Sophos
Global Secure Systems are an authorised reseller for Sophos and are the UK's largest privately owned and most experienced IT security organisation.
Our award-winning solutions (including Sophos) have been helping businesses secure their data and achieve regulatory compliance since the mid-nineties by providing cutting-edge technology alongside accredited consultancy and testing services. GSS has a single aim; information assurance. delivered.
For the latest information on Sophos click on your choice from the links below.
About Sophos
Trusted by 100 million users and endorsed by industry analysts as a leader, Sophos provides a full range of endpoint, encryption, email, web and NAC solutions that are simple to deploy, manage and use.
The nature of information security has changed forever. The old approach to security-identifying code known to be bad and preventing it from breaching the organisation's network perimeter-no longer works.
In addition to firewalls, anti-virus and anti-spam, organisations need security across a number of fronts that cover the entire infrastructure. A comprehensive security strategy requires more than just malware blocking-encryption, email, web and network access control solutions are strategic necessities.
Sophos Products
Protect your confidential information and comply with regulatory mandates - safely and securely - with SafeGuard Enterprise solution. SafeGuard Enterprise is a modular information protection control solution that enforces policy-based security for PCs and mobile devices across mixed environments. It is fully transparent to end users and is easy to administer from a single central console.
The ProxyAV 400 Series is a purpose-built solution designed for quick integration with ProxySG 800 for deployment in medium enterprise or distributed environments. It provides scalable performance with a choice of antivirus engines from Sophos and McAfee.
Sophos Product Families
Trusted by 100 million users and endorsed by industry analysts as a leader, Sophos provides a full range of endpoint, encryption, email, web and NAC solutions that are simple to deploy, manage and use.
Sophos Industry News
Sophos warns of fake anti-virus spam campaign Security vendor Sophos is warning of a major spam campaign designed to trick users into downloading fake anti-virus software. In a blog post, Sophos senior technology consultant Graham Cluley explained that the unsolicited emails arrive with subject lines such as "You're invited to view my photos!", "Appointment Confirmation", or "Your Bell e-bill is ready". "Opening the attached HTML file, however, redirects your w......
[more] Facebook 'dislike' scam warning Facebook users are being targeted in a scam that offers them a chance to install a "dislike" button. The scam tricks users into allowing a rogue application to access their profile page, which then posts spam messages. It also attempts to lure people into completing an online survey, for which the scammers are paid money.
The social network already offers a "like" button that allows people to rate other user's comments and posts.
Graham Cluley of security firm Sop......
[more] Hoax Facebook virus makes more trouble than a real virus A hoax Facebook virus is spreading rapidly across the social network. Many users have been hoodwinked into forwarding an inaccurate warning about the spread of non-existent malware that claims a girl committed suicide over a post her father wrote on her Facebook wall. No such tragedy has occurred but many are forwarding the wrong-headed message (extract below) creating confusion in the process.WARNING: THERE IS A VIRUS GOING AROUND AGAIN,......
[more] Free Sophos tool blocks Windows shortcut attacks Microsoft won't endorse measure, tells user to cripple shortcuts instead The security firm Sophos released a tool on Monday that it claimed will block any attacks trying to exploit the critical unpatched vulnerability in Windows' shortcut files. The tool, dubbed "Sophos Windows Shortcut Exploit Protection Tool," will protect users until Microsoft releases a permanent patch for the problem, said Chet Wisniewski, a senior security advisor......
[more] Firm scrambles to patch vBulletin software flaw A serious flaw in software widely used to power online discussion sites could allow hackers to harvest reams of personal data, the BBC has learned. The flaw in a specific version of the vBulletin software allows anyone to easily access the main administrator username and password for a site. This would also allow hackers to access data, such as e-mail addresses, and edit the site at will.The owner of the program - Internet Brands - released a fix......
[more] Microsoft confirms 'nasty' Windows zero-day bug Microsoft on Friday warned that attackers are exploiting a critical unpatched Windows vulnerability using infected USB flash drives. The bug admission is the first that affects Windows XP Service Pack 2 (SP2) since Microsoft retired the edition from support, researchers said. When Microsoft does fix the flaw, it will not be providing a patch for machines still running XP SP2. In a security advisory, Microsoft confirmed what other researchers had b......
[more] Controversial Windows XP vulnerability now being exploited The Windows XP exploit that was published by a Google engineer last week is now being exploited in the wild, according to researchers at Sophos Labs. The vulnerability, which could allow remote code execution if a user views a specially crafted Web page using a Web browser, or clicks a specially crafted link in an e-mail message, was published by Tavis Ormandy just five days after he alerted Microsoft to the problem. Sophos reported Tue......
[more] New Facebook click-jacking scam spotted Security researchers have spotted a new click-jacking scam on Facebook which spreads through the site's news feed and 'Like' feature. UK security vendor Sophos issued a warning to users over what the company describes as a "like-jacking" attack. The attack appears as a link to a web page offering photos of the '101 hottest women in the world.' The link presents a page which, when clicked, forwards the victim to a third-party site, and accesses their news......
[more] Mass Web attack hits Wall Street Journal, Jerusalem Post Internet users have been hit by a widespread Web attack that has compromised thousands of Web sites, including Web pages belonging to the Wall Street Journal and the Jerusalem Post. Estimates of the total number of compromised Web sites vary between 7,000 and 114,000, according to security experts. Other compromised sites include Servicewomen.org and Intljobs.org.Cisco Systems' Web-tracking subsidiary, ScanSafe, started following the inci......
[more] The biggest botnets: Is your PC part of one? There are hundreds of botnets, ad hoc networks of Windows PCs that are infected with one or more programs to let them do the bidding of their controllers, some are far more trouble than others. While you can't afford to ignore any botnet threat, here are some of the worst of the worst. "When it comes to botnets, size does matter," said Scott Emo, head of endpoint solutions at Check Point, a network security company. That's because "the......
[more] Encryption and passcode can be easily bypassed on iPhone 3GS To implement security simply, but effectively is very difficult. Unfortunately for businesses or consumers who think their iPhones are secure, they are incorrect. Experts at Sophos noted that when they plugged in their iPhone 3GS to a Ubuntu 10.4 (Lucid Lynx) workstation, they were able to access some of the data without authenticating to the phone or OS. On initial examination all that is required to access the "user content" areas of......
[more] Rogue Facebook apps launch 'beach babes' attack Another attack using rogue Facebook applications hit users' PCs Saturday in a virtual repeat of last weekend's massive assault, security researchers said. Like the earlier attack, today's scam uses a sex-oriented video as bait, said Patrik Runald, a Australian researcher who works for Websense Security. The scam is spread through Facebook messages touting "Distracting Beach Babes" videos that include a link to the malicious applications......
[more] Twitter phishing scam uses iPhone 4G bait Security experts are warning of a Twitter phishing scam designed to harvest personal data with the offer of a new iPhone 4G as a lure. Sophos senior technology consultant Graham Cluley wrote in a blog post that the scam employs a "gaggle of profiles, using avatars of sexy young women, pumping out messages to users" saying they could win the device. "A quick look at one of the Twitter accounts spamming out the messages underlines that she is by no m......
[more] Site auto-trawls embarrassing Facebook posts A new site illustrates the privacy perils of users who leave their public updates searchable outside of Facebook. FacebookSearch (http://willmoffat.github.com/FacebookSearch) allows interested parties to search for status updates containing potentially embarrassing information such as "playing hooky", "stupid boss" or "control urges" simply by clicking on a link. The site also offers customised searches of freely viewable status updates. Search result......
[more] Security experts warn of mobile Trojan threat Security experts are warning Windows Mobile phone users to beware of downloading games to their devices, after it emerged that a Russian-speaking hacker has been uploading versions of a particular game with malicious Trojan programs hidden inside. Graham Cluley, senior technology consultant at Sophos, said yesterday that Windows Mobile users playing the 3D Anti-terrorist Action game have reported that their phones are making expensive calls to inter......
[more] Sophos exposes blackhat search engine techniques IT security firm Sophos has conducted a new research which reveals the automated tools used by Search Engine Optimisation (SEO) hackers and how companies can protect themselves. Sophos said the business of using blackhat SEO techniques to impregnate legitimate sites has become a huge money-spinner for cybercriminals. Every day scores of new malicious campaigns are discovered taking advantage of the hottest news stories on the internet to spread ma......
[more] Sophos' April Fool's joke says romantic fiction a deterrent to hackers Who says security vendors don't have a sense of humor? Sophos Inc. today urged companies to consider hiding sensitive data in snippets of romantic literature or other diversionary text to protect the data from hackers. In an April Fool's Day press release, the company said its research shows that hackers can be sidetracked from their mission to steal corporate data when enterprise networks are flooded with romantic fiction......
[more] Security researchers scrutinise search engine poisonings The techniques used by unloveable rogues who automate search engine manipulation attacks themed around breaking news to sling scareware have been unpicked by new research from Sophos. A research paper published on Wednesday by Sophos researchers Fraser Howard and Onur Komili lifts the lid on the search engine optimisation techniques used by hackers to hook surfers into their scams.Attackers use automated kits to apply blackhat SEO methods......
[more] Sophos warns of Facebook fakers Security experts are warning of yet another scam to hit Facebook, pointing out that the site is full of fake Fan Pages which could open users up to another avenue of attack. Sophos senior technology consultant Graham Cluley, himself the victim of a fake fan page, urged Facebook to tighten up its rules on the creation of such sites, as their existence threatens the security of other users. "Innocent people - friends, acquaintances, and anyone who might follow......
[more] Apple iPad scam hits Facebook A new scam is targeting Facebook users keen to try out Apple's new iPad, due to go officially on sale later this month, and in April for the 3G model. Graham Cluley's Sophos blog, which highlights internet security concerns, explains the latest scam currently do the rounds. "Scammers have created pages on Facebook claiming that you can be the lucky recipient of an Apple iPad if you simply register to be a beta-tester. Not only will they supply you with an iPad......
[more] Britain all atweet over Twitter phishing attack The latest phishing attack on Twitter users swept the U.K. overnight claiming several prominent users. The result was evident on Friday morning when users woke up to find messages on compromised accounts that read, "hey, i've been having better sex and longer with this here," followed by a link to a Web site selling sexual-performance drugs. Although the number of people affected is difficult to determine, it made top news on the country's TV netw......
[more] Scareware scams ride the back of killer whale tragedy Supposed footage of Wednesday's fatal Sea World killer whale attack in Florida actually points at sites distributing scareware. Dawn Brancheau, 40, a trainer at Sea World in Orlando, lost her life yesterday after a killer whale attack. Miscreants have wasted no time is exploiting the tragedy, as so many before it, by setting up malware traps designed to ensnare the unwary. Black hat search engine trickery is once again being used to drive tr......
[more] Cybercrooks fake the death of Bill Cosby An online hoax claiming the death of Bill Cosby is now being used to push a malware attack. Researchers at security vendor Sophos have reported a new round of web sites claiming to offer news of the comedian's death. The company said that the pages attempt to mimic CNN's web site and upon loading, users are presented with phony error messages attempting to push fake antivirus packages. "Hunting for information about the story can lead your computer into......
[more] File-sharing scam targets Twitter Twitter has identified a scheme that uses compromised file-sharing sites to steal the log on information of users. The service said it had discovered a number of compromised "torrent" sites that had been set up specifically to skim usernames and passwords. Torrent sites acts as indexes of links to TV, film and music files.
Scammers were then able to use the data to gain access to Twitter and other sites because many people use the same logon for multiple service......
[more] High-profile tech blog is hacked High-profile technology blog TechCrunch has been taken offline by hackers. A message on the site said that it had been "compromised by a security exploit" but did not specify any further details. "We're working to identify the exploit and will bring the site back online shortly," the message read.
The site went down at around 0620 GMT and was replaced by various messages including a link to a site directing people towards adult material.
The site has come back on......
[more] Facebook users fall for rubber duck's friend request Facebook users haven't learned to keep their personal information private, a security researcher said today after his company conducted a test that sent randomly-selected people a friend request from bogus accounts. One of the account profiles sported only an image of a yellow rubber duck, while the other was represented by a pair of cats.
The test conducted by Sophos was similar to one the firm did two years ago, said Graham Cluley, a senio......
[more] Raunchy spam targets online gamers Security experts are warning of a new malicious spam campaign designed to harvest the login credentials of online gamers. According to a blog posting by security vendor Sophos, the spam emails arrive with the subject line “Do you like to find a girlfriend like me?” and contain the following message: Wish to have a boyfriendBe able to protect me, take care of meIntolerable lonely night and would like to have your care.do you Willing?This is my photos.
Attached......
[more] Large Hadron Collider spam carries virus Security experts are warning of a malware attack disguised as a video of the Large Hadron Collider in action. The bogus video link arrives in an email, which security firm Sophos said is "dodgy from the start". The message reads: 'Wow, don't ask me how I get this video, but it's realy [sic] cool,' followed by a mytinyurl.net web link.
The scammers claim in the email that thousands of people have already enjoyed and bookmarked the video, but that it requi......
[more] 3 Basic Steps to Avoid Joining a Botnet Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use -- unbeknownst to the machine's owner -- for online crimes including sending out spam or launching a denial of service attack. Unfortunately, t......
[more] Cybercriminals leverage swine flu threat Cybercriminals are making millions from the public panic-buying counterfeit Tamiflu medicine. Following warnings about buying Tamiflu over the internet, a report by Sophos claims that panic-buying Tamiflu over the internet will not only line cybercriminals' pockets with millions of dollars, but also grant them access to sensitive personal data to be used for other crimes. Detailed in a whitepaper entitled "The Partnerka - what is it, and why should you c......
[more] iPhone hacker did users a favour: poll Three quarters of voters in a poll about the iPhone worm believe that creator Ashley Towns had 'done users a favour'. A poll by Sophos found that, of 721 respondents, 75 per cent agreed that Towns had ‘done iPhone users a favour. This was an acceptable way to raise awareness of poor security'. Meanwhile, fifteen per cent hoped he was investigated by the police as ‘when he released that worm he broke the law', while ten per cent believed that he had &......
[more] Red faces as Cofee spills onto the net In an ironic twist of fate, Microsoft's Computer Online Forensic Evidence Extractor (Cofee) crime scene reporting tool has leaked onto the net. According to the security firm Sophos and other reports, copies of the tool have surfaced on a file sharing site, and users are already downloading it. Cofee is designed to be used by crime scene investigators, letting them download the contents of a suspicious computer without the need to insert a USB key.
Microso......
[more] Mac art project game destroys files A Mac game that deletes users' files has sparked a debate about whether it's malware or not. The Space Invaders-style game deletes a file from the Mac home directory every time a user destroys an alien ship. The application, released as part of an art project, clearly warns this is what it does... in big red letters. Of course malware often thrives on people who ignore warnings, so security firms including Inteco, Sophos and Symantec that produce Mac OS X ant......
[more] Twitter warns of new phishing attack Twitter warned users Tuesday of a new phishing scam on the social networking site. It's the latest in a series of scams that have plagued the site over the past year, designed to trick victims into giving up their user names and passwords. "We've seen a few phishing attempts today, if you've received a strange DM and it takes you to a Twitter login page, don't do it!," Twitter wrote on its Spam message page.
The message reads, "hi. this you on here?" and incl......
[more] Scam hits more e-mail accounts The scale of a phishing attack originally thought to be directed at Hotmail may be larger than previously thought. BBC News has seen a list of more than 20,000 more names and passwords that have been posted online. The list contains e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers.
The list was published on the same website as the original list of 10,000 Hotmail login details.
Some of the accounts appear to be old, unused......
[more] Scammers auto-generate Twitter accounts to spread scareware Scammers are increasingly using machine-generated Twitter accounts to post messages about trendy topics, and tempt users into clicking on a link that leads to servers hosting fake Windows antivirus software, security researchers said Monday. The latest Twitter attacks originated with malicious accounts cranked out by software, said experts at both F-Secure and Sophos. The accounts, which use variable account and user names, supposedly......
[more] Sharp rise in click fraud as botnet evades filters There has been a spike in click fraud thanks to a new botnet that is eluding the most sophisticated filters of search engines, web publishers and ad networks, according to a web security company. Click Forensics, which provides services to monitor ad campaigns for click fraud, said that the botnet's architects had figured out a way to mask it particularly well as legitimate search ad traffic.
The company is calling this the "Bahama botnet" beca......
[more] Malware writers piggyback on 9/11 anniversary Malware writers have hooked onto the anniversary of the 11 September tragedy to spread malware via false virus messages. Malware writers are either registering new web pages and filling them with terms relating to the event, or breaking into existing web sites and adding terms to rise higher on search engine rankings. They are using these pages to host false antivirus alerts, where users get a window appear telling them they are infected and offerin......
[more] Pink Floyd worm spreads on 'Chinese Facebook' Malware authors have developed a cross-site scripting worm that's spreading across a Chinese social networking website. The Pinkren-A worm poses as a video clip of Pink Floyd's Wish You Were Here contained in messages sent to users of Renren, the Chinese social networking website with around 40 million members. Selecting these messages results in the execution of malicious JavaScript, further spreading the infection."The technique used in this w......
[more] New group promises to unite security industry A new industry body has been set up to promote closer co-operation and information sharing between vendors in the notoriously competitive IT security industry. The Industry Connections Security Group (ICSG) has been established under the aegis of the IEEE Standards Association, and includes most of the major security vendors, including Symantec, McAfee, Sophos and Trend Micro. The ICSG argues that, although there are already numerous examples of cro......
[more] USA continues to relay more spam than any other country Sophos' report on the latest trends in spam reveals the top twelve spam-relaying countries for the second quarter of 2009. By scanning all spam messages caught in SophosLabs’ global network of spam traps, researchers have identified the top ‘Dirty Dozen’ spam relaying nations between April and June this year. During the second quarter of 2009, the USA continued to relay more spam than any other country – the nation’s 15.6 perce......
[more] Microsoft admits new ActiveX zero-day bug For the second time in a week, Microsoft Corp. is warning users that hackers are exploiting an unpatched, critical bug in a company-made ActiveX control, putting people running Internet Explorer at risk. The company has been busy lately acknowledging "zero-day" vulnerabilities. Today's admission was the third in the last two months and the fifth since February. According to the security advisory that Microsoft released early today, the vulner......
[more] Michael Jackson's death exploited by cybercriminals Always quick to capitalize on major headlines, spammers have begun sending out messages related to the deaths of Michael Jackson and Farrah Fawcett, security researchers said. Jackson's death is being exploited by cybercriminals hoping to infect users with a trojan or to trick curious spam recipients into unwittingly revealing their personal information. Shortly after Jackson's death was confirmed, the SANS Internet Storm Center predicted that......
[more] Data-sniffing trojans burrow into Eastern European ATMs Professionally written, rapidly developed Security experts have discovered a family of data-stealing trojans that have burrowed into automatic teller machines in Eastern Europe over the past 18 months.The malware logs the magnetic-stripe data and personal identification number of cards used at an infected machine and provides an intuitive interface for retrieving the information using the ATM's receipt printer, according to analysts from Sp......
