Clipmarks | Sophos Clips

Windows 7 'vulnerable to 8 out of 10 viruses'

Sat, 07 Nov 2009 03:19:59 GMT

clipped by: hotdoge3
clipper's remarks: Fix it?

SophosLabs reported in its security blog that a test Windows 7 system on a clean PC was affected by 80 per cent of viruses.

Sophos' Chester Wisniewski, said engineers loaded a full version of Microsoft's recently launched operating system, and configured it to follow system defaults for UAC (User Account Control) without installing an anti-virus package.

"Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows," he wrote.

"The good news is that, of the freshest 10 samples that arrived, two would not operate correctly under Windows 7."

Microsoft's Security Intelligence Report released this week said the infection rate of a Windows Vista machine running Service Pack was 61.9% less than on an up-to-date Windows XP computer.

But only around one in five Windows users are using the new operating system or Vista.

"Windows 7 is no cure for the virus blues, so be sure to bring your protection when you boot up."

Tags: windows7, vulnerable, to, 8, out, of, 10, viruses'

Facebook profile privacy settings

Sat, 10 Oct 2009 02:24:22 GMT

clipped by: billpar

Clip Source: www.sophos.com

Facebook best practice Profile privacy settings

Facebook has provided users with powerful controls to protect themselves online, and it is up to individuals to check and ensure that appropriate settings are in place. Sophos has published recommendations for how to configure the settings for each of these privacy areas of Facebook.

Tags: web, tech, facebook

Google targeted in e-mail scam

Tue, 06 Oct 2009 14:13:18 GMT

clipped by: kkcapricorn
clipper's remarks: Other addresses include Comcast and Earthlink accounts.
It is not clear whether the new list was part of the same phishing attack that collected the Hotmail addresses or a separate scam.
"Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software."
security expert Graham Cluley of Sophos advised users to change their passwords as soon as possible.

"I'd also recommend that people change the password on any other site where they use it," he said.
About 40% of people had the same password for every website they used, he added.

Clip Source: news.bbc.co.uk

Google has confirmed to BBC News that its e-mail system - Gmail - has been targeted as part of an "industry-wide phishing scheme".

Phishing involves using fake websites to lure people into revealing data such as bank account details or login names.

BBC News has seen two lists that detail more than 30,000 names and passwords that have been posted online.

"We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," said a Google spokesperson.

"As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."

The firm stressed that the scam was "not a breach of Gmail security" but rather "a scam to get users to give away their personal information to hackers".

a second list of 20,000 names

e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers

Tags: computers

Viagra spam brings bulging returns of more than $4,000/day

Fri, 25 Sep 2009 21:59:52 GMT

clipped by: arifsali
clipper's remarks: Government should take away the PCs from those who not only open these spam email but they go through the links in them. I mean you would have to be insane to do that.

Clip Source: arstechnica.com

A peek into the world of spam affiliate networks has revealed that there is indeed a lot of money to be made by pushing all those Viagra and Cialis e-mails. Even if only a few people make purchases, it's enough to make spamming worthwhile and guarantee that the rest of our inboxes will remain crowded.

Pharmaceutical spam can generate more than $4,000 per day in sales, confirming that spam continues to thrive because of those gullible few who click through and ruin it for the rest of us. And that's not just an estimate: a security researcher from Sophos have combed through sales logs as part of his investigation into the growth of spam networks, noting that Russian affiliate partner networks—also known as "partnerka"—are responsible for some of the largest Canadian pharmacy spam businesses.

Tags: e-mails, internet, pharmacy

New breed of spycams pose threat to privacy

Thu, 03 Sep 2009 14:48:33 GMT

clipped by: pennyserenade
clipper's remarks: "

You probably don't know this, but Adobe's Flash Player browser plug-in, which many people install to view Flash video clips and adverts on the web, has a Settings Manager that has two settings that control whether websites you access, and potentially other Internet users, can turn on your webcam and microphone remotely - with or without asking your permission.

In addition, the Internet VoIP and chat application Skype also has some settings that can control whether and how a webcam in or connected to your computer is enabled when using it."

Clip Source: www.theinquirer.net

A FEW YEARS AGO a security expert, enraged at discovering that his PC had been hacked, managed to trace the intruder’s computer and take remote control of it. He was astonished to find himself staring at the face of the culprit, courtesy of the machine’s webcam.

