As noted by Bloomberg on 25 September, Apple was valued at $267 billion, ahead of PetroChina’s $265.5 billion, becoming the world’s second-largest company in terms of market value. Furthermore, back to May this year, Apple had surpassed Microsoft in market capitalization to become the world’s top technology company. However, does Apple beat the rival Microsoft [...] [...more]
Patch Tuesday has arrived again and this time we have a set of ten updates. Nine from Microsoft and one from Adobe. Nine of these potentially allow remote code execution and the tenth involves information disclosure. For the full list of of patches, please visit our Knowledge Base article. At present, all of these updates have been given [...] [...more]
I recently presented my paper Want My Autograph? The use and abuse of digital signatures by malware at Virus Bulletin 2010. I will refrain from delving into the gory details of digital signatures heuristics that strongly indicate malware — those interested can refer to the paper for that information. I will however highlight one of [...] [...more]
Last week, I presented at VB2010 a talk that was well received in the room and on the wires. A number of people have requested copies of or links to my presentation and paper (thanks to Helen Martin of Virus Bulletin for permission). Reading presentations without the commentary is difficult and so I will expand [...] [...more]
During the last 4 months, SophosLabs has seen an explosion in the resurgence of HTML attachment spam. As shown in the following figure, it accounts for 8% of all the spam in the June and September, and about 2-3% in July, August and October. These malicious HTML attachments can be divided into two parts: malicious JavaScript [...] [...more]
From time to time we get some malware in which the authors have put in their own stupid messages. This one we got recently looks like an another attempt by a malware author to get some cheap publicity. Sophos detects this malware as Troj/Dropr-DJ an... [...more]
Today, at SophosLabs, we encountered another interesting rogue security software variant, Troj/FakeAV-BTN. When run, Troj/FakeAV-BTN poses as Microsoft Security Essentials Alert and detects only one file as “Unknown Win32/Trojan”. When user wants to remove this fake threat, this malware offers “Scan online” option. One of the interesting part of this rogue application is that the page displays [...] [...more]
The attackers behind the spammed HTML redirects I blogged about last week have been busy over the last few days. In an ongoing attempt to evade detection they have continually tweaked and changed the manner in which the redirect is being hidden. In this post I will take a quick look at the evolution of [...] [...more]
This week I have been putting the finishing touches to my presentation for the Virus Bulletin Conference in Vancouver later this month. While doing the research I have collected a large corpus of PDF files; the results of analyzing these files form the bulk of my presentation. In these last few days before the conference [...] [...more]
In what seems to be a fitting close to the week, today we have seen further waves of mass-spammed JavaScript redirects. Fairly typical social engineering is used in the email messages to entice the user into opening the attachment. Double-clicking the attachment will load the HTML file in the default browser and (depending on the browser security [...] [...more]
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||
