm. After yesterday's attack referencing the likes of Ashton Kutcher and Oprah Winfrey we are now seeing many Twitter users spreading messages on behalf of a new version of the Mikeyy worm, this time their common denominator is that they're all jokes including the (somewhat bizarre) word "womp".

Here are some of the messages that are being sent from compromised accounts on Twitter right now:

Ninety-nine percent of all lawyers give the rest a bad name. Womp. mikeyy. If your father is a poor man, it is your fate, but if your father-in-law is a poor man, it's your stupidity. Womp. mikeyy. If you are born ugly blame your parents, if you died ugly blame your doctor. Womp. mikeyy. Money is not the only thing, it's everything. Womp. mikeyy. Every man should marry. After all, happiness is not the only thing in life. Womp. mikeyy. Success is a relative term. It brings so many relatives. Womp. mikeyy. Be nice to your kids. They'll choose your nursing home. Womp. mikeyy. 'Your future depends on your dreams', So go to sleep. Womp. mikeyy.

Once again, Twitter is left looking amateurish in its response as it clearly hasn't properly hardened its systems from these kind of cross-site scripting attacks. Until they get their act together, users need to remember to turn off scripting (the combination of Firefox and NoScript is a good one) if viewing users' profiles.

One thing's for sure, this just isn't funny.

Posted on April 18th, 2009 by Graham Cluley, Sophos

Sophos.com

Firm hires Twitter worm author Mikeyy Mooney

2009-04-17T09:17:00.000-07:00

Mikeyy Mooney, the 17-year old hacker who caused mayhem on Twitter with a series of worms on the micro-blogging website last weekend, has been rewarded with a job in web applications development according to media reports.

Frankly, the news that exqSoft Solutions has approached and hired Mikeyy Mooney, the teenager behind the StalkDaily and Mikeyy worm attacks, has really got my goat.

What did Mikeyy actually achieve with his worms? Okay, so he proved that there was a problem with Twitter. But the other thing he showed was that was irresponsible.

If you find a flaw in a piece of software or website, you don't write a worm to exploit it impacting thousands of innocent users. Instead, you should act responsibly and inform the affected company instead, and work with them to get the problem fixed.

Mikeyy Mooney may be skilled in some areas of computing, but there are many other talented people out there who have never shown such a disregard for established and accepted ways of reporting security flaws, and haven't shown such questionable judgement.

Mikeyy could have gained so much kudos, and proven that he was a responsible security researcher if he had acted more maturely.

Travis Rowland, the CEO and founder of exqSoft Solutions (by the way, I really have a problem with firms who insist on spelling their name with a lower case letter.. what's up with that?) had previously posted a public message to Twitter founder Biz Stone, asking that legal action should not be taken against the young hacker:

Judging by other messages posted by Rowland, his hiring of Mikeyy Mooney is being used at the moment as a publicity stunt, and has got it some cheap exposure in the press:

But lets think about this. ExqSoft Solutions are in effect encouraging other youngsters to behave like irresponsible idiots. The last thing we want is a wave of other kids exploiting software and websites, in the hope that they might be rewarded with a job offer.

Thanks for nothing ExqSoft Solutions.

Do you think the firm was right to hire Twitter worm author Mikeyy Mooney?

Yes
No

View Results

Do you think the firm was right to hire Twitter worm author Mikeyy Mooney? ( online polls)

Of course, Mikeyy Mooney isn't the first malware author to be offered a job after publicising their "skills" with an attack.

For instance, the author of the Anna Kournikova worm was told by his town's mayor that he would be welcome to work on their systems, the notorious teenager behind the Sasser and Network worms was hired by a security firm, and the creator of a Chinese worm which displayed pictures of pandas burning incense was offered a job by one of his victims.

* Image source: wonderferret's Flickr photostream (Creative Commons)

Posted on April 17th, 2009 by Graham Cluley, Sophos

Sophos.com

Beware of PowerPoint boobies traps

2009-04-14T09:15:00.000-07:00

In just a few hours time Microsoft will be releasing its regular month "Patch Tuesday" bundle of security fixes - this month including patches for critical vulnerabilities in the likes of Internet Explorer and Microsoft Excel.

But according to the advance bulletin the software giant issued on Friday, there is no sign of a Microsoft fix for a PowerPoint zero day vulnerability that is being actively exploited in the wild.

As revealed earlier this month, hackers are crafting booby-trapped PowerPoint files that, when opened on a victim's computer, run malicious code without authorisation.

Once a PC has been infected by malware like a backdoor Trojan horse, hackers can gain access to the computer to steal information, to plant further malicious software, or to launch spam and denial-of-service attacks.

As is errmm.. illustrated on the blog of our friends at CA, hackers aren't afraid to use images of Asian women bathing to lure into opening their "booby-trapped" PowerPoint files.

Of course, no-one wants Microsoft to rush out a fix for a newly discovered vulnerability without proper testing, but the question remains on when will people receive an official fix for the PowerPoint problem? Will they have to wait until the next Patch Tuesday, which isn't until 12th May? Or will it be determined that the problem is serious enough that a special out-of-bound release should be issued?

While we're waiting, please be sure to patch your systems with the vulnerability fixes that Microsoft has released. If Microsoft thinks they're serious enough to publicise, they're important enough for you to protect against.