[more] MP 'devastated' over Facebook profile hack 'Outlawed from cyberspace and unable to communicate with my cyber friends' A backbench Tory MP was left "devastated" after his Facebook account was hacked.Michael Fabricant, 58, spoke of his anguish in a posting on his personal website last week. The Lichfield MP's Facebook profile was suspended after his account was pwned by hackers and used to send malicious spam to his 1,500 contacts.The malicious messages said "Look at this!" and......
[more] 'Gumblar' web attacks spreading quickly The attackers behind a series of rapidly spreading website compromises have begun using a new domain to deliver their malicious code, security experts said on Monday. The attacks, collectively referred to as 'Gumblar' by ScanSafe and 'Troj/JSRedir-R' by Sophos, grew 188 percent over the course of a week, ScanSafe said on Thursday. The Gumblar infections accounted for 42 percent of all infections found on websites last week, Sophos said on Thursday. Over t......
[more] Gumblar web-based attack is currently being found six times more often than its nearest rival JSRedir-R, a new web-based attack, has blown all previous web-based malware out of the water, and is currently being found six times more often than its nearest rival. During the last seven days, almost half of all malicious infections found on websites were caused by Troj/JSRedir-R. Mal/Iframe-F, which has been the most widespread web-based threat for more than a year, accounted for just seven percent......
[more] 'Gumblar' attack explodes across the web A complex new malware attack is setting infection records and raising alarms from security experts. Known unofficially as 'Gumblar' for one of the attack domains, the malware is raising eyebrows and alert levels both for its prolific attack methods and for the danger of its payload. According to researchers, the attack is spreading through site compromises which inject malicious javascript code within components of the site. Upon visiting the infected pa......
[more] Swine flu causes spam fever Just days after news surfaced of a swine flu outbreak in Mexico, spammers are exploiting the news to advertise online pharmacies. Researchers have tracked several new spam runs which make reference to the outbreak, using such headlines as "swine flu worldwide' and "first US swine flu victims." Other message claimed that actress Salma Hayek and pop star Madonna had contracted the illness. The messages themselves contained links to online pharmacies which peddled drugs......
[more] Final countdown to Conficker 'activation' begins Security watchers are counting down to a change in how the infamous Conficker (Downadup) worm updates malicious code, due to kick in on Wednesday 1 April. Starting on 1 April, Windows PCs infected by the latest variant of the Conficker worm (Conficker-C) will start attempting to contact a sample of 50,000 pre-programmed potential call-home web servers from which they might receive updates, a massive increase on the 250 potential web server locale......
[more] ATM malware appears, Diebold issues security update Diebold, which has fielded recent criticism over the reported insecurity of its voting machines, is now fighting off news that its ATMs also can be compromised. Security firm Sophos reported this week that it received three samples of a trojan that was customised to run on Diebold-manufactured cash machines in Russia, said Graham Cluley, Sophos' senior security consultant. The malware was able to read card numbers and PINs -- then when the att......
[more] Camelot dismisses lottery website hack claims Camelot maintains the National Lottery website it runs is secure, following the publication of a supposed breach on an underground hacking forum. The same Romanian group that discovered SQL injection problems on the website of Kaspersky, BitDefender, and other anti-virus vendors in recent weeks has posted screen shots of supposed flaws on the national-lottery.co.uk site. Unu, a member of the hacker group, claims that "an unsecured parameter all......
[more] Rogue Facebook Application Uses Fake Terms of Service Alert to Target Users For the second time in less than a week, Facebook users have fallen victim to a widespread attack due to malicious third-party applications. The latest attack is sending out notifications that users are in violation of Facebook's Terms of Service. For the second time in less than a week, Facebook has been forced to squelch a rogue application targeting users of the site.In the most recent attack, Facebook users receive......
[more] Phishers launch multi-platform IM attack Users of internet chat services such as Google Chat have been hit by a major phishing attack aimed at stealing account log-in details, security researchers have warned. The unsolicited instant messages urge users to click on a TinyURL link to watch a video, but the link takes them to a site called ViddyHo which asks them to fill in user names and passwords. The phishers can then use these details to hack into user accounts and send more malicious links.......
[more] Clerical error foiled Sumitomo bank hack The largest near heist in banking history failed because the men accused of trying to carry it out didn't properly fill in a single field in an electronic transfer form. This is one of the extraordinary details that have emerged in the trial of three men accused of having tried in September and October 2004 to rob Japan's Sumitomo Mitsui bank of an eye-watering £229 million ($318 million at today's exchange) from inside its office, in the City of London.......
[more] Malware epidemic demands a united front Cybercriminals are a busy bunch these days: stealing identities by the millions, grabbing credit and debit card account numbers, and waging a myriad other attacks on unwitting users, businesses and vulnerable websites. Their weapon of choice is the malware injection. Today, a page is infected every five seconds, triple the infection rate in 2007. Among the most vulnerable -- and the most lucrative for cybercriminals due to their enormous reach -- are trus......
[more] Security vendors: We would block police hacking Two security vendors have said they would block police attempts to hack into systems without a warrant. The Home Office on Friday said it was working with the European Parliament on plans to extend police powers to conduct remote searches of computers. UK police already have the power to hack into suspect systems without a warrant, due to an amendment to the Computer Misuse Act, which came into force in 1995. However, security vendors Kaspersky La......
[more] Hackers hijack Obama's, Britney's Twitter accounts Hackers hijacked the Twitter accounts of more than 30 celebrities and organizations, including President-Elect Barack Obama, Britney Spears and Fox News, early on Monday, the company confirmed today. "This morning we discovered 33 Twitter accounts had been 'hacked,' including prominent Twitter-ers like Rick Sanchez and Barack Obama," Twitter co-founder Biz Stone said in post to the company blog. "We immediately locked down the a......
[more] 'Boom year' for hi-tech criminals If 2007 was witness to the rise of the professional hi-tech criminal, then 2008 was the year they got down to work. "The underground economy is flourishing," said Dan Hubbard, chief technology officer at security company Websense. "They are not just more organised," said Mr Hubbard, "they are co-operating more and showing more business savvy in how they monetise what they do." Statistics gathered by firms combating the rising tide of compute......
[more] Downturn 'boosting cyber-crime' The economic downturn is "proving a hotbed" for global cyber-crime, a study by security firm McAfee has warned. McAfee said this was because cyber-criminals were "cashing in on consumer anxiety to profit from old-fashioned 'get rich quick' scams". At the same time, it warned government attention to the problem was being distracted by economic recovery work. Fellow computer security group Sophos said it now found a new infected website every 4.5 seconds. Each of t......
[more] Latest VB100 malware test brings good news The December test focused on products for the 64-bit edition of Windows Vista, and vendors were pitted against 100 malware samples collected from the wild. In order to pass, the security companies are expected accurately to identify all 100 malware samples without returning any false positives. Among those that passed the most recent test were market leaders Symantec and McAfee, along with CA, F-Secure, AVG and Sophos. Microsoft's Forefront and OneCare......
[more] Hackers leverage Obama win for massive malware campaign Hackers have seized on the results of the U.S. presidential election to launch a major malware campaign that tries to trick users into installing an update to Adobe Systems Inc.'s Flash, but actually plants a Trojan horse on unprotected PCs, security experts warned today. The malware blitz stems from spam messages touting Sen. Barack Obama's victory last night, and offers up a link to what is supposedly a site sporting election results. W......
[more] Security firms report new statistics on spam Two security firms have revealed that spam attacks have increased in the last quarter. Secure Computing revealed in its Q3 2008 Internet Threat Report that malware which targets users of social networking sites had become the main source of spam. It also highlighted the rise in panic-inducing ‘bank failure spam' intending to capitalize on the current financial crisis. ‘Scareware' programs also spread rapidly, while election-related spam s......
[more] Link spammers set up shop on GMTV sofa website The website of breakfast TV station GMTV was colonised by spammers over the weekend after its domain lapsed. Instead of offering information on presenters or topics to be covered on the show the site became a showcase for links to dating and debt consolidation websites. GMTV - best known for its brightly coloured sofa-filled set and bland interviews conducted with celebrities by Lorraine Kelly - became a link farm for spammers after its domain came......
[more] Sophos concludes €217 million Utimaco buy Antivirus vendor Sophos has concluded its acquisition of Utimaco Software, a seller of data encryption software. With the acquisition, Sophos gets a sizeable foothold in the endpoint data protection market, where it will compete with McAfee and CheckPoint Software. Utimaco is dominant in Germany and Western Europe, selling mainly to the type of large-enterprise customers that Sophos covets, said Sophos CEO Steve Munford. The €217 million (US$314 mi......
[more] BusinessWeek site attacked, turned into malware playground The Web site of BusinessWeek magazine suffered a major SQL injection attack in recent days that left it hosting malware on hundreds of its pages, security vendor Sophos PLC has reported. Once compromised by such a server hole, the attack scripts could, in principle, launch anything desired by the attacker except currently included code for automatic attacks based on JavaScript. That means a visitor could be hit by malware just by landi......
[more] Malware infects space station laptop Malware has once again managed to get from Earth onto the International Space Station, a NASA spokesman confirmed last week. The attack code infected at least one laptop used on the station, an international operation led by the U.S. and Russian space agencies. The NASA spokesman declined to identify the malware, saying only that antivirus software had detected it on July 25. The SpaceRef.com news site last week identified the bug as W32.Gammima.AG. The......
[more] Sensitive data on 100,000 students exposed by Princeton Review The Princeton Review is the latest company hit with a data breach that is making headlines. The New York-based educational service and test preparation provider inadvertently exposed files on at least 100,000 students in Sarasota, Fla., and Fairfax County, Va., through its Web site. News of the breach was made public Tuesday morning by a report in The New York Times. Files were exposed after the company switched Internet service pro......
[more] How to protect against web advertising exploits Web browsers became integrated into many daily job functions years ago. We use them to help streamline business processes, access organisational intranets, and reach across the world within seconds for information. Browsers are responsible for displaying tons of website data, everything from application data, to links and images, to creative advertisements that rely on Java and Asynchronous JavaScript and XML (Ajax). Attackers realise that enterpr......
[more] Hackers spoof MSNBC alerts in new twist on massive malware ruse Hackers trying to plant malware on PCs have switched from touting news supposedly from CNN in come-on messages to pushing breaking stories said to be from rival network MSNBC, security experts said today. The fake messages pose with subject headings that include the phrase "Breaking News," along with phony headlines, such as "Jerry Yang relinquishes control over Yahoo," "Mary-Kate Olsen responsible for Heat......
[more] Olympics news sites hit with attacks Hackers are using SQL injection attacks to infect websites with updates on the Olympics, according to a Sophos blog post. Graham Cluley, senior technology consultant with security vendor, Sophos, said that the SQL injection attack was designed to install malware onto users' computers. The attack drags malware from a third-party Russian site, turning personal computers into bots. Apparently, several sites that received a news feed from Agence-France Presse, w......
[more] Facebook quashes malware attack Facebook has blocked links between its social networking site and malware-infested websites to where malicious hackers have been trying to lure Facebook members. "We've identified and blocked the ability to link to the malicious websites from anywhere on Facebook. Less than .002 percent of people on Facebook have been affected, all of whom we notified and suggested steps to remove the malware," wrote Max Kelly, Facebook's head of security, in a blog post early Fri......
[more] 8 ways to fight spam filter frustration Spam. It fills our in-boxes, wastes our time and spreads malware -- and it's only getting worse. According to Ferris Research, which studies messaging and content control, 40 trillion spam messages are expected to be sent in 2008, costing businesses more than $140 billion worldwide -- a significant increase from the 18 trillion spam messages sent in 2006 and the 30 trillion in 2007. In theory, e-mail filtering software and appliances allow "good"......
[more] Security Sleuths Sound Alarm on Asprox Flare-Up Web security firm Finjan issued a warning Thursday about a new wave of mass Web attacks that it said has affected more than 1,000 Web site domains, including government, retail, healthcare and advertising sites. Security vendors have been aware of the attack toolkit, dubbed "Asprox," for several years. However, they have noticed an uptick in the popularity of the malware since 2007.In May, cyber-criminals began a new round of mass Web at......
[more] Tennis sites hit by drive-by download attacks Two high-profile tennis websites are among scores of victims of a new wave of SQL injection attacks. The website of game regulators ITF and ATP, the professional players tour, were hit by automated attacks in the run-up to this week's Wimbledon championship. The ITF (International Tennis Foundation) website has since been cleaned up but the ATP website remains dirty, according to Fraser Howard, a security researcher at Sophos who's tracking the atta......
[more] Corporations riddled with security holes Poor corporate IT security is leaving businesses vulnerable - with almost 90 per cent of breaches found to have been preventable. A trio of studies have painted a damning picture of business security, with online vulnerabilities rising as companies and authorities fail to apply patches, update antivirus software and leave firewalls disabled. Vulnerabilities on UK company and public sector networks grew from 19 last year to 21 this year according......
[more] Storm worm resurfaces, tries love angle again After a hiatus, the gang behind the Storm worm is attempting to exploit people's curiosity about a fictional love interest to tempt users into downloading the malware, according to security training organisation the Sans Institute. Donald Smith, a security expert from the Sans Institute, warned on Tuesday that a Storm worm download site had been detected by security researcher 'DavidF'. A link that contained the site's IP address was being spammed o......
[more] Belgium accuses China of cyber-attacks It’s not just the US and UK who are crying foul over China's behaviour in cyberspace - now the government of tiny Belgium has accused hackers from the country of targeting its systems. Justice minister Jo Vandeurzen is reported to have claimed that the Federal Government had been targeted by Chinese hackers, backing up a separate statement by Belgium's foreign affairs minister, Karel De Grucht that his ministry had been hit by espionage in recent weeks. In......
[more] 30 years of Spam - and we ain't finished yet Spam celebrates its 30th birthday on Saturday (3 May). On that day in 1978, 393 Arpanet subscribers were sent what's reckoned to be the first ever spam email in history (the message itself was written on 1 May 1978). DEC marketing rep Gary Thuerk came up with the wheeze which produced a fierce backlash from Arpanet (military) administrators, as well as a small number of sales.After first appearing on Arpanet, unsolicited bulk commercial ads moved ove......
[more] Thieves set up data supermarkets Web criminals are stepping back from infecting computers themselves and creating "one-stop shops" which offer gigabytes of data for a fixed price. Speaking at InfoSecurity Europe, security firm Finjan said it had seen thousands of such online services. Experts at the conference said web fraud was skyrocketing and called for police to urgently address the problem. Security guru Bruce Schneier said anti-cyber crime efforts needed to be closely allied to the scale......
[more] Welsh government website serves malware A Welsh government website has been hacked to serve up malicious JavaScript, a sign that the spate of attacks first spotted last month are continuing, analysts from security vendor Sophos warned Friday. The method of attack is similar to one that recently victimised pages within Trend Micro's website, said Graham Cluley, senior technology consultant for Sophos. Trend Micro's website was one of up to 20,000 sites discovered in mid-March where hackers found......
[more] Euro 2008 sales site in drive-by download attack Hackers have successfully planted malware on a website selling tickets for the upcoming Euro 2008 Championships. The site of European ticket re-sale firm euroticketshop.com was infected by Trojan horse malware in a bid to infect soccer-loving surfers with insecure PCs. This drive-by malware style of attack is growing increasingly popular. Visitors attempting to purchase tickets through the site were exposed to a malicious script which is embedded......
[more] Scareware package planted in ITV.com ads Users visiting the website of UK broadcaster ITV risk exposure to a scareware package. Malware-laced banner ads that lead to download sites for the Cleanator scare package have also been served up on the Radio Times website. Radio Times confirmed that it removed the offending ad late Wednesday morning, following initial reports of the problem on Tuesday. The cleanliness or otherwise of the ITV website is unclear at the time of writing.Cleanator is a rogu......
[more] Wi-Fi networks need to be properly secured to avoid illegal piggybacking of internet service Computer users must properly securing their Wi-Fi networks following reports that people who illegally download music and films may have their internet subscriptions cancelled. The proposed Green Paper will require internet service providers (ISPs) to take action against the estimated six million users a year who access pirated material. This legislation could cause headaches for both ISPs and Wi-Fi use......
[more] FBI warns of Valentine's Day 'Storm' The Valentine's Day campaign that the bot-building Storm Trojan horse has been running for weeks is running at such volume that even the FBI issued a warning yesterday. "With the holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software," the FBI said in an alert posted to the home page of its Web site yesterday. "The Storm Worm virus has capitalized on various holidays in the last year by sending milli......
[more] Virus writers charged with copyright violation Japan has arrested its first suspected virus writers, but in a strange twist the three suspected creators and distributors of a strain of P2P malware have been charged with copyright violation, in an arrest that recalls Al Capone's prosecution for tax evasion. The trio were cuffed by cops in Kyoto on suspicion of involvement in a plot to infect users of the Winny P2P file-sharing network with a Trojan horse that displayed images of popular anim&eac......
[more] Google 'powerless' to stop AdSense theft Google's AdSense earnings are threatened by a Trojan that replaces the search giant's paid-for adverts with its own, in order to hijack advertising revenue. Launched in 2005, Google AdSense allows third-party websites or publishers to generate revenue from Google's text advertisers.AdSense acts as a middleman between an advertiser and a publisher. By crawling the content of publishers' web pages, AdSense determines the relevance of a text ad to page cont......
[more] Retail Wi-Fi Wide Open to Hackers, Study Finds A study has discovered that while retailers are physically securing their businesses to prevent theft, they are not taking the same precautions with their wireless security. The "2007 Retail Shopping Wireless Security Survey" conducted by AirDefense, tested the wireless "perimeters" of 3,000 shops across the United States and parts of Europe. It discovered that of 2,500 wireless devices such as laptops, hand-helds, and barcode sc......
[more] HMRC fallout: 85 per cent of public now lack confidence in Council web services IT security and control firm, Sophos, has said that 85 percent of users of online government services believe that their local authority's IT systems have probably already suffered a security breach at the hands of cybercriminals. The survey*, which polled 241 members of the public, also revealed that in such circumstances, 86 percent of users would hold the local authority itself responsible, rather than the hacker......
[more] Malware found on LaoAirlines.com, travellers beware of other sites Sophos has warned Australian travellers looking to book flights to South East Asia to make certain their anti-virus software is up to date before going online after yesterday intercepting malware on Lao Airlines.com. According to Sophos, the malware is embedded at the bottom of the Laoairlines.com web page in invisible java script code.Users who simply embark on the site will automatically be redirected to another site in China w......
[more] Despite filters, tidal wave of spam bears down on e-mailers Why, in 2007, is spam worse than ever? Let exasperated consumers count the ways: PDF spam. MP3 spam. Pump-and-dump spam. E-card spam. "Two years from now, spam will be solved." - Microsoft's Bill Gates, 2004, World Economic Forum in Switzerland. It may sound like a broken record, but spam continues to do just that - break records. This year marks the first time the total number of spam e-mail messages sent worldwide, 10.8 tril......
