Web applications are the new vulnerability to cybercrime
Common web applications include webmail, online retail sales, online auctions, social networks, wikis as well as many other functions. I recently…
Featured Stories
Sourceforge CCA ’09: watch the video!
Yesterday Sourceforge announced the finalists for Community Choice Awards 2009. We are glad to let you know that ClamAV was among the 10 projects that collected more nominations in the Best tool for sysadmin category! We really appreciate your support and we are happy that you find our project useful. It’s now time to select [...]
25 February 2011
Worm-Able PDF Clarification
I have received several email questions and explanation requests regarding my blog post “Are PDFs Worm-Able” and the proof of concept video within the post. Instead of repeating a post I wrote over on my company’s blog I figured I would just link to it from here: Implications of Recent PDF /Launch Hacks. In the [...]
25 February 2011
Windows Optimal Tool Adware Removal Instructions
The Emsisoft malware research team has discovered a new outbreak of the Windows Optimal Tool adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.WindowsOptimalTool. Windows Optimal Tool is a rogue application. Rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses [...]
25 February 2011
Security expert: iPhone password hack shows flawed security model
News of a successful attack that almost instantly gives full access to an iPhone’s password keychain made its way around the Web on Thursday after Germany’s Fraunhofer Institute for Secure Information Technology revealed the exploit to IDG News Service. While the fact that hackers could access a device’s keychain in such a short time certainly [...]
25 February 2011
HIPAA fines prove the value of data protection
The US Department of Health and Human Services (HHS) fined Massachusetts General Hospital $ 1 million today for losing the medical records of 192 patients, the second ever fine imposed on a healthcare organization for violating the Health Insurance Portability and Accountability Act (HIPAA), HHS’s Office for Civil Rights (OCR) made the following statement in [...]
25 February 2011
ICWAI site infected
After KVGBANK, now ICWAI has also been found to be the victim of an iFrame injection attack. My previous blog post reveals how famous sites from India like UPSC and KVGBANK have been compromised. These are reputable sites , which receive a high volume of traffic. This makes them an attractive target for attackers. The [...]
25 February 2011
Windows 7 / 2008 R2 Service Pack 1 Problems
Iwill use this post to collect some of the problems we are hearing about with Windows 7 SP1 and Windows 2008 R2 SP1. Right now, there is no urgent reason to install this service pack and it should be tested first. A few areas to watch: - Whitelisting / Blacklisting:Whitelisting software may not have checksums [...]
25 February 2011
Fake income tax refund emails making rounds.
We have observed that cyber criminals are sending fake emails about tax refund. This is a latest cyber crime activity where they are trying to trap innocent users aimed at extracting bank details in the pretext of tax refund notification. The mails that you may receive about income tax refund is not sent by any [...]
25 February 2011
Touchy Security Topics: Insider Threat
Information security professionals often disagree on the prevalence of insider threat with respect to attacks that originate from outside of the organization. Let’s explore why that might be the case and what we can learn from the debate. This note is part of my 3-post series on the subjects that tend to touch a nerve [...]
25 February 2011
Dutch phishing for Visa and Mastercard
We have posted already about Visa and Mastercard scams in English. We don’t see very often a dutch phishing campaign which is created after some known English phishing. Usually, Dutch phishing is related to the most important banks in Holland, but this one is trying to fool the users of Visa and Mastercard with a [...]
25 February 2011
“Twitter Notifications” spam emails leads to US Drugs web site
MX Lab, http://www.mxlab.eu, started to intercept a spam campaign with the subject “Twitter Notifications”, send from randomly spoofed email addresses, that leads to U.S. Drugs web site. An example of the email: The email contains the Twitter logo and a basic lay out. The included URL appears to be leading to the twitter.com site, along [...]
25 February 2011
FLAMING RETORT – Whither Anonymous, our new generation of cyberfreedom fighters?
Welcome to another installment of the controversy-soothing and crack-paper-overing Naked Security column, Flaming Retort! As explained in the first Flaming Retort, this column does not exist to praise our readers’ best flames, nor to repeat them merely in the name of perverse humour, nor to return fire in the wearisome tradition of a flame war. [...]