Posted on April 14th, 2009 by Graham Cluley, Sophos

Sophos.com

More Mikeyy worm madness on Twitter

2009-04-13T09:13:00.000-07:00

What on earth is going on at Twitter?

That's the question that many people will be asking after the Easter break, following a wave of cross-site scripting worms that hit the micro-blogging site. After each attack Twitter said that it had resolved the problem, only for hackers to return hours later with another attack effectively rubbing Twitter's nose in it.

The latest cross-site scripting worm we've seen on Twitter urges the website to hire Mikeyy Mooney, the suspected author of at least the earlier attacks and give a phone number. Journalists who have spoken to 17-year-old Mooney have confirmed to Sophos that the phone number used in the latest worm messages is genuine.

We've chosen to obscure the phone number, although it is trivial for anyone to discover it if they search on the Twitter site for archived messages. If Mooney is responsible for the worms that have troubled Twitter and its many users today then the correct course of action is for the authorities to investigate - not for the internet community to take the law into its own hands.

Of course, it's understandable that some may feel very aggrieved by a worm messing with their Twitter profile settings but it's up to Twitter to decide if it wants to make a complaint to the police.

But the worm suggesting that Mikeyy could help Twitter out with its security problems wasn't the end of it.

Yet another cross-site scripting worm hit Twitter, pretending to be a link to removal instructions for the earlier attacks. Unfortunately, if you clicked on the bit.ly link you were redirected to an infected Twitter profile page, which - yes, you guessed it - would infect your profile too and continue the spread of the worm.

What's most alarming to me though is that it seems Twitter was caught with its pants down in the aftermath of all of these attacks. To be hit by one cross-site scripting worm may be regarded as a misfortune, to be struck three or four times over a weekend looks like carelessness.

Posted on April 13th, 2009 by Graham Cluley, Sophos

Sophos.com

StalkDaily - Twitter users warn each other of worm attack

2009-04-12T09:10:00.000-07:00

Thousands of Twitter users are warning each other about what appears to be a fast-moving attack affecting the system.

Affected Twitter profiles appear to be directing unsuspecting users to the website stalkdaily.com. (Please do not visit this site)

Curiously, a lot of Twitter users appear to be posting status updates all containing phrases such as :

Dude, www.StalkDaily.com is awesome. What's the fuss?

and

Virus!? What? www.StalkDaily.com is legit!

That last one is particularly sneaky, as it appears to try and discredit the genuine warnings that have been spreading through the micro-blogging site.

Ironically, some Twitter users have compounded the problem by posting warning messages about the StalkDaily website on the network, giving a live link to the suspicious website in the process.

Twitter has responded by shutting down the @StalkDaily profile, claiming it has shown suspicious activity, and has reset passwords of Twitter users who it believes have been hit.

If you believe you may have been affected by this latest attack, don't just change your Twitter password - make sure you change your credentials on any other site where you may have been using the same password.

Of course, this isn't the first time that Twitter users have suffered an attack. Last month, fans of the popular micro-blogging site, were barraged with messages being sent from compromised accounts trying to drive traffic to a pornographic website called ChatWebCamFree.

We'll post more information as it becomes available. Obviously, in the meantime, it would be wise not to click on any links directing you to StalkDaily.com.

StalkDaily update

Some more information is beginning to emerge about the attack.

The hackers behind the attack planted an additional script into users' profiles alongside the StalkDaily link, meaning that you could become infected just by viewing an infected users' details.

You can read more about this in this blog entry by Damon Cortesi.

For their part, Twitter has confirmed that what occurred was a cross-site scripting (XSS) attack, spreading links across the system without users' consent. The site has reassured users that they have taken steps to close the holes that allowed the worm to spread, and that "no passwords, phone numbers, or other sensitive information were compromised" as part of the attack.

In the latest development it is being reported that a 17-year-old man called Mikeyy Mooney has claimed responsibility for the attack.

Although StalkDaily originally denied any involvement in the attack with a statement on their website, this was later replaced with an admission that a newspaper interview with worm creator Mikeyy Mooney was genuine.

Posted on April 12th, 2009 by Graham Cluley, Sophos

Sophos.com

Bogus lottery letter ring busted by UK police

2009-04-11T09:08:00.000-07:00

Normally this blog focuses on computer-related threats, but postal lottery scams are a menace that are particularly worth considering if you have elderly or vulnerable family members.

Although many of us are all too accustomed to receiving their email-based cousins on a regular basis, I was driven to think of lottery scams arriving via the regular post after reading the news that police have recovered more than half a million pounds after raiding a house in the UK county of Somerset.

Scammers were in line to earn over £35 million a year if their scam operation had not been busted, according to officers at the Serious Organised Crime Agency (Soca). Payments worth over half a million pounds were recovered and are being returned to 22,000 people who fell for a fake lottery winning notification sent via the regular mail.

You may think that the people who fell for their scam were idiots and deserved to lose money, but I think it's more likely that many of them are elderly and vulnerable. Ask yourself this, how would you feel if it was your ageing grandfather who was conned in this way?

Computer software can't help fight against scammers fleecing the vulnerable when it's not happening via the net. As I've discussed before, we all need to play our part in protecting those around us who might be most at risk of being conned.

By the way, according to BBC News, the masterminds behind this particular scheme are said by Soca to be overseas and beyond the jurisdiction of the UK authorities. Who knows which country they will target next.

Posted on April 11th, 2009 by Graham Cluley, Sophos

Sophos.com