[more] 50 percent of employees admit sending wrong e-mails Most people are familiar with the feeling of utter dread that comes after hitting send on an e-mail, only to realize that their note to a coworker - complaining about a client - was actually sent to the client. It turns out the problem is a huge concern among businesses. Seventy-percent of businesses are concerned about sensitive material falling into the wrong hands as a result of data leakage via e-mails, according to a new study by Sophos I......
[more] Trojan spreads using PI wiretapping scare Miscreants are trying to convince email users that their telephone conversations are being recorded in a ruse designed to scare prospective marks into buying bogus security software. Emails promoting the campaign are laced with a new Trojan horse malware. The Dorf-AH Trojan horse appears as an attachment in emails claiming that the sender is a private detective listening into a recipient's phone calls. This "detective" claims he's prepared to s......
[more] Wi-fi piggybackers 'fess up More than half (54 per cent) of computer users admit to using someone else's wi-fi without permission, research reveals.Many internet-enabled homes fail to secure their wireless connection properly with passwords and encryption, allowing others to steal internet access rather than pay an ISP, according to IT security company Sophos which carried out the 560-strong survey.Graham Cluley, senior technology consultant for Sophos, said borrowing wi-fi internet access may......
[more] Sophos says plans to float on London stock market Software company Sophos Plc said on Wednesday it planned to list its shares on the main market of the London Stock Exchange. Sophos also said it had billings of $167 million in the year to end-March and its products are used by 65,000 customers in over 125 countries to protect an estimated 100 million end-users.......
[more] Storm Trojan dupes users with Halloween jig The latest holiday-inspired spam by the botnet-building malware in progress The Storm Trojan is flooding e-mail in-boxes with a Halloween spam blitz, security companies said this morning. This is just the latest example of the bot-building malware's knack of capitalizing on current events to dupe people into infecting their PCs. The newest campaign arrives in messages with subject heads such as "Dancing Bones" and "The most amazing danci......
[more] Facebook: A boon to business security? While some employers are banning staff from accessing Facebook, fearing security risks and lowered productivity, GE Commercial Finance is encouraging use of the social networking site to improve staff security practices. The Australian division of GE Commercial Finance is encouraging more than 1,000 staff in its Australian and New Zealand operations - from the mail room to the boardroom - to embrace the social networking website as a means of improving staf......
[more] US phishermen trawl UK waters The biggest source of attempts to steal personal bank details via email originates in the US, according to stats from UK anti-spam firm ClearMyMail.ClearMyMail has compiled a rogues gallery of the top 10 countries guilty of trying to steal domestic bank account information. According to ClearMyMail, more than half of all phishing attacks originate in the US.US (54%) Spain (3.8%) Germany (2.9%) Korea (2.8%) France (2.7%) China (2.7%) Russia (2.5%) Japan (2.2%0 Urugu......
[more] Security expert: Storm botnet 'services' could be sold The owners of the Storm botnet, whose identities are as yet unknown, could be preparing to sell off the "services" of segments of the network, according to Joe Stewart, a researcher from managed security services company SecureWorks. Stewart claimed in a blog post on Sunday that the latest Storm variants now use a 40-byte key to encrypt their peer-to-peer traffic, meaning each node will only be able to communicate with nodes that use the sa......
[more] Could businesses lose face over Facebook? Social networking sites like Facebook have exploded in use in Ireland recently, but IT experts are warning of privacy concerns. It's a familiar routine. No sooner does a development on the internet become commonplace than a security threat follows swiftly behind. In this case, Facebook is the latest to fall victim, so to speak. The social networking site is one of the most popular destinations on the internet, with an estimated 100,000 people signing up......
[more] Angelina Jolie 'nudes' fuel malware spike One in every 833 emails in September were infected with malicious attachments compared to one in every 1,000 during August, new research reveals.The jump in malware attachments was primarily due to a coordinated campaign by hackers to spam out the Pushdo Trojan during the second half of September, according to security firms. The emails, which offered naked pictures of Hollywood actresses such as Angelina Jolie and Holly [sic] Berry, carry a malicious p......
[more] Panda worm author gets four years The 25-year-old programmer who unleashed the Panda worm almost a year ago in China was sentenced Monday to four years in prison, a news service reported from Beijing. Li Jun, arrested in February and charged last month with making approximately £6,700 selling the worm - dubbed both "Fujacks" and "Panda Burning Joss Sticks" - was given a four-year jail term by a court in Xiantao, China. Three other men - all in their 20s, according to t......
[more] Storm worm: More powerful than BlueGene? Criminals behind the Storm worm have created a botnet containing millions of PCs, which have a combined computing power greater than the most powerful supercomputer in existence. The Storm worm botnet has been estimated to control between one million and five million computers, which one researcher says makes it more powerful than IBM's BlueGene/L supercomputer.Peter Guttman, a computer sciences security researcher, wrote in an email posted on insecure.or......
[more] Skype worm leaves Sophos users unfazed Sophos, a world leader in IT security and control, says that a recent worm outbreak on the Skype network highlights the importance of proactive virus protection. The worm, which has been seen spreading via Skype's instant messaging system, has not managed to infect Sophos users who were proactively protected against the threat without requiring an update. The W32/Pykse-C worm (also known as Ramex, Skipi or Pykspa) spreads via Skype's chat system in a varie......
[more] Spam up, PDF spam down Spam rates were up in August, despite the fact that PDF spam appears to have peaked. Junk email reached nearly 70% of all messages sent last month. According to Symantec's spam report for August, unwanted email accounted for 69% of all mail sent, up 3% from July. Spam volumes are creeping up toward the levels reached last October when image spam inflated junk mail to 73% of all messages sent. In August, image spam had little impact, accounting for less than 10% of all spa......
[more] Malware authors change tack Malware in the form of email attachments has dropped heavily in the last month, according to security software specialist Sophos.In August there was an average of one infected message in every 1,000 emails, compared with one in 322 during the first six months of 2007.Criminals are finding other, more effective ways of spreading malware, such as spam campaigns directing people to infected webpages, said Sophos senior security consultant Carole Theriault.'Most malware......
[more] Beyonce, Rihanna, Kelly Clarkson video emails spread ecard Trojan horse Sophos, a world leader in IT security and control, has warned internet users about the latest disguise being used by malware authors in their attempt to infect people's PCs: an email claiming to point to music videos of popstars like Beyonce Knowles, Kelly Clarkson and Rihanna. Experts at SophosLabs have proactively protected customers against the latest wave of malicious emails which pretend to be links to new music videos......
[more] Fake Gates Foundation malware spreads A malicious spam is in circulation which pretends to be from the Bill and Melinda Gates Foundation. It has the subject line 'Life for Life' and leads with the recent news that the Northern Territory Library has received the 2007 Access to Learning Award from the Bill and Melinda Gates Foundation. This information is true but the link inviting you to read more about the award takes you off to an infected Web site in Korea, according to Paul Ducklin, Asia-Pac......
[more] Loss of Monster.com records a reminder of online perils Computer security analysts are warning online job seekers to be extra careful following the revelation that hackers stole the information on thousands of people from the Monster.com jobs Web site. The con artists apparently pilfered user names and passwords from recruiters who search for job candidates on Monster.With access to the Monster system, the hackers then grabbed information from resumes to craft "phishing" e-mails.Ron O......
[more] Man loses $1.5 million in Nigerian email scam - six people arrested Sophos, a world leader in IT security and control, has reminded computer users of the danger of internet scams following the arrest of six men alleged to have defrauded their victim out of AU $1.76 million (US $1.5 million) through email. According to media reports, Dutch police have arrested six men in connection with extorting money from a 49-year-old Australian man after offering, via email, a business contract worth US $90......
[more] Sophos PureMessage receives West Coast Labs Checkmark Sophos, a world leader in IT security and control, today announced that its email security solution, PureMessage for Unix, has been awarded West Coast Labs Checkmark for 100% detection of in-the-wild viruses. The accolade confirms the software's ability to detect 100% of the viruses found in the wild, and its position as one of the most powerful security solutions for Unix mail servers. "Sophos PureMessage for Unix offers a considerable......
[more] Researchers spot ZIP spam spike Spammers have turned to ZIP files to push pump-and-dump scam emails past filters, researchers have warned. Commtouch's lab disclosed on Tuesday that spammers are distributing email runs with ZIP files containing a text file with a stock promotion. The attachments are sometimes password-protected, according to Commtouch.The files, however, cannot be opened by common ZIP file utilities built into Windows operating systems, and require compression tools like winrar.......
[more] Sophos Anti-Virus for Windows Vista wins VB100 award Sophos, a world leader in IT security and control, today announced that Sophos Anti-Virus 7.0.0 has been awarded the accolade of VB100 by Virus Bulletin magazine. This is the 39th time that Sophos Anti-Virus has won a prestigious VB100 award, confirming its ability to detect 100% of the viruses in the wild, and its position as one of the most powerful virus protection products available.Virus Bulletin tested 20 different anti-virus products f......
[more] Virus plays on Nintendo Mario game nostalgia IT security and control firm Sophos is warning of a new mass-mailing worm that is capitalising on users' enthusiasm for Nintendo's iconic character, Mario. Once they open the email, recipients are requested to click on an attachment that promises to run one of the classic Super Mario Bros games. Emails sent by the worm use the following text in the message body: Hi There, Do You Like Mario Bross ? Test it, and you'll like it ;] ! Attached to the emai......
[more] Vendors disagree on PDF spam volumes PDF spam, the most prevalent spam method currently used by hackers globally has decreased in numbers over the last two weeks, claims data security vendor BitDefender, but fellow security experts are disagreeing. BitDefender researchers have revealed that its detection rates for PDF spam are reducing and attributed the change to the relative ineffectiveness of the method, stating it requires more user interaction than usual e-mail spam. According to Vlad Valc......
[more] Warning over 30,000 newly infected websites Security firm Sophos says the number of infected web pages has soared nearly six-fold since the start of the year. The spike shows just how widespread web attacks have become, Sophos said. In June, it detected an average of almost 30,000 newly infected pages each day. Earlier in the year, the tally was as low as only 5,000 new pages daily. The vast majority of pages serving up malicious content are hosted on legitimate websites, Sophos added. About 80......
[more] Spammers move onto spreadsheets The first case of a new type of spam which uses Excel spreadsheets to circulate was discovered over the weekend.Security firm Sophos said that the emails come with an Excel spreadsheet file labelled 'invoice.xls'. It then uses an embedded image to deliver the spam.While it is possible to write malware that exploits Excel, no malware has been included in the emails so far. Sophos believes that this could be a sign that "we're winning the war against spam"......
[more] D'oh! Spammers exploit interest in The Simpsons Movie Springfield's favorite family used by cybercriminals trying to confirm email addresses are "live" Sophos, a world leader in IT security and control, has reminded computer users of the importance of not responding to unsolicited email surveys following the discovery of a spam campaign exploiting interest in "The Simpsons Movie", due to be released in cinemas this month. The spammed emails claim that recipients will receive a $500 Vis......
[more] Sophos protects Australia's biggest automotive dealer group Sophos, a world leader in IT security and control, has announced that Perth-based Automotive Holdings Group (AHG) Limited (ASX:AHE) has deployed its computer security solutions to protect more than 1,200 computer users in Western Australia and Victoria. Sophos now guards AHG's servers, PCs, laptops and email gateways against malicious threats, unauthorised intrusion and potentially unwanted applications. AHG is Australia's largest auto......
[more] Postini partners may jump ship Google's takeover of Postini could cause some of the security company's partners to rethink their positions, analysts have warned.Postini licenses much of its security technology from third parties, including antivirus software from McAfee. But analysts have suggested that the acquisition may lead partners to rethink their strategy or ask for more cash."Some companies are going to feel very unhappy about sharing their technology with Google," said Nick S......
[more] Nearly 30,000 Malicious Web Sites Appear Each Day While researchers are simply getting better at finding the malicious sites, Sophos reports that hackers are increasingly turning to Web-borne malware -- in great numbers. The number of malicious Web sites has skyrocketed over the past few months, going from 5,000 new ones a day in April to nearly 30,000 a day now. "This certainly is a huge increase," said Carole Theriault, a senior security consultant with Sophos, in an e-mail to Infor......
[more] Harry Potter Worm Claims Harry Is Dead The eagerly anticipated final Harry Potter novel seems to have hackers working overtime, with security software company Sophos warning of a new computer worm exploiting global Potter-mania and claiming Harry is dead. According to Sophos, the W32/Hairy-A worm spreads by copying itself onto USB memory sticks, posing as a copy of the eagerly-anticipated novel "Harry Potter and the Deathly Hallows".Windows users who allow affected flash drives to 'au......
[more] Sophos: Thousands infected with video disguised malware A Trojan that disguises its malicious content by playing a humorous animation is spreading across the internet, according to security experts. The Agent-FWO trojan plays the popular "Yes & No" Shockwave video created by Italian animator Bruno Bozzetto, but only after embedding itself on users' computers and downloading further malicious code from the internet. Hundreds of thousands of people are believed to have watched the fi......
[more] Fake Windows security alert loads a Trojan Messages insisting that users install a just-released Microsoft security update are bogus and actually lead to a site that plants malicious code on PCs, several security companies have warned. The spam, which touts "Microsoft Security Bulletin MS07-0065 -- Critical Update" as its subject and appears to come from "update@microsoft.com," claims users should download a June 18 security patch and provides a link to a URL that looks legi......
[more] Sophos awarded ITPro Editor's Choice, outperforming McAfee and Symantec Sophos Anti-Virus Small Business Edition 2.0 declared "outright winner" Sophos Anti-Virus SBE 2.0, Sophos's integrated protection solution for small businesses, has won the prestigious "Editor's Choice" award in a comparative test conducted by ITPro. ITPro tested McAfee Active VirusScan SMB Edition, Symantec AntiVirus 10.2, F-Secure Anti-Virus Small Business Suite and Sophos Sophos Anti-Virus Small Business Edition......
[more] USB flash drive worm spreads information about AIDS LiarVB-A worm infects removable memory sticks Sophos, a world leader in IT security and control, has discovered a worm which spreads by copying itself onto removable drives such as USB flash drives, in an attempt to spread information about AIDS and HIV. The W32/LiarVB-A worm hunts for removable drives such as floppy disks and USB memory sticks (as well as spreading via network shares), and then creates a hidden file called autorun.inf to ensur......
[more] Web forums hijacked to spread child porn Online forums on legitimate web pages are increasingly been taken over by cyber-criminals to promote child pornography, experts warned. Security firm Sophos said that the majority of hijacked forums are on legitimate websites, and one is even on a site designed for children. All the posts contain offensive words and hidden links to pornography sites."What is most worrying about these posts is that they are happening on legitimate sites. Any website c......
[more] Phishers go round the world to hook Aussie victims Researchers from Sophos have traced the route of a phishing attack that targeted Australian banking customers - the fraudsters used numerous compromised servers in Korea, the US and Malaysia. According to Sophos, the campaign kicked off when an attacker posing as a security company called "antifraud" e-mailed Australian account holders to warn them that their online banking services were to be suspended."Please note that from May......
[more] How Good Is Your Web Site's Online Reputation? Curious about what kind of reputation your company's Web site has in the online community? Starting today, it will be easier to find out. Secure Computing, a gateway security company, on Tuesday launched its Domain Health Check, a free Web service that gives users a behavior-based view of the messaging and Web reputation of their domains. Users who sign up are e-mailed a report about the security of their domain as seen and correlated from thousand......
[more] Image spam: In the picture Spammers are finding new ways to bypass filters, but that doesn't mean you have to let them bombard your inbox. Rob Buckley reports Need pain releif (sic)? Some Cialis, perhaps? Or maybe you'd like to invest in China YouTV Corp (CYTV)? You've probably received at least a few emails offering some of these things because they managed to sneak past your spam filters. Rather than using a simple text-based email, these spammers have embedded their kind offers into images, m......
[more] Sophos records 40% enterprise security growth in March quarter – outstripping rivals Symantec and McAfee Sophos, a world leader in IT security and control, today announced significant growth for its final quarter, ending March 31, 2007, led by the North American market. Sophos's worldwide bookings increased 40% with growth in North America topping 70% compared to the same quarter last year. The company also experienced strong growth in both Europe and Asia Pacific. The percentage of growth at S......
[more] Image spam lures recipients by hook-er by crook, warns Sophos IT security and control firm Sophos is warning internet users of a new image spam campaign offering the services of an online prostitute finder. The emails, which contain the subject line 'How about finding a girl in your town who is ready to help you take the pressure off?' include an image containing a weblink, which must be typed in manually by the recipient, as well as several sentences of seemingly random text. Sophos experts no......
[more] Malware authors cut out attachments Malware authors are shifting attack vectors from emails containing infected attachments to web pages embedded with malicious code, according to experts at Infosecurity Europe 2007.Security firm Sophos is reporting that the traditional method of sending malware via attachment is now falling out of favour and that the authors can now bury the code in web pages and just send out links to that page."We are seeing an average of 5,000 infected web pa......
[more] Malware hijacking genuine websites, claims vendor Up to seventy percent of the 5,000 websites found every day to be spreading malware turn out to be legitimate, security software vendor Sophos has said. The company's latest quarterly survey reveals the extent to which cyber-criminals use the web. "We're seeing less malware in email these days," said Graham Cluley, senior technology consultant for Sophos, "but criminals have turned to the web instead. Some days we see as many as 2......
[more] IT workers back 'Nasa hacker' McKinnon Fewer than half of IT professionals questioned in an online survey want 'Nasa hacker' Gary McKinnon jailed for hacking.A poll carried out by security company Sophos found that 48 per cent feel that jail is the most appropriate sentence if McKinnon is found guilty, while 42 per cent suggested community service and 10 per cent a fine. McKinnon looks set to be extradited to the US to face trial for allegedly hacking into computers belonging to the US Arm......
[more] Netsky still spam malware king Although protection has been available for more than three years, the Netsky family of worms still accounted for almost a third of all malware detected during the month of March, 2007. According to Sophos, the Netsky family had the biggest impact on computer users last month. Interestingly, just 0.18 percent - or one in 555 of all email - was infected in March, yet Sophos detected 8,835 new threats, bringing the total to 231,548. Sophos senior security consultant,......
[more] Security firms laugh at 'unstoppable Trojan' claims We laugh in the face of Trojans, and tweak the nose of the spindly killer worms Security firms have laughed off claims from Secure Computing that a new Trojan can evade traditional antivirus systems.Secure Computing's TrustedSource labs issued an urgent alert last night that the 'Mespam' Trojan was on the loose and that ordinary antivirus software would not be able to stop it."This threat signifies a trend towards blog, message boards and......
[more] MSN messenger serves up dodgy alerts Banner advertisements for a security application said to report false or inflated threats appeared for at least a few days on Microsoft's IM (instant-messaging) program, prompting warnings from security analysts. Microsoft appears to have removed the ads, which were displayed in the contacts panel for its IM program, Windows Live Messenger, said Sandi Hardmeier, a Microsoft Most Valued Professional, a designation the company gives to people who have expertis......