25 February 2011
Facebook phishing pages
On 02/13/2011, I found several domains used for Facebook phishing, registered the same day: securedirectsite.com directsecuresite.com securedsitedirect.com highsecuritydirect.com securedsitedirect.com officialsecuredsite.com These domains contain the same page: a simple form to enter a Facebook login and password. Facebook Phishing page After entering the credentials, users are redirected to http://www.facebook.com/pages/Image-hosting-service/106354426063487#!/album.php?profile=1&id=208421665712, which lands the user at their Profile [...]
25 February 2011
Thunderbolt Security Speculations
Today, Apple release a new set of Macbook Pros, sporting the first implementation of Thunderbolt, a new interconnect technology based on what Intel so far called Lightpeek. It promisses 10 GBit/sec duplex connectivity to everything from storage to video devices. The technology is similar to Firewire (aka i.Link, IEEE 1394) in some ways. Like for [...]
25 February 2011
Windows 7 Service Pack 1 (SP1) is out
Microsoft has released the first official service pack for Windows 7 on February 22, 2011. This is an important update that includes previously released security, performance, and stability updates for Windows 7. SP1 also includes new improvements to features and services in Windows 7, such as improved reliability when connecting to HDMI audio devices, printing [...]
25 February 2011
Denial of Service vulnerabilities back in the spotlight – patch BIND now!
Until recently, only remote code execution vulnerabilities have made the mainstream news. These are the bug strains which may let an attacker get into your computer if you do nothing more than simply read an email, look at a web page, or even just connect to the internet. But simple Denial of Service (DoS) vulnerabilities [...]
24 February 2011
Windows Phone 7 update bricks some handsets – Microsoft in security middle ground
Microsoft tried to push an update to their newly released Windows Phone 7 this week and accidentally bricked some Samsung-branded handsets. Microsoft has since pulled the update, but only for the Samsung Omnia handsets affected by the flaw. Even more embarrassing, the update was intended to improve the updating process and provided no enhancements for [...]
24 February 2011
Facebook HTTPS: Is Done Better Than Perfect?
My Facebook account finally provided me with the option to use an HTTPS connection “whenever possible” last week. The option is located under the Account Security section of the Account Settings page: So I selected the option and saved my changes: And now, Facebook defaults to a secure HTTPS connection: Or so I thought… (more [...]
24 February 2011
Anatomy of an Attack: Dallas, TX and Louisville, KY
It is with great joy that I announce the next two live Anatomy of an Attack events we will be delivering in Dallas, TX and Louisville, KY. What is Anatomy of an Attack? It’s a half-day seminar where I present a complete look inside the malware economy. I explain the what, who, how and why [...]
24 February 2011
Back to School; Time to Go Phishing
As university students prepare to go back to their studies this year, their email accounts and personal information are ripe for the picking. Today we observed phishing emails being sent to tertiary students to warn that their passwords have expired, or on a separate email, that their password will expire within 2 weeks. Both of [...]
24 February 2011
Bind DOS vulnerability (CVE-2011-0414), (Wed, Feb 23rd)
Internet Software Consortium published today an advisory for the BIND software. For versions 9.7.1-9.7.2-P3, when a server that is authoritative for a domain (i.e. owns the SOA record) process a successful domain transfer operation (IXFR) or a dynamic update, there is a small window of time where this processing combined with a high amount of [...]
24 February 2011
Sophos shortlisted for two awards by SC Magazine Europe 2011
Well well well – isn’t this exciting! Sophos has been shortlisted for two awards by SC magazine. Sophos Anti-Virus for Mac Home Edition is up for Best Anti-Malware Solution, and Sophos is a contender for Information Security Vendor of the Year. This follows our wins last week at the US SC Magazine awards: Sophos Email [...]
24 February 2011
A wave of PayPal phishing emails
Over 200 million people have accounts on PayPal, making it a key target for internet fraudsters attempting to steal money. One of the way that criminals try to get their hands on your cash is by phishing for your PayPal account details. An aggressive campaign that we have seen widely spammed out in the last [...]
23 February 2011