The case of the hacked hacker was an early example of how webcams can expose a home or office to the world. They have since proliferated at least as quickly as Britain’s public surveillance cameras, yet while two major reports in three years have warned that those present a serious threat to privacy and freedom - A Report on the Surveillance Society and Surveillance: Citizens and the State - the insidious perils of private webcams have received little attention.

Security firm Sophos tells the story of a Cyprus man who infected a 17-year-old girl’s PC with Trojan spyware that gave him access to her webcam. He was caught only after she contacted police when he tried to use his pictures to blackmail her into posing naked.

How can we stop these nasty cybercriminals?

Thu, 20 Aug 2009 23:58:56 GMT

clipped by: hotdoge3

Clip Source: www.nzherald.co.nz

How can we stop these nasty cybercriminals?

The answer is that they're legally obliged to, for a length of time, in case of queried transactions. But why aren't they forced to do it in a way that doesn't put our own security at risk?

There is a worldwide standard (the PCI-DSS) that any companies dealing with cardholder information are obliged to sign up to, but many security experts have pointed out that it's possible to tick all the PCI's boxes and still be insecure. The offence allegedly committed by Gonzalez is as vivid an illustration of that as one can imagine.

So what should these companies be doing to protect us? Graham Cluley, from internet security firm Sophos, has expressed his disbelief that our card details aren't encrypted when they're stored, so that hackers just find random gobbledygook. "If they were properly encrypted," he says, "it would take until the sun burns out for anyone to decode it."

Tags: how'can'we'stop'these'nasty'cybercriminals?

Erin Andrews Peephole Video Carries Malware Threat (WARNING)

Mon, 27 Jul 2009 10:05:24 GMT

clipped by: giasuddin
clipper's remarks: Virus writers are using the Erin Andrews peephole video

Clip Source: popcelebrityup.blogspot.com

[Video]

As an illegally-obtained video of sports reporter Erin Andrews is being passed around the web, security firm Sophos has renewed warnings that scammers are posting fake clips in order to propagate malware. It adds that link sharing on Twitter (Twitter) and blogs is only worsening the situation.

Tags: carries malware, erin andrews, peephole video, threat

[WARNING] Erin Andrews Peephole Video Carries Malware Threat

Sun, 26 Jul 2009 03:56:43 GMT

clipped by: chestnut501
clipper's remarks: I've seen it a few times on here this week, so beware.

Clip Source: mashable.com

A video posted by Sophos earlier this week (below) warns of a fake CNN.com clone that prompts users to download a malicious file to view the video: links to the fake site are being propagated through forums like Yahoo Answers.

Tags: malware, fake, video, erin-andrews, peephole, malicious, warning

Naponta 23 000 új fertőzött oldalt regisztrálnak

Fri, 24 Jul 2009 14:28:34 GMT

clipped by: telkes

Clip Source: www.sg.hu

Biztonsági szempontokból bőven van még tennivalójuk a népszerű közösségi portálok üzemeltetőinek. Ez derült ki az idei első félév tapasztalatait összesítő Sophos Security Threat Report című jelentésből.

A dokumentum fő megállapításai meglehetősen pesszimista képet festenek a jelenlegi helyzetről: naponta 23 000 új fertőzött honlap, a közösségi hálózatok adataival kapcsolatos visszaélések, 89,7 százalék spamarány az üzleti e-mail forgalomban. A legfontosabb tapasztalat, hogy a Twitter, a Facebook és a többi népszerű közösségi oldal működtetőinek a jelenleginél sokkal jobban kell védeniük a rendszereiket és a tagjaikat az online támadásokkal és azok elkövetőivel szemben.

testing

Mon, 06 Apr 2009 12:53:39 GMT

clipped by: Sophos
clipper's remarks: not bad

Clip Source: clipmarks.com

You have successfully installed the clipmarks browser button.

You can save clips publicly for others to see, post them to Facebook, or embed a widget of them on your own site. You can also save clips privately for your own viewing later. Your clip collection is searchable from any computer with an internet connection (including your iPhone, Blackberry, etc).