[more] First Vista bug found and fixed A critical vulnerability in Windows Vista has been found and fixed, a Microsoft security manager admitted on Wednesday. However, he argues that the flaw in the company's malware scanning engine isn't in the operating system's core code. Microsoft has repeatedly touted Vista as its most secure version of Windows ever, so watchers are eagerly awaiting the first vulnerability to be spotted and fixed. On Tuesday, Microsoft released 12 security updates to fix 20 vulne......
[more] Valentine's day virus is spreading fast A virus posing as a Valentines message has been spammed to email recipients in a global campaign, it was reported today. The Dref-AB worm attaches itself to emails with subject lines, including "Be My Valentine" and "Happy Valentine's Day", in an attempt to entice users into clicking on a malicious attachment, which activates the virus.Once activated, the worm is designed to download further malicious code onto the user's computer, whic......
[more] Microsoft Acknowledges Vista Anti-Virus Failed VB100 Test A Microsoft spokesperson confirmed to BetaNews this afternoon that it has learned its Windows Live OneCare anti-virus package has failed a test conducted by the respected British laboratory Virus Bulletin using Windows Vista Business Edition, disqualifying it from carrying the "VB100" logo denoting 100% detection of a selected battery of common "in the wild" viruses. However, the information Microsoft gave us indicates the company is not......
[more] Sophos Anti-Virus for Windows Vista wins VB 100% award Sophos, a world leader in IT security and control, today announced that Sophos Anti-Virus for Windows Vista has been awarded the accolade of VB 100% by Virus Bulletin magazine. This is the 36th time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available.Virus Bulletin tested 15 different anti-virus products for their detection rates, lack of false a......
[more] Sophos Application Control now blocks Windows games Solitaire's author blames his own game for unproductivity Sophos has announced that its Application Control software has been extended to give businesses the ability to control and block Windows computer games, including Solitaire, Minesweeper and FreeCell - some of the most popular games in the world. According to Sophos, the negative impact on company productivity caused by the games has meant that many organizations have shown significant in......
[more] eBay Closes 27 February? Phishers Lure Victims via Bogus E-mail Sophos has reminded computer users to be wary of phishing scams following the discovery of a scam that tries to steal usernames and passwords off eBay users by claiming the giant auction website will close for business on 27 February.The e-mails claim that eBay has decided to shut down its business at the end of next month, and is asking users to vote on whether they disagree with the decision. The e-mail claims that 50 per cent of......
[more] MSN password stealer released as torrent Malware designed to steal users' Windows Live Messenger password has been released onto the net. The password stealer was released for download via BitTorrent earlier this week by a hacker using the handle "Our Godfather".The malware comes in the form of an IMB download confirmed by anti-virus firm Sophos as containing a password-stealing Trojan horse. Victims would need to be tricked into downloading and executing the malware, which might be r......
[more] U.S. still world's spam leader While the percentage of infected emails declined significantly last year, web-related threats rose significantly, reported researchers at Sophos this week. Sophos also reported this week in its Security Threat Report 2007 that the United States continues to lead the world in spam production. Ron O'Brien, senior security analyst at Sophos, told SCMagazine.com today that attackers are switching methods. "There was a significant reduction in viral emails in 2006,......
[more] Australia winning the security war Australian companies are successfully winning the war against security threats according to a threat report released today by security vendor, Sophos. The report titled ‘Security Threat Report 2007' ranked Australia as the 43rd ‘web-based malware hosting country' in the world, seven places lower than its nearest neighbour, New Zealand.According to Paul Ducklin, head of technology at Sophos, a higher position like 29th or 8th would have been worrying......
[more] Sophos:Infected attachments replaced by malicious links While the percentage of infected emails declined significantly, the diminished risk was undone by an even more significant rise in Web-related threats, reported the experts at Sophos this week. Sophos released its Security Threat Report 2007 on Monday. Key to the findings was the fact that malicious attackers are using different means to attack individual users and corporations, said Ron O'Brien, senior security analyst for the company.&quo......
[more] Sophos acquires Endforce Sophos has announced that it has acquired Endforce, a provider of network access control (NAC) and endpoint securitypolicy compliance solutions for enterprise customers. Sophos will build on Endforce's position as a leading stand-alone NAC provider for organisations with more than 10,000 users, and also integrate NAC as part of its endpoint securitysolution. Endforce, based in Columbus, Ohio, has deployed its software-based NAC solutions to some of the most complex mult......
[more] Scam contract killer email blackmails recipients with death threat Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a spammed-out email that pretends to come from a professional hitman, hired to kill the recipient, but are really interested in stealing money. The emails claim that the recipient has been stalked by a hired assassin for 10 days, but that the hitman is prepared to drop the contract if he is paid a total of $80,000. Upon rec......
[more] Top ten malware threats and hoaxes reported to Sophos in December 2006 Sophos, a world leader in IT security, has revealed the most prevalent malware threats and email hoaxes causing problems for computer users around the world during December 2006. The figures, compiled from Sophos's global network of monitoring stations, show that the long-established Dref malware has made an unexpected return to the top of the threat chart, thanks to two new variants currently causing problems for computer u......
[more] Windows Vista used as bait in aggressive image spam campaign Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users of the threat posed by image spam following a new campaign which purports to offer a cut-price edition of Microsoft Windows Vista. Image spam, which uses a graphic embedded in an email rather than regular text, has grown in popularity amongst spammers attempting to communicate their marketing messages to internet us......
[more] Vista flaws are greatly exaggerated Despite some unfavourable reports, Windows Vista may turn out to be more secure than XP with SP2 In an analysis of a network of Trojan-infested PCs used for sending spam, security researcher Joe Stewart at SecureWorks in Atlanta found last month that 99.95 percent of the "bot-net" machines were running Windows, nearly half of which were Windows XP with Service Pack 2. This service pack was released in 2004 to address security issues but appears to ha......
[more] Microsoft denies flaw in Vista Microsoft has confirmed that Vista can be affected by malware from 2004, but argues this is not a flaw in the operating system. Security vendor Sophos reported on Thursday that Microsoft's Vista is vulnerable to at least three pieces of widespread malware, two of which date back to 2004. At least three well-known internet worms - labelled Stratio-Zip, Netsky-D and MyDoom-O by Sophos - are able to execute on the operating system, according to Sophos.However, because......
[more] Sophos Anti-Virus wins its 35th Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 35th time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available.Virus Bulletin tested 15 different anti-virus products for their detection rates, lack......
[more] Vista launch: New OS vulnerable to common threats Microsoft Vista is susceptible to common malware attacks that have been in the wild for more than two years, experts at Sophos warned this week. The antivirus company explained that without additional security protection, Vista is unable to stop variants of Stratio, Netsky and MyDoom from infecting systems loaded with the new OS. All three pieces of malware are well-known problems among security professionals, and Netsky and MyDoom have been infe......
[more] Three of the top ten malware threats run on Microsoft Vista, Sophos tests show Sophos, a world leader in IT security, has revealed the most prevalent malware threats and hoaxes causing problems for computer users around the world during November 2006.The figures, compiled from Sophos's global network of monitoring stations, show that the W32/Stratio-Zip worm has overtaken W32/Netsky-P as the most widely circulated piece of malware, accounting for one third of the total number of reports.Sophos......
[more] New version of Skype now harder to detect Skype-blocking companies have been scrambling to update their products after the recent release of a new version of the software that is even harder to detect and block. The beta of version 3.0 was made available only two weeks ago and, as expected, the client has been re-engineered to make its presence on network traffic tougher to spot, according to leading Skype-blocking outfit iPoque.There have been a number of subtle but important alterations in 3.......
[more] Sophos protects Microsoft Windows Vista Integrated protection delivers security and control on Vista platform Sophos, a world leader in IT security, today announced a new version of Sophos Anti-Virus which fully supports the Microsoft Windows Vista operating system. Sophos's proactive protection delivers businesses with a complete defense against viruses, spyware, adware and potentially unwanted applications (PUAs).Sophos Anti-Virus for Windows 2000/XP/2003/Vista, version 6.5 includes:Protection......
[more] Four cuffed over webcam Trojan scam Four people have been arrested in Spain over their suspected involvement in linked credit card theft and virus writing offences.Two 17-year-olds were arrested in Alicante on Wednesday and charged with writing a Trojan horse that allowed them to control the webcams of compromised machines at a local college. The duo allegedly used potentially embarrassing footage obtained through the ruse to blackmail victims.As part of the same inquiry (codenamed Operation Pr......
[more] Should banks stop mailing customers to avoid phishing concerns? Sophos comments Sophos, a world leader in integrated threat management solutions, stresses caution in recent statements that banks should stop emailing customers to avoid providing more temptation for phishers. According to media reports from ZDNet, the call to action, made by a security expert at Dimension Data, is in response to a recent legitimate Citibank email that customers mistakenly took for a phishing scam. Sophos says tha......
[more] Sophos raises awareness of security threats at Gitex in Dubai Sophos, a world leader in IT security, will be showcasing a range of products new to the Middle East region at the forthcoming Gitex event, held in Dubai later this month. Sophos can be found at stand U9-3 with local partner SAF Information Systems.Gitex is an important international IT exhibition, and the show is considered by many to be the main gateway to the Middle East market. Sophos will exhibit a range of its products includin......
[more] Dref-N email worm promises breaking news A new email worm is using bogus news headlines to lure users into opening its payload, security firm Sophos has warned. The emails contain links to headlines such as the 'outbreak of nuclear war' and the 'death' of George W Bush and Vladimir Putin to allow hackers to infect computers and steal information.The Dref-N worm arrives attached to emails with subject lines such as 'White house news!', 'Incredible news' or 'ATTN TO EVERYBODY!', and tries to......
[more] Macarena Mac OS X malware - no need to panic Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have advised Mac OS X users not to panic following the discovery of a new proof-of-concept virus. The worm, dubbed OSX/Macarena, has caused headlines in the press because new Macintosh malware is so rarely encountered compared to malicious code designed for Windows PCs. At the time of writing Sophos has received no reports of any customers who have encountered......
[more] Home users still a soft target for malware Common threats meeting with little resistance despite government campaign Well-known malware threats and hoaxes continue to head the list of the most reported online problems, despite a government campaign designed to educate users.Antivirus firm Sophos said that the list of threats for October contained the usual suspects, and that home users are still failing to heed the advice of the Get Safe Online campaign. "On the one-year anniversary of......
[more] Mass spam uses BMW to dupe users Hey, you've won €950,000 and a brand new BMW 5 Series Spammers are using the lure of a BMW car to trap users into falling for their latest scam, security firm Sophos has warned. The spam emails state that the recipient has won a BMW lottery and is entitled to €950,000 and a brand new BMW 5 Series car.The bogus message advises recipients to contact the 'claims department' and includes a fake corporate address, email address and telephone number to enhanc......
[more] Tricky new malware challenges vendors Worm propagates via e-mail, can then download new versions of itself every 30 minutes A tricky malicious program has become more prevalent in spam, but experts don't know what its creators plan to do with it.Many vendors are rating the malware -- called "Warezov," "Stration" and "Stratio" -- as a low risk. But they also say that it is tricky to deal with. The malware is a mass-mailing worm that affects machines running Microsoft......
[more] Sophos extends application control to block distributed computing programs Desktop software that hunts for aliens and investigates climate change unpopular among sysadmins, Sophos survey reveals Sophos, a world leader in IT security, has given companies the ability to control employees' use of distributed computing applications on corporate networks, following concerns that these programs can affect network performance. Such programs include SETI@Home and the BBC Climate Change Experiment. A sur......
[more] iPod Windows virus not correctly named says Sophos Security vendor Sophos claims that presently Apple is not displaying the correct name for the recently discovered iPod Windows virus listed on its website, instead referring to it by the name of a file commonly used in malware called RavMonE.exe. The virus, which was been shipped on a relatively small number of Video iPods sold in stores from mid-September, does not affect Apple Macs but propagates through storage devices connected to Windows ma......
[more] MySpace phishing scam targets music fans Con-men have developed a phishing attack targeting MySpace music fans that highlights the evolving use of social engineering techniques in money-making spam emails.Junk emails featuring the attack have been spammed out to thousands of computer users around the globe in the last week, to trick them into visiting one of a series of bogus websites that pose as an online music store. The emails typically pose as MySpace contact emails, increasing the chances......
[more] Sophos launches new suite of it security solutions for small businesses Sophos announced the availability of its new integrated security solution for small- to medium-sized enterprises (SMEs). The launch of the product coincides with research discovering that most small businesses are failing to adequately protect themselves from malicious attack.Sophos Security Suite provides an all-in-one defence against threats on Windows and Mac computers, laptops and servers. The software has been designed......
[more] Anti-virus technique adds muscle to PC lock-down Sophos has developed an innovative anti-virus-based approach to locking down PCs To identify malware, anti-virus products use a signature file that acts as a fingerprint of the virus or worm. Sophos has now applied the same principle to legitimate applications, giving IT directors a simple way to lock down desktop PCs.The company's anti-virus and application control product lets system administrators selectively block unauthorised VoIP, peer-......
[more] Sophos implements behaviour blocking Sophos has equipped its products with their so-called Behavioral Genotype Protection enhancement. This is aimed at identifying applications which exhibit suspicious behaviour, such as adding autostart keys to the registry and opening a port in listening mode. In contrast to competitor products, the code is not executed - the behavioural blocking is purely an enhancement to the scan engine and is essentially signature-based in its function. According to Senio......
[more] Stock Spam Makes Up 15% of All Spam The spam wars are hardly over. Testimony to this is a new version of junk mail that seems to bypass many otherwise efficient spam blockers. It’s called stock spam, emails sent out recommending penny stocks from energy and mining companies. Research has shown that stocks touted on mass mailed out emails experience noticeable activity on the stock market, making stock spam highly successful. According to Sophos.com, an internet security company, 15 percent of al......
[more] Top ten malware threats and hoaxes reported to Sophos in September 2006 The battle for the top position between Mytob.c and Nyxem.e continues for the third month in a row. After losing considerable ground in August, in September Nyxem improved its position by almost two percentage points, while Mytob.c dropped by six percentage points. As a result, the current difference between the two malicious programs at the top of the rating is only about 4%.Still, the outcome of this confrontation is pred......
[more] Sophos announces new proactive anti-malware technology Security software vendor Sophos has announced the availability of its Host Intrusion Prevention System (HIPS), which proactively identifies and blocks programs that behave suspiciously before they execute. Sophos's Behavioral Genotype protection technology, which has been fully integrated into all of Sophos's anti-virus solutions, can detect unknown spyware and malware without a false positive problem and without the need to install any add......
[more] Computer crime laws worry security pros Moves by several European countries to tighten laws against computer hacking worry security professionals who often use the same tools as hackers but for legitimate purposes. The U.K. and Germany are among the countries that are considering revisions to their computer crime laws in line with the 2001 Convention on Cybercrime, a European-wide treaty, and with a similar European Union measure passed in early 2005. But security professionals are scrutinizing......
[more] Sophos offers free application killer Sophos has become the first security vendor to give a standard anti-virus client the ability to block a range of risky applications, including VoIP, instant messaging, and P2P programs. The new feature comes in the form of a free signature upgrade to the company's Anti-Virus 6.0 software, and can stop a named list of programs from running on any PC on which the software is installed. Notable on this list are Skype and Google Talk, IM clients such as AIM, MS......
[more] Microsoft Rushes Patch for VML Exploit Sophos Labs now rates as "critical" a re-emerging exploit to Microsoft's Vector Markup Language (VML) library, which Microsoft now says it will try to patch before its original October 10 deadline, announced on Thursday. This comes as the SANS Group raises its InfoCon level officially to "yellow," "to emphasize the need to consider fixes."In the meantime, a group of software engineers called the Zeroday Emergency Response Team......
[more] Spammers use 'video tributes' to trick users Security vendor Sophos has issued a warning about a recent spam campaign designed to harvest email addresses by attracting readers to websites offering topical "video tributes".The sites offer a range of teasers for video tributes to 9/11 victims, Anna-Nicole Smith and Steve Irwin, "The Great Crocodile Hunter".To view the full videos, users need to provide their email address - something which seems harmless enough unless they vis......
[more] Morocco sees good in hacker's conviction Morocco's most internationally famous criminal of late is not a terrorist or serial killer, but a teenager with a knack for computers. The conviction this week of a Moroccan science student for unleashing the Zotob worm that ravaged U.S. computer networks last year could even be cast as proof that this agriculture-dependent, unemployment-plagued nation is making its mark on the digital world.In August 2005, Zotob crashed computers across the United State......
[more] New trick adopted by spammers to harvest email addresses Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users to think before forwarding chain letters after discovering a new scam being used by spammers to collect email addresses. A spammed email campaign, seen by Sophos, poses as a research project into chain mail and joke messages that are frequently sent between email users around the world. Chain letters and jokes can easily......
[more] Trojan lurks in fake news.com.au site Australian banking customers have been targeted by a new security threat that takes the form of an online news article warning that local banks will be closed for a week.The email appears to be a link to a news story on News Ltd's news.com.au site, but according to Australian Computer Emergency Response Team, Auscert, when a user connects to the spoof news website, a malicious Trojan is automatically downloaded.The subject bar of the email reads: "News......
[more] Spam laws fail to measure up Microsoft has bypassed criminal anti-spam laws and reached an out-of-court settlement with a UK spammer after bringing a civil case against the man for breach of Hotmail terms and conditions.Spam laws introduced in 2003 have yet to produce a single criminal prosecution, and critics say this case highlights the alternative routes businesses are having to take to combat the problem.Figures from campaign group Spamhaus show almost 75 per cent of all email is now spam.M......
[more] Disagreement Over '0-Day' Word Worm Last weekend's disclosure of an alleged security vulnerability in Microsoft Word 2000, exploited by a new version of an old worm, is raising questions over what constitutes the severity of an exploit. Is it the degree to which we know about it, or the number of systems out there it could possibly hurt?A blog post last Sunday on Symantec's Web site characterizing the latest permutation of a months-old exploit as "zero-day" contributed to security fir......
[more] Firms targeted in spam share scam Spammers hoping to manipulate the stock market have begun approaching firms, offering to raise their share price in exchange for a percentage fee. Security experts at Sophos say they have uncovered an e-mail offering a free one-day trial to company bosses. So-called "pump-and-dump" spam asks recipients to buy cheap shares, which then rise in value, making money for spammers who already hold stock. Sophos says the scam has grown from 0.8% to 15% of spa......
[more] Nearly 2,000 Malware Threats and Hoaxes Discovered in August Sophos released August's top ten global malware threats and hoaxes, and released further proof that rootkits continue to infiltrate innocent computer users. Sophos identified 1,998 new threats in August, bringing the total number of malware protected against to 186,665. The majority of the new threats (71.8 percent) were Trojan horses, which, in most cases, are specifically targeted at particular groups of people and do not spread on......
[more] Two years on, Netsky-P tops virus charts Netsky-P led the top 10 chart for malicious software threats in August, retaining its rank despite the availability of fixes for more than two years. During August, Netsky-P accounted for 19.9 percent of all malicious software incidents reported, according to a report released Friday by security researcher Sophos. Netsky-P, which remains the most widely spread of the e-mail worms, was ranked the worst virus of 2004. Just one in 278 e-mails were infected......
