None of us would want to be operated on by an unlicensed surgeon so why should we put trust in software applications written by unlicensed, uncertified programmers? Apple have seemingly taken the high-road by requiring programmers to register as Apple developers (for a small-but-not-negligible fee) before they can deploy their code to a device (even if [...] [...more]
Sophos users over the past few months may have noticed that they haven’t been able to access parts of the Somerset Information Exchange (SiX) due to instances of Mal/Badsrc-C on the site. The problems for the SiX microsite, hosted on somerset.gov.uk, is larger than just malicious SCRIPT tags on pages. The site also has injected Blackhat [...] [...more]
This week we’ve seen more phishing spam targeting the Commonwealth Bank of Australia, an institution that many scammers have aimed at in the past. The emails have a subject of “Update your Commonwealth Bank” and look like this: The text is standard scaremongering. Opening with “Customer ID : 000-5432-654386-PSI” does make the email look more official, and [...] [...more]
There are 9 new releases in this month’s Microsoft patch release. Four of these are ranked by Microsoft as Critical; due to lack of exploitation in the wild, none have been ranked higher than Medium by SophosLabs. Today also brings us a Critical advisory regarding Adobe Flash Player. This has been exploited in the wild and [...] [...more]
Last week the website belonging to TechCrunch Europe had malicious code planted on it, the payload of which was a variant of Zbot - Troj/Zbot-YP. There are several interesting aspects of this variant that are worth exploring in a little more detail. Firstly, the version of Zbot (aka Zeus) in use is not the latest version 2 but [...] [...more]
Just a quick update that we are seeing reports of an old-school mass-mailing worm doing the rounds currently. The emails it sends contain a link that pretends to point to a PDF, but it in fact points to a VisualBasic PE executable. So it has nothing to do with the latest Adobe 0-day we mentioned [...] [...more]
Just a quick update on the latest Adobe zero-day vulnerability (APSA10-02) that has come to light this week. You may well have already watched the video Chet posted yesterday. We have also published an advisory page for this vulnerability as well. As mentioned in Chet’s post and the advisory, detection for this threat was provided in [...] [...more]
You’ve seen them before. The advance fee fraud or the 419 scams. The one where a prince, a distressed widow, or an unscrupulous but half literate bank manager contacts you with a proposal. Invariably, there is a large frozen bank account the writer wants access to and needs your help to circumvent [...] [...more]
Today we have observed some messages which at first glance appeared to be somebody trying to correct their mistakes on the CV they sent out. All messages had the same body text that read as follows: Thank you for the chat yesterday, it really helped me get a clearer idea of recruitment as well as exploring any potential [...] [...more]
SophosLabs has discovered a technique in anti-virus marketing, which we detect as Spin/BigNumber-P. Typical behaviour involves phrases such as “Product detects X viruses!”, where X is a large, rather exact-sounding number. Some variants involve high-tech numerical displays updated in real-time with ever growing numbers. This technique has been spotted in the wild. Never one to be [...] [...more]
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||