Tags: testing

Conficker Computer Worm a Bust so Far

Wed, 01 Apr 2009 21:59:49 GMT

clipped by: dmtherob
clipper's remarks: The attackers didn't attack today, even though the virus has April 1st in the code. The worm creators are likely to sell slices of a 'botnet' to spammers so that the infected computers can be used to send spam.

Clip Source: www.cbsnews.com

Conficker Computer Worm A Bust So Far

Little Impact Seen From Latest Computer Attack Timed For April 1

As expected, the Conficker worm failed to cause the digital pandemonium that some may have feared.

So, can we all just go back to playing on Facebook and watching the game now?

Not really. Just because the worm failed to create much of a stir on the day it was set to activate, April 1, doesn't mean it won't wake up and act later.

"The (malicious) hackers can tell their worm to do something any day of the year; they're just as likely to do it tomorrow or next Wednesday or in August," said Graham Cluley, a senior technology consultant with Sophos.

Today, as on any day, PC users should make sure their systems are patched and running the latest security software. People should patch their systems to close the hole in Windows it exploits and update their anti-virus software. The major anti-virus vendors all have free Conficker removal tools.

Tags: worm, conficker, computer, computers, virus, spam, spammer, web, web 2.0

Computer Virus 'Time Bomb' Could Go Off April

Tue, 31 Mar 2009 05:03:25 GMT

clipped by: 4freedomstantra

Clip Source: www.foxnews.com

Conficker is a sophisticated piece of malicious computer software, or malware, that installs itself on a Windows PC's hard drive via specially written Web pages. It then conceals itself on a computer.

Graham Cluley of the British security firm Sophos confirmed that Conficker is programmed "to hunt for new instructions on April 1."

However, he added, "This does not mean that anything is going to happen, or that the worm is actually going to do anything. Simply, it is scheduled to hunt a wider range of Web sites for instructions on that date."

One strange thing about Conficker is that no one yet has any idea what it is programmed to do.

A worst-case scenario for April 1 would be for all the world's millions of infected computers to receive simultaneous instructions to attack, or to flood the Internet with spam e-mail.

"April 1 is a classic date for anything like this to go off," he said. "But I really would hate to say that April 1 is going to be unlike any other day."

Tags: conflicker, virus, april fool's day, worm april, computer virus, april 1, 2009

Malware disguised as Google News Report

Sun, 08 Mar 2009 05:34:21 GMT

clipped by: kkcapricorn
clipper's remarks: Its getting so difficult to maneuver on line.

Clip Source: msmvps.com

Hackers disguise malware as Google News report of baseball death

Baseball player John C Odom became known to millions across America last May after he was traded for ten maple bats. Hackers is now using it as Google news report to spread malware, Troj/Reffor-A or Mal/BadRef-A.

Published Saturday, March 07, 2009 6:31 AM by donna

Tags: hackers, trojan, malware, computers

Hey USA, just say NO to online exploits!

Wed, 10 Dec 2008 16:48:29 GMT

clipped by: douchrti
clipper's remarks: This bit of news saddens me. Education about online threats is everywhere in the news today, yet the article says we in the USA are not getting the message.

Clip Source: news.antispyware.com

US takes the malware lead

“Not only is the USA relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it’s also carrying the most malicious web pages,” it has Graham Cluley, senior technology consultant for Sophos, saying.

Tags: malware, spam, online security, computer safety

Cyber criminals target Facebook user

Tue, 11 Nov 2008 08:39:00 GMT

clipped by: tabsey

Clip Source: www.smh.com.au

Facebook has been infiltrated by Nigerian scammers and other cyber criminals who use compromised accounts to con users out of cash.

Now that even non-tech savvy internet users know not to respond to, or click on links in, emails from strangers, online thieves have turned to social networks and are finding it is easier to trick people when posing as their friends.

On Friday, Sydneysider Karina Wells received a Facebook message from one of her friends, Adrian, saying he was stranded in Lagos, Nigeria, and needed her to lend him $500 for a ticket home.

Adrian used relatively good English but, after chatting further, words such as "cell" instead of "mobile phone" tipped Wells off that she was not talking to her friend but someone who had taken over his account.

Using sites such as Facebook allows scammers to research and target victims more effectively and avoid having their messages blocked by spam filters, said Paul Ducklin, head of technology at Sophos Asia Pacific.

Tags: computers