[more] Vicky's sex partner graphic email points to malicious Trojan horse Experts at SophosLabsTM have warned that hackers are stealing the tricks used by image spammers to infect computer users with malicious code. Experts based in Sydney, one of Sophos's global network of virus, spyware and spam analysis centers, have discovered email messages are being sent to Australian computer users claiming to come from a young woman visiting the country. Unusually, the malicious emails contain no text, but an......
[more] Windows patch and iPod exploited in e-mail scams Fake Windows security patches and rogue iPod invoices have been making the rounds this week as spammers continue trying to fool people into installing Trojans on their PC. Internet threat monitoring firm Websense issued an advisory on Wednesday about a fake e-mail that encourages recipients to install a patch to fix a Windows vulnerability described in Microsoft security bulletin MS05-039.According to Websense country manager Joel Camissar the e-m......
[more] Sophos expert discusses rootkits in latest podcast Vanja Svajcer reveals what rootkits are, and how to protect against them Sophos, a world leader in protecting businesses against computer threats, today announced that it has published a new podcast discussing the threats posed by rootkits. Rootkits are software frequently used by third parties - usually a hacker - to hide other software and processes using advanced stealth techniques. Malicious code, such as spyware and keyloggers, can be invis......
[more] Sophos nominated "Security Vendor of the Year" in CRN Channel Awards Sophos has been nominated as 'Security Vendor of the Year' in this year's UK Channel Awards, run by Computer Reseller News. The CRN awards are one of the channel's most prestigious and respected events. "We're delighted to have been shortlisted for this award, because it underlines that our efforts in building excellent channel relationships have been spot on," said Stuart Small, UK Sales and Marketing Director. &quo......
[more] Spammers scam child protection group to propagate trojan Emails that appear sent by an anti-child pornography nonprofit group - but in fact are being delivered by spammers - are trying to use scare tactics to get unsuspecting recipients to download a trojan, a security firm warned today. The spam claims the recipient's email address was discovered in a "child porn database" discovered by the Los Angeles-based Association of Sites Advocating Child Protection (ASACP). In the message, the......
[more] Security firms develop anti-rootkit tools Antivirus firms Trend Micro and Sophos have developed new tools to discover rootkit infections but both are attacking the problem from a slightly different angle. Rootkits are powerful programs that alter the kernel of an operating system, which allows them to hide certain files or applications from the underlying OS. In April, antivirus firm McAfee said the number of rootkits found by its emergency response team in the first quarter of 2006 had increase......
[more] Group slammed for creating 'test' viruses A consumer magazine has been condemned for possibly adding to the virus problem by creating a series of 'test' viruses just to review antivirus scanners. In an act that has long been considered technical taboo, US consumer affairs organisation, ConsumerReports.org, decided to generate 5,500 'test' viruses to run, under lab conditions, against 12 leading antivirus software products. The organisation's own website describes the methodology used: "To......
[more] Katrina website fraudster indicted A Miami man has been indicted on charges he sold phishing kits that included software used to develop a phony American Red Cross-run Hurricane Katrina relief website. Jovany Desir, 20, was charged with wire fraud in a five-court indictment handed up Thursday that also accuses him of setting up phony banking, auction and online payment sites with the goal of pilfering account information and passwords from unsuspecting visitors. According to prosecutors, Desir c......
[more] Italian PM Focus Of Trojan Email A bogus email claiming Italian prime minister Silvio Berlusconi has been murdered by an Israeli soldier contains a Trojan file that can infect a Windows PC. The fake email purportedly comes from bbc.italy2006@bbc.com, with a variety of subject lines like "Berlusconi la morte", "Berlusconi di terrorismo", "Berlusconi Tragedia", and "Berlusconi di omicidio." Security software firm Sophos reported a Trojan horse called Troj/D......
[more] JFK assassination secrets for sale in latest email scam Experts at SophosLabsTM, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users to be wary of an email claiming to come from a dying KGB agent offering to pass on secrets of the John F Kennedy assassination. Sophos believes that the spammed email campaign is an attempt to lure unsuspecting lovers of conspiracy theories into handing over cash and confidential information to internet scammers. The ema......
[more] Sophos Anti-Virus wins its 33rd Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 33rd time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available. Virus Bulletin tested eight different anti-virus products for their detection rates,......
[more] Spammers dust off their botnet passports Criminals who remotely infect PCs for the purpose of using them to relay spam messages are targeting new countries and regions in order to increase the number of machines they can enlist.UK and US internet service providers have seen their networks riddled with infected PCs in the last few years and those PCs have been used to relay vast spam campaigns. But as these networks - called botnets - get cleaned up, so they must be replaced.Now it seems the bot......
[more] PayPal and eBay top phishing hit-list Web giants' popularity encourages fraudsters, says Sophos Users of eBay and PayPal are the target of more than 75 per cent of all phishing emails, IT security experts have found.The emails typically point recipients to bogus websites that look like the real PayPal or eBay, but which are designed to steal user names and passwords. Researchers at security firm Sophos scanned all phishing email messages received so far during 2006.The results indicated that 54.......
[more] US heads global spam league of shame The US remained at the top of the chart of spam-relaying nations during the second quarter of 2006, accounting for 23.2 per cent of the world's unsolicited email.The closest rivals to the US are China and South Korea, according to figures from IT security firm Sophos, although both of these nations have managed to reduce their statistics since the first quarter of 2006.But the US has failed to reduce its spam problem for the first time in more than two years......
[more] Sophos podcasts debate latest IT security issues Sophos, today announced that it will record regular podcasts in which its experts will discuss and debate the latest malware threats, industry developments and long term security issues. The podcasts will provide valuable insight into the changing threat environment as well as the steps that businesses must take to protect themselves. In the first podcast, released on Sophos's website today, Carole Theriault interviews Graham Cluley, senior techn......
[more] Sophos to reduce IT security overheads by 25% at DaimlerChrysler DaimlerChrysler UK, which is responsible for the distribution, sales and marketing for Mercedes-Benz, Chrysler, smart, Mitsubishi Canter, Jeep and Dodge in the UK, has successfully protected the email traffic at its nationwide dealerships, using Sophos's new email security appliance and industry-leading anti-virus and anti-spam software. This move is set to substantially reduce administrator and network overheads - saving th......
[more] New phishing scam uncovered A new phishing email is targeting PayPal users trying to trick them into calling a phone number and revealing their credit card information.Security company Sophos says the email purports to come from PayPal and claims the recipient's account has been the subject of fraudulent activity.Unlike normal phishing scams, there is no internet link or response address, but instead a prompt to call a phone number and verify their details.When dialled, users are greeted by an......
[more] IT world split on whether "Pentagon hacker" should be extradited, Sophos poll reveals A poll of over 500 IT professionals has found that the industry is virtually split in two over whether it is right for a British man to be extradited to the USA for allegedly breaking into Pentagon and NASA computers. Gary McKinnon, a self-confessed computer enthusiast from North London, is alleged to have hacked into computers belonging to the US Army, US Navy, US Air Force, Department of Defense and NASA. Br......
[more] Get your Mac, it's raining Trojans Security firm Sophos has issued a call for home computer users to ditch the Windows operating system and switch to Macs for the sake of their safety online.The call came as part of a report detailing the main trends in malicious software so far this year. The main finding was that all of the top ten threats to online users targeted the Windows environment.The good news is that viruses and worms seem to have hit "so last season" status, and the number......
[more] AOL instant messenger worm poses as Microsoft's Windows Genuine Advantage AOL Instant messenger (IM) users were warned this week of a new worm that poses as Microsoft’s controversial Windows Genuine Advantage (WGA) program. Researchers at Sophos said the WGA worm, known as Cuebot-K, spreads by AOL Instant Messenger and registers itself as a new system driver service named wgavn. The malware uses Windows Genuine Advantage Validation Notification as a display name and runs during system startup, a......
[more] England's World Cup exit to thwart spam campaigns World Cup fever has led to a significant increase in the number of spam campaigns targeting businesses across the globe, according to a new report. Experts from Sophos have observed emails informing employees of bogus FIFA-sponsored lottery wins, World Cup mobile phone offers and even tickets to matches, as opportunistic cybercriminals look to exploit the widespread enthusiasm for the tournament. "Spammers are taking advantage of the fact t......
[more] Worm appears as Microsoft antipiracy program Security analysts have detected a new piece of malware that appears to run as a Microsoft program used to detect unlicensed versions of its operating system. The malware has been classified as a worm and spreads through AOL's Instant Messenger program, said Graham Cluley, senior technology consultant for Sophos, a security vendor. Sophos is calling it W32.Cuebot-K, a new variation in the Cuebot family of malware. The worm has a range of mal......
[more] Secrets of stock spam scams revealed Junk emails promoting false stock information have been proven to be surprisingly effective Spam that contains fraudulent stock information has been proven to influence the financial markets, German researchers have found. So-called "pump-and-dump" scams, where spammers send out false stock information to encourage people to buy shares, were found to both increase the traded volume and artificially boost the share price, said researchers from the Te......
[more] World Cup spam disrupts workers as football tournament heats up Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have reported that workers around the world are being disrupted by spam campaigns related to the World Cup as the international soccer tournament draws closer to its conclusion. World Cup-related spam campaigns seen by Sophos include notifications of bogus FIFA-sponsored lottery wins, deals to get cheaper phone calls until the end of the tou......
[more] Spammers pump and dump cosmetic firm's shares A "widespread spam campaign" has been uncovered that attempts to make money by encouraging users to buy stock in a company called Southern Cosmetics and illegally inflating its stock price.The emails, which consist of an embedded graphic in an attempt to avoid detection by anti-spam filters, tell recipients that savvy investors should buy stock in the company because of business deals it is making with cosmetics firm Naomi LLC.Since t......
[more] Coca-Cola lottery notification email is not the real thing Scam attempts to steal money and commit identity theft Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of an email scam that pretends to be notification of a lottery win from Coca-Cola. The emails, which have the subject line "COCA COLA PROMOTION", have been spammed out to internet users claiming that the recipient has won $2.5 million in a lottery held by Coca-Cola earlie......
[more] Fewer viruses in email, says Sophos The proportion of email messages that contain malware has fallen for the first six months this year compared to the same period last year, Sophos said yesterday. Statistics released by Sophos show that about one in 91 email messages contained a virus or other types of bad software, far less than the one-in-35 figure of a year ago, said Graham Cluley, senior technology consultant. Sophos provides enterprise-level antivirus, spam, adware and malware protection......
[more] Fewer e-mails bear malware The proportion of e-mail messages that contain malware has fallen for the first six months this year compared to the same period last year, Sophos PLC said on Wednesday. Statistics released by Sophos show that about one in 91 e-mail messages contained a virus or other types of bad software, far less than the 1-in-35 figure of a year ago, said Graham Cluley, senior technology consultant. Sophos provides enterprise-level antivirus, spam, adware and malware protection pr......
[more] Sophos issues World Cup virus warning Consumers and businesses need to be extra vigilant against virus threats from hackers taking advantage of World Cup fever, according to a security warning from Sophos."In the past we've seen viruses exploiting the popularity of celebrities like Anna Kournikova. David Beckham or Wayne Rooney could be next," Graham Cluley, senior technology consultant at Sophos, told vnunet.com. "Businesses need to ensure that staff are not downloading unknown......
[more] Sophos Anti-Virus wins its 32nd Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 32nd time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available. Virus Bulletin tested 27 different anti-virus products for their detection rates, lac......
[more] Sophos cracks ransomware Trojan code Antivirus firm Sophos has cracked the password needed to unlock files held to ransom by the Archiveus ransomware. A nurse in Greater Manchester became one of the first people in the UK to have her files encrypted by a ransomware program that demanded money before it would unlock them. Users trying to access the files are directed to a new file containing instructions on how to recover the data."Do not try to search for a program that encrypted......
[more] New World Cup worm sighted World Cup fever is escalating among hackers, with security vendor Sophos revealing a new worm, and warning that seemingly harmless World Cup screensavers, spreadsheets and electronic wall charts are ideal vehicles to spread viruses and worms. The latest e-mail worm includes the German-language message "WM-Tickets" or "Weltmeisterschaft," and contains an attachment, which, when opened, activates the W32/Zasran-A worm. The worm is programmed to send......
[more] Zombie king suspect alleged to have sent 18 million spams per day Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis center, have welcomed the news that the South Korean authorities have arrested a man suspected of running a 16,000-strong network of zombie computers. According to the state-backed Korea Information Security Agency (KISA), the man is believed to have sent 18 million spam emails to 133 countries every day from his network (or botnet) of compromised......
[more] Killjoy Trojan deletes warez and smut Virus writers have created a Trojan that deletes illicit files from compromised Windows PCs in addition to harvesting data from infected machines.Erazer-A is spreading (albeit modestly) across P2P networks, where it poses as useful program files, or through chat programs.If executed, the malware scours folders used for P2P apps for AVI, MP3, MPEG, WMV, GIF, ZIP and other files. It then erases any porn, warez, music or any other matching file type found in P......
[more] Virus leaks power plant secrets for second time in four months Experts at SophosLabs, Sophos's global network of virus and spam analysis centers, have reminded companies of the importance of computer security after it was revealed revealed that sensitive information about power plants has been leaked onto the internet from a virus-infected computer for the second time in less than four months. According to a Japanese media report, sensitive security information about a thermoelectric power plan......
[more] Man jailed for using spyware to monitor US government A man has been sentenced to jail for using spyware to gain unauthorised access to US government computers.Kenneth Kwak, a 34-year-old system auditor who had been working on the computer security of the US Department of Education, admitted placing spyware software on his supervisor's PC.This software enabled him to access emails and other information. Kwak, of Chantilly, Virginia, then shared the information he gathered with others in his off......
[more] New worm hoots at users Researchers at Sophos are warning PC users about the W32/Hoots-A worm, which sends a picture of an owl to attached network printers. The unusual malware is written in Visual Basic and spreads through network shares, according to a company advisory. Once installed on a network, the worm sends a picture of an owl with the words "O RLY?" to a number of print queues. Graham Cluley, senior technology consultant, said the malware is most likely the work of......
[more] Hacker's Work Plagues PCs Two Years After Arrest Named the worst worm of 2004 by some anti-virus firms, the Netsky worm is still the No. 1 reported virus in the world, according to Sophos. Its 18-year-old creator, meanwhile, got off lightly, with a suspended sentence and 30 hours of community service. Two years after the arrest of a noted hacker, his creation remains at the top of the virus charts, a security company said Wednesday, proving just how long an Internet affliction can last. May 8,......
[more] World Cup Virus Season Kicks Off The FIFA World Cup 2006 tournament won't get underway in Germany until early June, but computer virus writers are already attempting to cash in on the planet's most popular sporting event with viruses aimed at deceiving eager soccer fans. Researchers at UK-based Sophos released notification of a new attack that infects Microsoft Excel files and has been disguised as a spreadsheet charting the national teams participating in the World Cup. Identified by the secur......
[more] Two years after author's arrest, Netsky worm still tops virus chart Author of Sasser and Netsky worm arrested 24 months ago, but malware still spreads Two years ago today, on 8 May 2004, a German teenager was arrested in connection with the widespread Sasser and Netsky worm outbreaks. 18-year-old Sven Jaschan of Waffensen, North Germany, wrote a series of worms which hit tens of millions of computers around the world. Experts at SophosLabsTM, Sophos's global network of virus, spyware and spam an......
[more] Viruses no longer top security threat Trojans and spyware taking over Early reports of malware distribution in April show that viruses are swiftly declining as a threat in comparison with other malicious software.Separate research from Fortinet and Sophos shows that the top viruses were mainly old timers, and that Trojans and spyware are coming to the fore in their place.Fortinet in particular reported that Adware/BetterInternet was its top threat last month, accounting for nearly one in eight a......
[more] Trojan Freezes Computer, Demands Ransom A new kind of malware circulating on the Internet freezes a computer and then asks for a ransom paid through the Western Union Holdings money transfer service.A sample of the Trojan horse virus was sent to Sophos, a security vendor, said Graham Cluley, senior technology consultant. The malware, which Sophos named Troj/Ransom-A, is one of only a few viruses so far that have asked for a ransom in exchange for releasing control of a computer, Cluley said.The......
[more] IT managers want security costs to reduce IT managers are requesting simpler applications that can deal with a range of threats at a lower cost, said the top executive of security vendor Sophos."At the end of the day, the IT administrator does not care if it is spam or a virus," said Steve Munford, chief executive officer. "All they care is there is bad stuff coming off the Internet... and they want one vendor to protect them."Gateway e-mail filtering is evolving. IT manager......
[more] Security standoff over PC-PDA malware code Code for a 'PC to mobile' virus that emerged last week has not been shared between some antivirus researchers and vendors, amid allegations of bullying and untrustworthiness Mobile antivirus researchers and antivirus companies are at loggerheads over access to code for a PC-to-mobile Trojan. The Mobile Antivirus Researchers Association (MARA) said last week that it had received proof-of-concept code last week for Crossover, which MARA claims is malware......
[more] AOL to see phishers in court AOL is using the long net of the law to snag three “phishing gangs” from the wild. The internet service provider (ISP) filed three civil suits against unnamed phishers in Alexandria, Va., federal court for the state's Eastern District.The lawsuits are the first time a major ISP has cited the state's anti-phishing statute, which was adopted last July. The suits also cite numerous federal laws and seek damage awards of $18 million, AOL said in a Tuesday statement.Curt......
[more] Olympic Torch virus exposed as a hoax Security experts have warned surfers not to fall for a new hoax spreading across the internet, posing as a warning of a non-existent virus. The Olympic Torch hoax warns email users to be wary of emails with the subject line "Invitation", and claims that it has been classified as "the most destructive virus ever".
The hoax claims that the "virus simply destroys the Zero Sector of the Hard Disc". IT security firm Sophos reported yesterday that it is receivi......
[more] Virus attacking Apple Macintosh PCs found-experts A malicious computer worm has been found that targets Apple Computer Inc.'s Mac OS X operating system, believed to be the first such virus aimed specifically at the Mac platform.
The worm is called OSX/Leap-A, according to a posting on the Web site of antivirus software company Sophos, which said the worm is spread via instant messaging programs.
The worm attempts to spread via Apple's iChat instant messaging program, which is compatible with......
[more] Sophos Makes First Foray into Email Appliances Anti-virus software vendor Sophos Plc is to take a first step into the appliance market with an email security device that guards against virus, spam and policy abuse. The new general-purpose ES4000 unit is said to be the first in a planned series of appliance launches, with separate versions targeted at the needs of small businesses and big business slated to follow. A combined web security and instant messaging appliance is also on the cards.
"Th......
[more] 3 February virus: Are we ready for it? Antivirus companies are at odds over the severity of a time-bomb virus which is set to go off on 3 February. The so-called Nyxem virus has so far infected 300,000 computers around the world, most of which are outside the UK.
Mikko Hypponen, head of antivirus research for F-Secure, said: "It's going to be a pretty big problem in Turkey, Peru and Italy but not much of a problem in the UK. There are hundreds of thousands of computers that have been affected.......
[more] Sex assault spam duping college students Security analysts at Sophos have warned of a new trojan sent to colleges in North America and the United Kingdom disguised as a plea to help authorities locate an alleged campus rapist. The Troj/Sinx-N trojan spams emails with a subject line of "CCTV still of Rapist," "Do you recognize this person?" or "Campus Student Raped," Sophos said Friday.
Users who click on the attached files, which claim to be photographs of the suspect, will launch malware onto......
[more] Two years after Gates prediction, spam still exists It has been two years since Microsoft's Bill Gates made the bold prediction that spam would be a “thing of the past," but the problem is still as bad as ever, according to new figures released. The research by anti-virus company Sophos found that the level of non-English spam has risen, with the vast majority now being relayed by "zombie" computers hijacked by trojan horses, worms and viruses under the control of hackers.
Sizeable increases a......
[more] Sophos Spam Data Shows China Still High Unsolicited Bulk Email Producer Anti-spam and anti-virus software company Sophos has published its latest report on the top twelve spam relaying countries for the last quarter of 2005. Sophos scanned all spam messages received in its global network of spam traps, and have revealed that although the United States still tops the chart, it has made significant reductions, and for the first time accounts for less than one quarter of all spam relayed. China ra......
[more] Nazi worm author prepares Net meltdown A security headache is brewing as the payload of various Sober worms is activated tonight.
According to security experts that broke the worm's encrypted code, 5 January 2006 is the date set for it to download code from various Web addresses on the Net. As such, at the stroke of midnight, the worm's author may or may not choose to turn on various websites and causes widespread problems across the Internet.
The date coincides with the 87th anniversary of......
[more] Sophos appoints new CEO UK security firm Sophos has appointed a new chief exec. Steve Munford is stepping up from chief operating officer to head the firm as a replacement to Sophos's co-founders and former joint CEOs, Dr. Jan Hruska and Dr. Peter Lammer. Both Hruska and Lammer will remain on the company's board.
Munford first joined Sophos in 2003 after its acquisition of the anti-spam specialist ActiveState, where he was president. He moved on to serve as president of Sophos for North Americ......
[more] Sophos: Gates will be proved wrong about spam Bill Gates' 2004 prediction that spam would be eradicated by 2006 is very unlikely to be fulfilled, Sophos has warned. Bill Gates' prediction of January 2004 that spam would be "a thing of the past" within two years has virtually no chance of coming true, according to security company Sophos this week.
Sophos warned on Tuesday that spam will continue to be a major problem in 2006.
"Sophos believes that the rumours of spam's death have been greatly......
[more] Spammers sell fake watches with Santa's Chocolate Sleigh Bell Cookies recipe Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have identified a new marketing trick being used by spammers in their attempt to sell fake luxury watches in the run-up to Christmas: they are sending cookie recipes.
The unsolicited email messages contain a detailed recipe, including ingredients and instructions, on how to make "Santa's Chocolate Sleigh Bell Cookies". The spa......
[more] Sophos: Gates will be proved wrong about spam Bill Gates' 2004 prediction that spam would be eradicated by 2006 is very unlikely to be fulfilled, Sophos has warned Bill Gates' prediction of January 2004 that spam would be "a thing of the past" within two years has virtually no chance of coming true, according to security company Sophos this week.
Sophos warned on Tuesday that spam will continue to be a major problem in 2006.
"Sophos believes that the rumours of spam's death have been greatly e......
[more] UK cyber Czar gains support The idea of creating appointing a “cyber Czar” to oversee the UK’s fight against digital crime has gained some support, after a week of criticism.
MP Mark Pritchard used a debate in the House of Commons last week to call for the creation of a unified cyber-security agency to he headed by a “Czar” figure to protect the country’s computing infrastructure.
The job of cyber security is currently managed by a number of government agencies, most prominently the National......
[more] Security firms warn of new Microsoft threats Two security firms Friday issued new warnings about two separate threats affecting Microsoft products.
Sophos reported evidence of new malware planted on Web sites that exploits a previously announced -- and as-yet-unpatched -- Internet Explorer security vulnerability. The Clunky-B Trojan horse allows hackers to install and run malicious software on users' machines when they visit sites containing the malware, said Graham Cluley, a senior technology......
[more] Sober Tops November Virus Chart Security provider Sophos has revealed the top ten viruses affecting PCs around the world during the month of November 2005.
The report, compiled from Sophos' global network of monitoring stations, reveals that, despite being detected very late in the month, the Sober-Z worm has stormed to the top of the charts, and at its peak accounted for one in every 13 emails sent. The proliferation of Sober-Z has caused Netsky-P, the worm written by convicted German teenag......
[more] Sober Worm Hidden In Fake CIA E-Mails Remains Threat One in every 14 E-mail messages passing through the filters of U.K.-based Sophos carried the Sober payload, with the worm accounting for 85% of all malicious code detected. Sober.x, the year's biggest worm outbreak, showed little signs of slowing Monday, a security company reported.
One in every 14 e-mail messages passing through the filters of U.K.-based Sophos carried the Sober payload, with the worm accounting for 85 percent of all malici......
[more] Thanksgiving will bring a Sober hangover The largest virus outbreak this year will gain new momentum when the US comes back from its Thanksgiving break, say experts. IT managers should brace themselves The latest outbreak of the Sober worm will accelerate as US computer users turns the PCs back on after the Thanksgiving holiday, security firm MessageLabs warned on Friday.
Business users will return from the break and open mail that has been sitting in their inbox since the first hours of the a......
[more] Latest Sober threatens e-mail gateways The latest Sober worm, first spotted over the weekend, has generated the vast majority of virus-laden e-mail traffic in the past 24 hours and could cause problems for corporate e-mail gateways, security companies said. This variant of Sober generates e-mails that purport to be from the CIA or FBI. These messages tell the recipient they have been looking at illegal Web sites and should answer some questions in the e-mail's attachment. If the attachment is o......
[more] Sophos Anti-Virus wins its 30th Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 30th time Sophos Anti-Virus has won a VB 100% award, confirming its position as one of the most powerful virus protection products available.
Virus Bulletin tested 27 different anti-virus products for their detection rates, lack of false alar......
[more] October breaks malware production records October saw the biggest increase in virus numbers since anti-virus firm Sophos began tracking outbreaks in 1988. The security vendor now identifies and protects against a total of 112,142 viruses, an increase of 1,685 on September.
Rather than creating new viral strains, the bad guys are churning out multiple new variants of popular backdoor programs such as Agobot, SdBOt, various Trojan downloaders and the like. Anti-virus firm F-Secure notes that man......
[more] Spammers exploit bird flu fears Increasing amounts of spam offering drugs to deal with bird flu have been reported across the world's email systems.
Security firm Sophos is reporting a large increase in emails offering online purchases of Tamiflu, the drug manufactured by Roche that is the only known medicine for dealing with the human version of avian flu.
But according to Roche, which has investigated similar scams, it is unlikely that the drugs on offer are real.
"Spammers are not intere......
[more] UK becomes key spammer The nation which made the food 'spam' famous, is rapidly becoming a world centre for junk mail baring the name. According to security outfit Sophos, the proportion of spam coming from the UK has increased.
Apparently in Blighty you can get egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam.
The country is responsible for 1.......
[more] Sophos joins drive to cure virus-naming confusion Sophos has announced that it has joined the editorial board for the Common Malware Enumeration (CME) initiative, an industry group whose aim is to provide unique, common identifiers to new malware threats. Sophos has announced that it has joined the editorial board for the Common Malware Enumeration (CME) initiative, an industry group whose aim is to provide unique, common identifiers to new malware threats.
The CME initiative aims to mitigate c......
[more] NetSky-P tops moribund malware chart September marked a quiet month on the malware front with virus levels at a yearly low and the long-running NetSky-P worm stuck at the top of virus nuisance charts.
Virus-laden email volumes dropped for the third consecutive month from 2.01 per cent in August, to 1.75 per cent in September to reach their lowest levels this year, according to email security firm BlackSpider Technologies. BlackSpider blocked over 2.8m virus contaminated emails during September......
[more] Sophos Defends Northern Ireland's Government Health Networks The Northern Ireland Department of Health, Social Services and Public Safety has deployed Sophos's complete suite of computer security solutions to defend the Health and Personal Social Services (HPSS) networks against viruses, spam, Trojans, worms and spyware. The Sophos licence, which now covers the Department's Directorate of Information Systems (DIS) and 27 HPSS sites, lasts for three years and was provided by Foursys, Sophos's UK......
[more] Sophos exceeds growth expectations Global security provider is set to build on its successes with forthcoming firewall and adware detection launches Sophos, a world leader in protecting business against viruses, spyware and spam, today announced an increase in annual turnover of 19.2% to £66.2 million ($122.6 million USD) for the year ending March 2005. Sophos has achieved year-on-year growth, ahead of the industry average, thanks to strong market demand for its integrated IT security solutions.......
[more] Staff unknowingly breaching IT rules Staff put their business at risk by engaging in potentially dangerous online activities, according to new study. Research from Sophos shows that many employees continue to use their workplace computers in an irresponsible manner despite safety instructions from their IT departments.
Some 63% of IT managers said they believe that workers do not follow their safety guidelines and are putting firms at risk everyday.
Simple activities that may seem innocuous, s......
[more] Sophos: 'Don't rely on antivirus software' Because viruses are not the only serious threat... Security vendor Sophos has warned companies not to rely on antivirus software to protect their IT infrastructure and systems.
Speaking at the Information Systems Security Association conference in London on Thursday, Vanja Svajcer, senior virus researcher for Sophos, said companies should also look to alternative technologies and procedures to ensure their IT assets are secure.
Svajcer said: "I always......
[more] Sophos joins Anti-Spyware Coalition to help protect businesses from growing threat Sophos, a world leader in protecting businesses against viruses, spyware and spam, has today announced its membership of the Anti-Spyware Coalition (ASC). Sophos joins an alliance of technology companies and public interest groups whose mission is to create a consensus regarding spyware definitions, along with best practice in the debate surrounding spyware and other potentially unwanted software.
Protection fr......
[more] Online scams emerge in Katrina's wake Hurricane Katrina has spawned more than misery and destruction--a new wave of scam e-mails and Web sites are exploiting the tragedy. Phony Web sites and e-mails, purporting to offer help to hurricane victims or provide more news on the destruction, are making their rounds on the Internet, security experts said Thursday.
One spam campaign that's circulating offers breaking news reports but tricks people into clicking a link that takes them to a bogus Web s......
[more] Sysadmins taking brunt of blame for Windows worm attack Sysadmins are taking a big chunk of the blame for the latest worm attacks on Windows - said to have already infected 250,000 machines.
An online poll by security company Sophos had revealed that 20 percent of businessmen feel that the man dealing with the problem - the system administrator - is most to blame, for not patching systems fast enough.
The only consolation is that 35 percent of the 1,000 people polled blame Microsoft for the a......
[more] Early warning system launched for e-mail scams Sophos today launched a new early-warning system that proactively notifies banks, online businesses and other organisations of fraudulent e-mail scams that target their customers.
Based at Sophos's new $10 million research and development centre in Sydney, the Sophos PhishAlert service notifies subscribers of new phishing attacks so they can warn their customers and initiate action to immediately shut down fraudulent Web sites.
Developed in con......
[more] Phishers wheel out their latest scam; the little old lady Ebayers are being targeted by a new phishing scam designed to appeal to their better natures. Ebayers should be beware of a new phishing scam that masquerades as a message from a disabled little old lady.
According to experts at SophosLabs, the latest campaign centres around a plea for help allegedly from an 87-year old woman who is having difficulty using the popular eBay auction website. However, if recipients respond, they risk passin......
[more] New scam asks people to fax away data Phishers have added a new lure to their tackle boxes: e-mails that ask people to fax sensitive information to bogus security investigators. In a new scam, attackers are sending e-mail warnings that appear to come from PayPal, security specialist Sophos said Wednesday. These e-mails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.
The e-mails direct people to a Microsoft Word document hosted on......
[more] London bomb victim used by 419 email scammers Name of BT engineer killed in blasts used to dupe people... Computer users are being warned about a sick new 419 email scam claiming recipients are in line to receive millions of pounds from the estate of one of the victims of the London suicide bombings.
The 419 scammers have switched their attention from using the secret fortunes of dead African dictators to dupe people into handing over ID and bank account details. The latest email claims the rec......
[more] Virus Writer Targets AV Vendors A virus writer released malicious code that ridicules anti-virus vendors and the Sasser worm author. A virus writer apparently seeking notoriety instead of financial gain has released malicious code that ridicules anti-virus vendors and Sasser worm author Sven Jaschan, a security firm said Friday.
The Lebreat-D virus, which is rated a low threat, creates in infected computers a JPEG image file of Jaschan, a German teenager recently convicted of authoring the wide......
[more] 95% want anti-virus companies to block spyware, reveals Sophos poll A web poll of more than 1000 business PC users, conducted by Sophos, has revealed that 95% think anti-virus companies should protect computers from spyware.
Spyware, a computer program that sends information from a computer to a third party without the user's permission or knowledge, is a growing underground industry. Every month, Sophos analyses about 500 samples of code that attempts to give remote users unauthorised access......
[more] Japanese bank accounts raided by spyware Experts at Sophos are advising computer users to ensure their anti-virus products can also protect against spyware after the reported theft of $84,000 (9.4 million yen) from nine Japanese bank accounts.
According to reports, the money has been illegally withdrawn from nine accounts at three different banks, because of a spyware infection.
Terunobu Maeda, chairman of the Japanese Bankers Association and president and CEO of Mizuho Financial Group, said......
[more] Over 300 arrested in huge 419 scam investigation, Sophos reports 310 people have been arrested in Malaga, Spain as part of an investigation into a 300 million Euro ($363 million) lottery scam that attempted to rob innocent internet users out of their savings.
According to Spanish media reports, the FBI worked alongside Spanish authorities in what is believed to be the biggest round-up of so-called 419 or "Nigerian email" scammers.
Officers raided 166 properties, seizing 2000 cell phones, 32......
[more] Sophos ZombieAlert Identifies Spammer-Controlled Computers On Business Networks New automated service notifies organisations about their exploited and hijacked computers Sophos, a global leader in computer security, has announced the launch of Sophos ZombieAlert, a new alert service that identifies 'zombie' computers attached to organisational and ISP networks. Zombie computers are infected machines that give control to unauthorised and remote hackers, allowing them to send spam from the comput......
[more] Sophos Anti-Virus Certified to Detect 100 per cent of Spyware in Checkmark Leading independent testing body awards Sophos Anti-Virus with spyware certification Independent research and test centre West Coast Labs has announced that Sophos Anti-Virus for Windows XP has been awarded the certification Checkmark for detecting 100 per cent of the spyware in their rigorous tests.
The certification confirms Sophos's expertise in protecting businesses against the spyware threats and joins existing aw......
[more] Sophos Introduces ZombieAlert Identifies 'zombie' computers on an organization's network; notifies customers if their IP addresses are listed in public Domain Name Server Blackhole Lists. Sophos, a developer of anti-virus and anti-spam software, today announced the availability of Sophos ZombieAlert, a new alert service that identifies 'zombie' computers on an organization's network.
Zombie computers are infected machines that give control to unauthorized and remote users, allowing them to send......
[more] Microsoft rewards Sasser informants $250,000 Two people who pointed the finger of blame at Sven Jaschan, the 19-year-old author of the Sasser internet worm, are to be rewarded $250,000 by Microsoft for helping the company and law enforcement track down the creator of one of history’s most disruptive viruses.
Announcing the decision on Friday, the software colossus refused to identify the duo, but said “certain individuals” will now share the bounty put up by the company, Interpol, the FBI and......
[more] PCs Have 50-50 Shot At Infection In Just 12 Minutes The number of new viruses, worms, and Trojans are up nearly 60 percent in the first half of 2005, a security researcher says. The number of new viruses, worms, and Trojans are up nearly 60 percent in the first half of 2005, a U.K.-based security company said Wednesday, while the length of time an unprotected PC survives on the Internet has shrunk to a measly dozen minutes.
Sophos reported that it had pinpointed 7,944 new pieces of malicious so......
[more] Sophos picks up record malware haul Security software vendor Sophos says it has detected nearly 8,000 different pieces of malicious code so far this year - mainly coming from criminal gangs. The vendor reckons the dramatic rise in the number of viruses, worms and Trojan horses this year is down to more and more organised criminals turning to cybercrime.
It picked up almost 60 per cent more malware in the first six months of this year than the same time last year.
The biggest growth was in Tro......
[more] Malware authors up the ante Malware authors have increased both the volume and sophistication of their attacks over the last six months. In the first half of 2005 anti-virus firm Sophos detected and protected against 7,944 new viruses - up 59 per cent from the first six months of 2004. The number of keylogging Trojans has tripled in the first six months of 2005 compared to the first half of 2004.
More computer viruses and worms mean an unprotected Windows PC (without either firewall or antivir......
[more] Trojans attacking the UK come from China But that doesn't mean the Chinese are involved... Malicious programs the UK government has said are attacking key business and government bodies are being sent from servers in China, according to an email security firm.
But experts at MessageLabs said it would be inaccurate to conclude Chinese hackers are responsible for the Trojan horse attacks as the servers could be controlled remotely from anywhere.
Mark Sunner, CTO for MessageLabs, said: "Message......
[more] New worm lures users with 'breaking news' The Kedebe-F e-mail worm spreads via e-mail or file-sharing networks Internet users alarmed over news of Michael Jackson's death or dark conspiracies behind the demise of Pope John Paul II should perhaps be more concerned that they received another new e-mail worm.
Researchers at security firm Sophos PLC warned today of the spread of the Kedebe-F e-mail worm, which carries a variety of subject headers and messages touting breaking news. However, users......
[more] U.K. government is target of e-mail attacks NISCC warns of increasingly sophisticated attempts to steal sensitive information Critical infrastructure providers in the U.K. are being targeted in Trojan e-mail attacks designed to steal sensitive information such as passwords and documents, a national infrastructure security agency warned Thursday.
Tailored attacks against U.K. government departments, businesses, and other organizations have been occurring for a significant period of time and hav......
[more] Michael Jackson suicide spam leads to trojan horse, reports Sophos Experts at SophosLabs, Sophos's global network of virus and spam analysis centres, have warned of a spam campaign that claims that Michael Jackson has attempted suicide in an attempt to lure innocent computer users into being infected by a Trojan horse. The email claims that Michael Jackson has attempted to commit suicide. But clicking on the link will cause infection.
Sophos has identified hundreds of the spam messages being......
[more] Sophos Anti-Virus receives 28th Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award in the June 2005 edition of Virus Bulletin. This is the 28th time Sophos Anti-Virus has won a VB 100% award, confirming its position as one of the most powerful virus protection products available.
Virus Bulletin tested 28 different anti-virus products for their detection rates, lack of fal......
[more] Are Virus Writers Creating a Super Worm? Recent rash of Mytob worm variants has some security experts concerned. Virus writers responsible for the recent rash of Mytob worm variants could be working on creating a super worm, a security researcher warns.
The "HellBot" group behind the Mytob worms write programming instructions in their code that mirror the way developers work, says Sophos Security Consultant Carole Theriault.
"The only conclusion we can come up with is that they are working on......
[more] The record shows the net's taking blows - it did it Mytob way Another internet worm has exploded across computers worldwide as Mytob has been widely spammed over the last 48 hours. According to antivirus company Sophos, Mytob represents over 40 percent of all virus activity over the last two days, despite the continuing presence of the Sober and Bagle threats.
The most popular variant, Mytob.CM, appears in emails pretending to be network administrators, arriving in work email boxes with subjec......
[more] Fake Microsoft Patch Triggers Virus Attack Like day follows night, a bogus "cumulative update" with a malicious attachment has followed Microsoft's patch day.
In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment.
The latest social engineering trick arrives via e-mail with an attachment that purports to be a "cumulative patch" for May 2005.
The claim is......
[more] Sophos helps Merseyside police lay down the law against viruses Sophos, a world leader in protecting businesses against spam and viruses, has announced that Merseyside Police is using Sophos's SAV Interface to secure its IT systems. Merseyside Police, which is responsible for serving and protecting the Greater Merseyside area, including Wirral, Sefton, Knowsley, St Helens and Liverpool, has implemented SAV Interface at its email gateway in order to provide the highest level of protection agains......
[more] Virus writers claim Blair's email account was hacked The Prime Minister's email account is the subject of a spam scam that can infect computers with Trojan horses. Don't fall for it Cybercriminals claimed on Friday that the Prime Minister's email account has been hacked, in the latest attempt to attack PCs with malware.
On the same day Tony Blair won a third term in government, a spam message was sent out stating that malicious hackers had penetrated his email account.
The email contains a l......
[more] Top ten viruses and hoaxes reported to Sophos in April 2005 Sophos, a world leader in protecting businesses against spam and viruses, has published a report revealing the top ten viruses and hoaxes causing problems for businesses around the world during the month of April 2005.
The report, compiled from Sophos's global network of monitoring stations, shows that Zafi-D, which first appeared at the end of 2004, continues its reign at the top of the list for the fifth month running, accounting fo......
[more] Sophos announces new "Tiger" version of their leading Mac OS X anti-virus solution New version of Sophos Anti-Virus provides centralised control for businesses upgrading to Mac OS X 10.4 Tiger Sophos, a world leader in protecting businesses from spam and viruses, today announced that Sophos Anti-Virus for Mac OS X has been extended to include support for the latest version of the Apple Macintosh operating system, Mac OS X 10.4 Tiger.
Ideal for multi-national organisations as well as small and m......
[more] Spam - some figures on the threat Spam lies at the heart of the modern cyber-crime phenomenon. So how big is the problem? You hear all sorts of statistics these days about the level of threat faced by companies, and the Infosecurity show is bound to see these rolled out by vendors at every opportunity. But which ones deserve to be taken seriously?
Proving there is a threat is easy; working out the scale of this is another thing altogether. We decided to research the latest reliable figures we......
[more] Premium rate dialer virus writer sentenced The creator of the Marq email worm has received a 14 month sentence and been fined 3,000 Euros for writing a computer worm which dialled premium-rate phone numbers, which tried to steal over 100,000 Euros.
The man wrote the W32/Marq-A email-aware worm (also known as Voltan or Zelig) to direct innocent computer users to a web site where a malicious program posing as a screensaver could be downloaded. If run, the worm would change the phone number used......
[more] E-mail scam directs users to bogus Windows update An e-mail scam making its way around the Internet purports to be a message from Microsoft warning users of the Windows operating system that they need to download a security update -- only to leave their PC infected.
Once users link from the e-mail to a bogus Web site their computers will be infected by a "Trojan horse'' program that allows hackers to control their personal computers, anti-virus software maker Sophos said Friday.
The campaign......
[more] Antivirus firm warns of Microsoft security Trojan horse Malicious hackers uses same tactics as phishers A new campaign by malicious hackers uses a Web site designed to look like Microsoft Corp.'s Windows update page to trick unwitting Internet users into infecting their computers with a Trojan horse remote-access program, according to antivirus experts at Sophos PLC. The scam uses e-mail messages that appear to come from Microsoft to get recipients to visit a Web page that uploads the malicious......
[more] Sophos Reveals Latest 'Dirty Dozen' Spam Producing Countries Sophos, a global leader in network security, today published the results of its research on the top twelve spam producing countries. Researchers from SophosLabs(TM), Sophos's global network of virus and spam analysis centers, examined all spam messages received at its global network of spam traps from January 2005 through March 2005. Based on the analysis, experts found that the United States topped the Dirty Dozen chart once again, e......
[more] Virus promises Paris Hilton porn Adult footage used as social engineering hook Security experts have warned users to be wary of emails containing references to Paris Hilton after two different worms were discovered claiming to contain adult footage of the society heiress.
The new Sober-K and Ahker-C worms masquerade as X-rated videos of the popular celebrity, IT security firm Sophos warned.
Sober-K, which is spreading in the wild, mails itself using a variety of subject lines including 'Paris......
[more] Microsoft acquisition adds to anti-virus, anti-spam arsenal Microsoft last week made another acquisition to strengthen its anti-virus and anti-spam strategy and signal corporate customers that it plans to increase protection for desktops and servers.
The question now is how will Microsoft pull together all the disparate technology it has acquired and been developing over the past 18 months? Microsoft bought anti-virus and anti-spam vendor Sybari Software for an undisclosed sum last week, addi......
[more] Avoid the Valentine virus onslaught Lovelorn surfers need to be on their guard over the next few days as virus authors turn romantic in an attempt to infect computers.
According to anti-virus experts, Valentine's Day is a subject most often used by the creators of nasty email viruses to wreak havoc and infiltrate Inboxes.
As Valentine's Day approaches – Monday 14 - Sophos has already discovered two new viruses that bring loving greetings via email attachments and peer-to-peer networks.
The......
[more] Trojan attacks Microsoft's anti-spyware Virus writers have created a malicious program that can disable Microsoft's new anti-spyware application, security experts warned on Wednesday. Antivirus experts, who are calling the Trojan "Bankash-A," say it is the first piece of malicious software to attack Windows AntiSpyware, which is still in beta.
"This appears to be the first attempt yet by any piece of malware to disable Microsoft AntiSpyware," Graham Cluley, a senior technology consultant at So......
[more] Virus disguised as Saddam Hussein death photographs, Sophos reports Anti-virus experts at Sophos have warned computer users that a worm is spreading posing as photographic evidence that Saddam Hussein has been killed following an attempted escape bid from custody.
The W32/Bobax-H worm is designed to create zombie networks of innocent third-party PCs for spammers to spread junk email from. The worm spreads both via email and using a Microsoft security vulnerability previously exploited by the i......
[more] Virus top 10: Zafi still clinging onto Xmas Like an ugly decoration you've forgotten to take down... A Christmas-themed variant of the Zafi virus continued to plague networks and systems long after the last of the turkey had been eaten, accounting for almost half the virus reports in January.
January was the second consecutive month Zafi.D topped the virus charts, as it took advantage of a seasonal dip in user vigilance, masquerading as a Christmas greeting to trick users into thinking they wer......
[more] Fathers 4 Justice deny internet virus Potentially harmful computer viruses that purport to come from the controversial campaign group Fathers 4 Justice have been unleashed on the internet.
The rogue programs place a link to the organisation's website on the desktop before e-mailing copies to everyone in the owner's address book. They also try to disable the keyboard and mouse and shut down the hard drive.
Sophos, a computer security company that identified the viruses, said they were not yet......
[more] Another Worm Hits Online Tsunami Relief Another worm has emerged in the wild, preying on the generosity of those trying to donate to the Tsunami relief effort.
Multiple security firms, including McAfee, TrendMicro, Sophos and Symantec, today are reporting the discovery of the worm. McAfee and Symantec call it W32.Zar.A@mm, Trend Micro calls it WORM_ZAR.A and Sophos calls it W32/VBSun-A.
The worm usually has the subject line "Tsunami Donation! Please help" and includes an attachment named ts......
[more] Cellery worm plays Tetris as it spreads Computer game players could fall victim to a new worm that hides itself behind a version of Tetris Antivirus companies have discovered a worm, dubbed Cellery-A, that poses as an interactive version of Russian computer game Tetris at the same time as spreading across networks.
After the virus has been activated by opening the game, the Cellery worm displays a message saying "Chancellery" and changes Windows settings allowing it to automatically run on the......
[more] Kaspersky has IP doubts about Microsoft's Virus Information Alliance Kaspersky's CEO Natalya Kaspersky has said her company has been hesitant in joining Microsoft's Virus Information Alliance because of concerns that Microsoft would use that information to the advantage of its own antivirus product.
Microsoft's Virus Information Alliance (VIA) was formed to share information on viruses. However, antivirus companies do this already on a monthly basis - more often if necessary - outside of VIA.......
[more] 2004 was good and bad for IT security Experts agree: 2004 was the best of times, and the worst of times for those concerned about IT security. It was a year with high-profile arrests of virus authors, and the explosion of online crimes, from cyberextortion to identity theft, a year in which ISPs (Internet service providers) won millions in damages from spammers, and spam messages increased by 40 percent.
In hindsight, 2004 may be looked back upon as the year that a long tradition of hobbyist......
[more] One in every ten emails infected by Christmas card virus, reports Sophos The W32/Zafi-D worm, which was discovered on Tuesday posing as a Christmas greeting, has continued to cause problems for unprotected computer users. Experts at Sophos report that the virus is currently accounting for 75% of all virus reports at Sophos's global network of monitoring stations in the last 24 hours.
The W32/Zafi-D worm, which is believed to originate from Hungary, spreads inside holiday season goodwill email......
[more] Virus warning: Playboy bunny, not so funny Maslan worm disguised as nude pics... very old skool! Antivirus vendors are warning users to be on the lookout for an email borne worm which is disguising itself as nude pictures of Playboy pin-ups, though they admit the threat level is still very low.
However, with Christmas on the horizon and some boozy lunches in the diary for many there's a chance such an attachment will appear tempting to any employees getting demob-happy ahead of the holidays.......
[more] 2005: the year the virus gets nasty Lock up your bank accounts Next year will see more and more viruses targeting users' financial accounts as organised crime moves online in a big way, according to security company Sophos.
Although Sophos found that half of this year's top viruses, i.e. Netsky and its variants, came from a teenager in northern Germany, 2005 will see more and more viruses that collect and forward online banking details.
Organised criminal gangs in eastern Europe and the Far Ea......
[more] Sophos declares Netsky-P worst virus of 2004 Netsky-P tops the list of the worst virus outbreaks in 2004--a year marked with nearly a 52 percent increase in new viruses, according to a report released Wednesday by security software maker Sophos. Netsky-P represented 22.6 percent of all virus incidents reported to Sophos, the company said. Netsky-P was first spotted in March; it's one of more than 30 variants of the original Netsky mass-mailing worm, which debuted in February.
"It is simply sho......
[more] Security is just a mouse click away Next time an e-card with a jolly message drops into your computer's inbox, think before you click it open – it could be a virus which will implant itself in your machine and spread before you even realise it.
Computer users across the world are struggling against a rising tide of viruses and spam which corrupt data, slow down or take over systems and fill inboxes with junk. Viruses are mutating and spreading so fast that anti-virus software cannot keep up.......
[more] Lycos Europe Pulls Spam-Fighting Screensaver Analysts say a new twist on the war against spammers in Europe isn't likely to spill across Unites States borders, but is rather an opening salvo more likely to fizzle than to explode.
Earlier this week, Lycos Europe launched an aggressive campaign targeting spam-related Web sites. The UK-based company took the offensive when it released a "screensaver that spams the spammers."
Downloads of the screensaver, cheekily named "MakeLoveNotSpam," allowe......
[more] Sober virus crashes November party Old favourites still top of the virus pops The Sober-I worm has had a big impact on November's chart of most dangerous viruses and worms, according to security firm Sophos.
Although the worm was only detected on 19 November, it rapidly rose through the ranks to account for 20.4 per cent of all infections reported to Sophos. This made Sober-I the second most common virus after Netsky P.
More than one in five of all emails scanned contained some form of virus l......
[more] Microsoft to fix 'download warning' flaw Problem in IE and XP SP2 allows a malicious Web site to bypass the browser's warnings when downloading potentially harmful content. Microsoft has said it will take "appropriate action" to fix a problem in Internet Explorer and Windows XP SP2 that allows a malicious Web site to bypass the browser's warnings when downloading potentially harmful content.
The problem was first reported to Microsoft on Nov. 15 by security company Finjan. At the time, Micros......
[more] 16 candles for first Internet worm In 1988, an MIT student unleashed a self-replicating worm that halted thousands of computers--and lit a fire under online security. The first significant Internet worm appeared on this day 16 years ago, and online security has never been the same, security professionals say.
At around midnight on Nov. 2, 1988, the Morris worm, written by a 23-year-old Massachusetts Institute of Technology student named Robert Tappan Morris, was released on the embryonic Intern......
[more] The Internet worm comes of age The first Internet worm appeared on this day 16 years ago and online security has never been the same, say security professionals At around midnight on November 2, 1988 the Morris worm, which was written by a 23-year-old Cornell Universtiy student called Robert Tappan Morris, was released on the then-embryonic Internet.
Within hours the worm's 99 lines of code overloaded thousands of Unix-based VAX and Sun systems and forced administrators to disconnect their comp......
[more] Hoax virus warnings and spam scams: The top 10 Here's what's been fooling email users this summer... The full top 10:
1. JDBGMGR (accounts for 14 per cent of all reports) - A hoax virus warning relating to the Microsoft debugger registrar for Java. Verdict: The purported seriousness of this virus warning has been eating up bandwidth worldwide. If you receive such a warning check with your anti-virus firm before mailing it out to everybody you know. They are invariably a hoax.
2. Budweiser fro......
[more] Virus top 10: Can nothing stop Netsky? Pairs up with Zafi for double-headed virus dominance Zafi.B and Netsky.P have managed to notch up another month on top of the chart for the worst malware mischief-making.
According to infections reported to antivirus firm Sophos during October, Netksy.P - first sighted in March of this year - has taken the top spot with over 35 per cent of infections and Zafi-B - first spotted in June - follows up in second place with 28 per cent.
Both viruses have staye......
[more] Sophos Anti-Virus Receives 26th Virus Bulletin 100% Award Sophos, a world leader in protecting businesses against viruses and spam, has announced that Sophos Anti-Virus has been awarded the Virus Bulletin 100% award in the November 2004 edition of Virus Bulletin. This is the 26th time Sophos Anti-Virus has won a VB 100% award, confirming its position as one of the most powerful virus protection products available.Virus Bulletin tested 26 different anti-virus products for their detection rates,......
[more] Swash virus more of a washout, advises Sophos Sophos is advising users not to be alarmed if they hear mention of a new Windows email virus known as "Swash", or "Swash-A. It is easy to overreact when a virus appears sporting a brand new name and a variant letter of "-A", not least because the virus may sound newer than it really is.
Sophos advises that this "new" virus falls more naturally into the Mydoom family and should easily be recognisable as such. Sophos Anti-Virus, for example, has been......
[more] 'Netsky' variant belongs to Baba family A worm by any other name still isn't a treat... Antivirus companies have mislabelled a worm they thought belonged to the Netsky virus family, a security expert has said.
Senior technical consultant at Sophos Graham Cluley said that antivirus firms should have labelled the virus as a 'W32/Baba' worm. But, he added, after F-Secure categorised the worm as a Netsky variant, many of other antivirus companies followed their lead.
"The guys in the labs have loo......
[more] Antivirus holes zipped up The antivirus firm Sophos claims to have closed a loophole in its software that was made public yesterday, and Symantec has hit back at Secunia's claims about Norton's flaws Sophos updated its antivirus engine on Wednesday to plug a security hole that allowed virus writers to manipulate compressed files and avoid detection by the antivirus software's scans.
The vulnerability was discovered by US-based security firm iDEFENSE and also affected products from McAfee, Compu......
[more] Spyware may be next Australian government target Australia's federal government may look at adware and spyware as a follow-up to its legislative actions against spam. On the other hand, some caution should be attached to "promises" in the run-up to an election -- the event currently dominating all Australian news.
Paul Ducklin of security company Sophos approached IT minister Helen Coonan after her address to a media seminar and flagged the spyware problem. An official accompanying her quickly......
[more] Teen charged over Sasser virus The alleged creator of the virulent Sasser virus has been formally charged. German prosecutors have laid charges of computer sabotage, data manipulation and disruption of public systems against student Sven Jaschan who has admitted writing the Windows worm.
In total 143 victims of Sasser have contacted prosecutors to report the damage they suffered as the malicious program rampaged through computers.
If found guilty, Mr Jaschan could face up to five years in ja......
[more] First 'warspamming' case reaches court A landmark case in America could establish that spammers really do take advantage of insecure wireless networks A US citizen is thought to have become the first person to be accused of hacking a wireless network in order to send spam.
Nicholas Tombros, 37, is charged under the US CAN-SPAM act, which aims to clamp down on unsolicited junk mail. Prosecutors allege that Tombros used a laptop to sniff out insecure residential wireless access points in a Los An......
[more] Slack users blamed for virus longevity The three month-old Zafi-B worm was the number one virus in August, indicating that to few users are bothering to update their antivirus software.
According to Sophos, the top 10 reported viruses in August have all been in existence for months. The IT security firm notes that the Zafi-B virus continues to wreak havoc on global email.
Although we have seen a small, 10 per cent decline in reports of Zafi-B since last month, this email-aware worm doesn't lo......
[more] Virus numbers hit 33-month high: Sophos Zafi-B continues to hold the top spot for most frequently encountered viruses, for the third month in a row.
The monthly virus and hoax report found Netsky-P gained the number two spot for August, followed by MyDoom-O, Netsky-D and Netsky-Z.
The report, which was put together by software vendor Sophos, looked at the top 10 viruses and hoaxes that businesses battled worldwide during August.
There were more than 1200 new viruses detected during the month......
[more] US cracks down on spam mountain John Ashcroft, the attorney General of the US, is expected to announce on Thursday dozens of lawsuits against alleged spammers following a low key campaign against the practise across the US. The arrests have been made over the last few weeks as part of a coordinated effort to crack down on spamming, dubbed Operation Slam Spam.
The New York Times reports that the Direct Marketing Association (DMA) has given significant funds to the campaign. The DMA is wants to......
[more] DIY phishing kits found on the internet Further rise in attacks likely with easy-to-use kits free to download Do-it-yourself phishing kits are being made available for download free of charge from the internet, security watchers have warned.
Security company Sophos said that the availability of such kits, which require no technical knowledge to use, means that anyone with web access can potentially launch their own phishing attack and attempt to defraud unsuspecting computer users.
The DIY kit......
[more] Latest MyDoom hunts victims via Yahoo! Another new version of the MyDoom worm is spreading, and like last week's variant it uses Yahoo! as part of its infection routine. MyDoom-Q is similar to earlier MyDoom variants. It normally spreads via email, with a spoofed sending address and a variety of different subject lines. The body of an infected email contains random sentences, some of which refer to the attached Zip file that contains viral code. Once opened, this payload file copies itself to t......
[more] It's official: 2004 is year of the virus It is officially the year of the virus, with a 21 percent increase in new viruses discovered in Australia in the first six months of 2004 compared to the last year.
Nearly 4700 completely new viruses were discovered in the wild in 2004.
However, all is not lost - Australians have quickly adopted myriad antivirus techniques and remained online, profitable and more importantly, patched.
The Sasser worm was chiefly responsible for most of the attentio......
[more] One virus writer 'responsible for 70 percent of infections' Netsky and Sasser author Sven Jaschan, who was arrested in Germany earlier this year, is responsible for 70 percent of all virus infections so far this year, according to Sophos Sven Jaschan, self-confessed author of the Netsky and Sasser viruses, is responsible for 70 percent of virus infections in 2004, according to a six-month malware round-up published by antivirus firm Sophos on Wednesday.Jaschan was taken into custody in May by th......
[more] Antivirus companies warn about Bagle.AG threat Antivirus companies are warning of another virulent new version of the Bagle e-mail worm, dubbed Bagle.AG.
The new Bagle version was first detected Saturday and is very similar to earlier versions of the worm, which spread through shared file folders and in e-mail messages carrying the worm file as an attachment, according to advisories from Sophos PLC and McAfee Inc. McAfee rated the virus a "medium" threat, citing reports from several customers.......
[more] Zombie PCs: Silent, Growing Threat Spam, worms spread malware to build a spam-bot army of unwitting recruits. The seemingly endless spate of worm infestations over the last year has left something even more troubling in its wake: armies of zombie PCs that can be used to send spam, attack Web sites, and generally wreak havoc over the Internet.
Worms such as Sobig, MyDoom, and Bagle have been identified as containing malicious code (malware) that allows remote attackers to take over infected mac......
[more] Sophos chief concedes Unix virus frustration Sophos' anti-virus chief, Jan Hruska, says the race to perfect "on-access" virus scanning technology for desktop versions of Linux and FreeBSD has the company's Unix developers "tearing their hair out". The development of on-access scanning for Unix would give Linux users the same the type of technology that protects Windows and Macintosh users when they inadvertently double-click or otherwise attempt to open files infected with viruses such as those......
[more] Worm eyes up credit card details Windows users are being warned about a virus that is "aggressively stealing" credit card numbers and passwords. The Korgo virus debuted on 22 May and since then has been steadily racking up victims.
Although the virus is not widespread, security firms are issuing warnings because it is proving so effective at stealing confidential data.
Those infected by Korgo are being urged to change passwords and credit cards if they have been used online recently.......
[more] Sensible security stops Korgo worm dead in its tracks, Sophos reports Sophos experts have advised computer users that there is no need to panic about the family of worms known as Korgo, which have gained much media attention in recent days.
The Korgo family of worms distribute themselves in a similar way to the infamous and widespread Sasser worm, by exploiting a critical security hole in Microsoft's software. The security hole, known as the LSASS vulnerability, was first reported by Micros......
[more] Potter-mania fuels pesky virus A pesky computer virus is taking advantage of the excitement surrounding the latest Harry Potter film. The Netsky.P worm is enjoying a resurgence by disguising itself as a Potter game, say anti-virus experts.
The virus, which first appeared towards the end of March, spreads by e-mail and via file-sharing services.
The third film about the adventures of the boy wizard, Harry Potter and the Prisoner of Azkaban, was released on Monday, making £5m in one day.......
[more] New Bobax worm copies Sasser exploit It's spreading slowly but get patched anyway… A new worm that turns infected computers into launch pads for spam and other attacks is making the rounds, according to antivirus experts.
Bobax, which was discovered on Sunday, uses the same Microsoft security vulnerability as the fast-spreading Sasser worm, but it looks to be slower.
Craig Schmugar, virus research manager for McAfee Alert Antivirus Centre, said: "The seriousness of Bobax is about a three......
[more] Sasser clocked as biggest virus threat in May Anti-virus firms agree Sasser was the greatest threat last month.
Trend Micro's monthly roundup of virus activity placed Sasser as the eighth most prolific virus for the month. But it still marked the first Red Alert the company has issued this year.
However the network-aware worm topped Sophos' chart, accounting for more than half of all reports received.
'Sasser was the major pain in the neck this month, affecting far more users than eve......
[more] Wallon Worm Deceives Users New threat exploits long-patched flaw in Internet Explorer. Antivirus experts are warning users about a new worm called Wallon that uses deceptive Web links to Yahoo.com to trick users into downloading malicious programs.
Wallon first appeared last Friday and spreads in e-mail messages. Antivirus companies report increased instances of the worm this week, and say users could be tricked by its e-mail messages, which do not contain virus-infected file attachments.......
[more] I Love You virus, 4 years old Name ring a bell ?
The ILOVEYOU virus was four years old yesterday.
May 4th, 2000, saw one of the most infamous computer viruses come to light. Going by the official name of VBS/Lovelet-A, it is also commonly known as Love Bug or ILOVEYOU.
Believed to have been written, but never proven, by a Filipino man called Onel de Guzman, ILOVEYOU (along with the Annakournikova virus of 2001) was one of the first "social engineering" based viruses. It tried to fool c......
[more] Sasser worm expected to hit hard on Monday New worm does not need users to open e-mail attachments in order to propagate A new series of worms released onto the Internet exploits a critical security vulnerability in Microsoft Corp.'s Windows XP and Windows 2000 OSes and does not need users to open e-mail attachments in order to propagate, experts said Saturday.
The worm's impact is expected to peak Monday as millions of workers bring their laptops back to their offices, after using them over......
[more] Sasser spawns children, headaches Variations appear on the Internet as rate of new infections begins to slow At least two new versions of a malicious computer worm that appeared late Friday were circulating on the Internet Monday, according to computer security experts and antivirus software companies.
New variations of the Sasser Internet worm, named Sasser.B and Sasser.C were identified by antivirus companies, just days after the first version of the new worm appeared. Despite the new vers......
[more] Top Ten Viruses & Hoaxes Reported to Sophos in April The report, which examines virus and hoax reports in the month of April 2004, shows three new viruses have entered the chart, with Netsky variants taking seven places.
The top ten viruses in April 2004 were as follows:
W32/Netsky-P (Netsky variant) 23.19%
W32/Netsky-B (Netsky variant) 20.16%
W32/Netsky-D (Netsky variant) 16.76%
W32/Netsky-C (Netsky variant) 4.99%
W32/Netsky-Q (Netsky variant) 2.79% NEW ENTRY
W32/Sober-F (Sober v......
[more] Latest Netsky infects via Microsoft Flaw Antivirus experts recommend that Microsoft Windows users immediately apply security patches to protect their systems from the latest worm threat. Unlike its many predecessors, Netsky-V spreads without using e-mail attachments to infect users. Details on which flaws the worm exploits haven't been released.
"Virus writers know that large corporations are now blocking many different types of files at the gateway," said Bruce Hughes, director of maliciou......
[more] New Netsky worms change their stripes New versions of the Netsky e-mail worm are spreading on the Internet and may be the work of a different author than previous editions of that worm, according to anti-virus software companies.
Netsky.S appeared on Monday and Netsky.T was detected Tuesday. They are the 19th and 20th editions of an e-mail virus that first appeared in February. Unlike earlier variants, the new Netsky strains open "back doors" on machines they infect, prompting at least one......
[more] As spring arrives, virus spreads seeds far and wide NetSky variants accounted for 60 percent of all viruses reported in March, making it the most prolific worm in the month, according to a report released Wednesday by security software vendor Sophos. Fifteen versions of NetSky infected computers during March--sometimes two different variants appearing in a single day. And on Wednesday, yet another NetSky variant was discovered, NetSky.R, the second variant to appear this week. Antivirus experts......
[more] New Netsky Variant Blames Users Worm prepares attack on peer-to-peer nets, contains boast and warning message. A new version of the Netsky e-mail worm is programmed to attack peer-to-peer networks. It bears messages blaming users for spreading viruses and claiming its authors are crusading against hacking, antivirus software companies warn.
Netsky.Q first appeared on Monday and is spreading on the Internet. It is the 17th variant of the worm to be released since Netsky first appeared in Fe......
[more] Sophos warns of new twist in Bagle threat, as new variants emerge Sophos, a world leader in protecting businesses against viruses and spam, is warning of a new twist in the Bagle virus saga. Two new variants, W32/Bagle-Q and W32/Bagle-R, use a different method of infection in an attempt to bypass anti-virus protection at the email gateway.
Unlike most email viruses, the two new Bagle worms do not carry email attachments, making them difficult to spot. Infected messages have a random subject......
[more] Bagle turns to anti-spam trick The latest Bagle variants are hiding their passwords in graphic files in a new ploy to avoid detection by antivirus software Three new Bagle variants (N, O and P) discovered over the weekend differ from previous incarnations because they use an anti-spam trick to try and avoid detection by antivirus software, but experts believe that the attempt won't succeed.
The Bagle worm installs a back door on infected systems and could allow the machine to be used as an em......
[more] Netsky Hacker Threatens New Attack Text inside the Netsky.k worm threatens a possible attack Thursday, March 11 A message embedded within one of the most recent Netsky worm variants may spell trouble on Thursday, according to analysis done by an anti-virus firm.
Text tucked inside the Netsky.k worm, which first appeared Monday, indicates a possible attack on Thursday, March 11, said Panda Software in an advisory.
"The 11th of march is the skynet day," said the text in part, giving Panda re......
[more] Bagle and Netsky battle for supremacy in war of the worms, Sophos advises Netsky virus removes Bagle as cyber war grows Expert virus researchers at Sophos have declared that a state of war exists between the creators of the Netsky and Bagle worms, both of which have spread widely across the internet in a number of different guises.
The author of the Bagle worms has encoded a number of abusive messages inside recent variants of his creation, attacking the Netsky worm's creator.
Meanwhil......
[more] Virus-fighting needs better boundaries: Sophos A tightening up of the standards applying to MIME boundaries — which separate parts of an email — would help fight viruses, suggests Paul Ducklin, Sydney-based head of technology for the Asia-Pacific region for Sophos.
And some of the filters themselves could probably do with a re-examination as to how they handle the boundaries.
Some messages do not properly separate the text of an email from an attachment. A filter may erroneously pass the a......
[more] Virus top 10: A Sobering return Social engineering and home users give virus writers a hand MyDoom, the virus that took down SCO's website and had a pop at Microsoft and the RIAA into the bargain, has lost its place at the top of the chart for most reported virus in February.
February's malware figures from antivirus firm Sophos show that young upstart MyDoom.A has lost out to old hand Sober.C, with 35.3 per cent of all virus reports in February, compared to 25.3 for MyDoom.A.
The Sober......
[more] Sophos joins Microsoft Virus Information Alliance (VIA) Sophos, a world leader in protecting businesses against spam and viruses, today announced that it has joined the Virus Information Alliance, an industry initiative founded by Microsoft Corp. and consisting of ten leading anti-virus vendors. The alliance aims to provide Microsoft customers with accurate and relevant information about the latest virus threats affecting Microsoft technology.
As part of the initiative, virus researchers in......
[more] March Comes in Like a Worm New versions of Bagle, Netsky viruses are spreading rapidly. Conventional wisdom claims March comes in like a lion and goes out like a lamb. But with new versions of the Bagle e-mail worm and a virulent new form of Netsky virus, March's arrival is looking more like a worm.
Five new versions of Bagle appeared over the weekend, as did a new version of Netsky that is spreading rapidly on the Internet and generating a huge volume of virus-infected e-mail messages.......
[more] Spam's 'dirty dozen' exposed The United States, Canada, China, South Korea and the Netherlands are the top five birthplaces of spam worldwide, according to a new analysis by security software maker Sophos. In an analysis of junk e-mails received over two days in mid-February, the company created a list of the "dirty dozen" spam-producing countries.
Taking the undisputed helm on its list of spam-producing countries is the United States, which accounted for more than half of the world's unsoli......
[more] Antivirus expert 'gutted' to have missed Gigabyte arrest Have you ever returned from holiday only to discover that your arch nemesis has been arrested while you were sunning yourself? We've all returned from holiday to some kind of surprise - from the mild 'oops I forgot to cancel the milk' to the nightmarish 'we've been burgled'.
But very few of us can claim to have returned from holiday to find that our arch nemesis has been arrested.
That was the surprise awaiting antivirus expert an......
[more] Sophos Joins Microsoft Virus Information Alliance Sophos, a world leader in protecting businesses against spam and viruses, today announced that it has joined the Virus Information Alliance, an industry initiative founded by Microsoft Corp. and consisting of ten leading anti-virus vendors. The alliance aims to provide Microsoft customers with accurate and relevant information about the latest virus threats affecting Microsoft technology.
As part of the initiative, virus researchers in Sophos l......
[more] Sophos Announces Opening of North American Virus Lab Sophos, a world leader in anti-virus and anti-spam protection for businesses, today announced the opening of its North American virus lab. Sophos currently operates full-time virus labs in the United Kingdom and Australia and a spam lab in Vancouver, Canada. With the addition of its Lynnfield, MA-based virus lab, Sophos will be able to further extend protection for its customers worldwide.
As the threat of viruses continues to escalate alo......
[more] "MyDoom-D" worm poses no problem for Sophos users Sophos virus experts have reassured customers that they are already protected against the worm some anti-virus vendors are calling "MyDoom-D".
Sophos products can detect "MyDoom-D" using the W32/MyDoom-A update released on 27 January. MyDoom-D is only marginally different from the original MyDoom worm, replacing the text "Mail transaction failed" with "ROFL HELLO SAM HOWS UPZ".
"Some anti-virus vendors have had to release updates to prot......
[more] MyDoom storms to top virus Anti-virus specialist Sophos has revealed the top ten viruses causing problems for businesses around the world. Two new entries shot to the top of the charts, despite appearing only in the past two weeks.
Bagle shot to prominence on January 19 before falling dormant on January 28. MyDoom, programmed to launch a Denial of Service (DoS) attack on SCO's website from February 1, was even more rampant, reaching number one in less than a week.
MyDoom will fall dormant......
[more] MyDoom Author: "Sorry" A variant of the virus has a cryptic message in which the author appears to apologize for creating the infection The MyDoom variant that joined the original virus in wreaking havoc on the Internet last week contains a cryptic message in which the author appears to apologize for the malicious code, security experts say.
The creator of what anti-virus experts say is the fastest spreading virus ever on the Internet signed MyDoom and MyDoom.B with "andy," and left the follow......
[more] Microsoft expected to escape Mydoom virus Computer security experts are confident that Microsoft will escape unscathed from a viral attack set to be launched against it on Tuesday by a variant of the virulent Mydoom e-mail virus.
Experts said on Monday the variant virus, known as Mydoom.B, had not spread far enough to create a sufficiently large data blitz that could overwhelm the giant software maker's robust websites.
The original virus, known as Mydoom.A, was among the fastest spreadi......
[more] Happy Deathday" to Bagle worm on 28 January, Sophos reports The W32/Bagel-A worm which has been making its presence felt in thousands of email inboxes worldwide is set to fall silent on Wednesday 28 January Virus experts at Sophos report that the Bagle worm, which has dominated reports of virus sightings since its appearance just over a week ago, has been designed to fall dormant on 28 January 2004, and will no longer spread.
"One can only wonder why the worm's author has chosen to include a......
[more] New Bagle worm spreads over internet disguised as Calculator, warns Sophos Sophos, a world leader in protecting businesses against spam and viruses, is warning of a new worm called Bagle-A (W32/Bagle-A). Following many reports in Australia, Sophos has already started to see multiple reports coming from the UK and other countries, and users are advised to be cautious of emails received over the weekend with the subject line "Hi".
The Bagle-A worm (also known as Beagle) arrives as an email me......
[more] Sophos beats rivals in VeriTest analysis Sophos Anti-Virus provides most frequent virus updates, fastest scanning speed and shortest installation time Sophos, a world leader in anti-virus and anti-spam protection for businesses, today announced that in a competitive analysis of enterprise anti-virus applications conducted by VeriTest, a division of Lionbridge Technologies, Sophos Anti-Virus led competitor solutions in several key areas including most frequent virus updates in both manual and aut......
[more] Spam with Trojan horse attacks eBay users Virus authors are using spam e-mails containing a Trojan horse program to help spread the latest version of the Mimail e-mail worm. The latest threat, which targets customers of eBay's PayPal online payment service, highlights a growing trend in which online criminals combine computer viruses, spam distribution techniques, Trojan horse programs and "phishing" scams to circumvent security technology and fool internet users, said Carole Theriault, securi......
[more] Microsoft tweaks, new laws won't make '04 safer Looking back at security issues of 2003 and ahead to 2004 For computer security experts, 2003 started with the Slammer Internet worm and went downhill from there. The year, which included four major worm and virus outbreaks just in August, has been labeled the "year of the worm" and "the worst year ever" by more than one computer security expert.
All that activity meant good news for antivirus software companies, such as Symantec. It was bad ne......
[more] 2003 is becoming a virus writers playground warns Sophos Far more infections than last year... Virus writing and high-profile infections have been on the rise this year, with significant activity over the past couple of months in particular.
Figures from Sophos reveal the first six months of 2003 have seen a 17.5 per cent increase in virus activity over the same period last year - and this shows no sign of abating.
Bugbear and Klez have done much to boost the figures, but Sobig variants......
[more] Students offered virus writing course Should make for an interesting edition of University Challenge A university course in Canada teaching students how to create computer viruses has been met with derision by angry industry watchers, who believe it will create a pool of future virus writers.
The 'Computer Viruses and Malware' course will begin next autumn at the University of Calgary.
It is described as focusing on "developing malicious software such as computer viruses, worms and Trojan......
[more] Email worm attempts to exploit interest in war Virus/worm writers are exploiting public interest in the imminent war between Iraq and the US, in a bid to get unsuspecting users to run viral attachments.
The W32/Ganda-A worm, which surfaced on Monday, appears to have been written in Sweden and uses different subject lines to try and achieve this. The worm spreads from computer to computer via email; it only affects computers running the Windows operating system.
Anti-virus firm Sophos sa......
[more] Klez Is Still No. 1 Worm Two antivirus vendors say the long-lasting worm remains the most prominent infection. Klez just became the most persistent worm ever, antivirus company Sophos said in its monthly update of the top 10 viruses and hoaxes.
With 13 months on the charts, Klez remains "a worm with staying power," Chris Wraight, a technology consultant at Sophos, said in a statement released Monday.
Nearly 14% of the viruses detected by Sophos were the Klez-H variation. Next was the W32/So......
[more] Global Secure Systems supplies security tools (including Sophos) to protect both the corporate gateway (particularly the Internet, or other external network connections), and the individual PC (including the roaming laptop user and the desktop attached to the corporate network).
© Global Secure Systems, All rights reserved.
Search results for Sophos from the main GSS Website
