Wireless networks are everywhere, but they aren’t always secure. In New York City, where millions of people connect to free but insecure Wi-Fi hotspots every day, it’s the same story.
Chester Wisniewski, Sophos senior security adviser, explains just how easy it would be for hackers to take advantage of unsuspecting people, in a segment that appeared Monday night on ABC World News.
Watch the video below or on the ABC World News website to see the full interview with Chet.
Recently we measured spam volume from around the world to find out which countries are the worst spam offenders. As we expected, the United States sends out way more spam than any other country — 24.2% of all spam was from the U.S.
When you consider the country’s huge online population, it’s not surprising that the U.S. sends so much spam. Spam comes from “bots” — computers infected with malware and under the control of a criminal. “Bot masters” can use servers anywhere in the world to give the bots instructions. So spam-bots in the countries on our list aren’t the authors of the spam, they are more like the messengers.
While it’s interesting to call out the 12 “dirty dozen” countries that send the most spam by volume, we also like to look at the amount of spam by population. It’s a diverse list of nations, and even small countries have a big spam problem.
We have an extremely cool prize to give away as part of our celebration of the 12 Days of Sysmas. It’s called the Ultimate IT Throne and, even if it won’t give you any real powers over your users or your bosses, it will make you feel like a king (or queen).
There’s a lot going on that demands your attention at nearly every moment, from the not-so-aware user who accidentally downloads new threats like the re-born Gameover malware, to old threats like users accessing insecure Wi-Fi networks.
IT pros, we’ve got your back. (And if you win our IT Throne, we’ll get your behind too).
Microsoft’s takedown of the No-IP dynamic DNS service generated a lot of controversy when legitimate customers were impacted by the disruption of 18,000 subdomains abused by cybercriminals.
Microsoft has done its fair share of good, frequently working with law enforcement to take out servers that control malware spewing bots, such as the ZeroAccess botnet. But in this case, Microsoft misfired and caused a lot of collateral damage, according to Sophos security adviser Maxim Weinstein.
In a new post at Dark Reading Maxim writes that the Microsoft vs. No-IP case highlights the need for “clear standards of abuse handling, and transparency on which service providers measure up.”
SophosLabs Threat Researcher Gabor Szappanos has been following the development of PlugX – a strain of advanced persistent threat (APT) that has been used in targeted attacks – over the past year.
“Szappi,” as he’s known around the labs, has dissected variants of PlugX in a series of technical papers explaining his research – and the new ways the cybercriminals have devised to conceal their malware.
In his latest paper, Szappi shows us how one variant of PlugX doesn’t do what the other versions do – dropping a separate file on the infected system – but rather stores itself in memory without using the disk.
There’s some good news to report: international law enforcement authorities have disrupted the Gameover/Zeus botnet and charged the criminal gang behind the Gameover banking malware that’s been stealing millions of dollars from victims worldwide.
Sophos experts have been tracking Gameover — a variant of the malware kit known as Zeus — for quite a while. SophosLabs recently identified a rootkit element to the Gameover code which made Gameover harder to detect and remove.
As we reported at Naked Security, the Gameover malware has been used by criminals to infect victims with the ransomware called Cryptolocker.
We have discussed the infamous Zeus family of malware and its numerous variants many times on Naked Security, including identifying the introduction of the Necurs rootkit into the Gameover variant, putting the Citadel variant under the microscope, and a technical paper analyzing the original Zeus.
These versions of Zeus and many more continue to plague netizens across the globe, stealing vast quantities of data and costing individuals and institutions huge amounts of money.
I will be giving a presentation at SOURCE Dublin this week that demonstrates the process of extracting useful information from a variety of key Zeus variants including Citadel, Gameover and IceIX.
Right now we’re gearing up for the big show at Infosecurity Europe, starting 29 April, and we’re also planning a big product announcement that you’ll want to hear about — so stay tuned.
Sophos security experts have been talking a whole lot about data security in the wake of the Heartbleed security hole, and we had a very special guest writing for our blog this week to talk about encryption.
And, there’s been plenty of interesting security news this past week, including a mysterious malware known as Unflod Baby Panda that’s been infecting jailbroken iOS devices. Plus, Apple pushed out a bunch of security fixes for OS X, iOS and Apple TV.
Infosecurity Europe is coming up the week of 29 April to 1st May 2014, and Sophos will be there at stand H60. Our experts will be giving a full slate of presentations, plus we’ll have demos and give-aways at our booth.
This is the 20th year of the event, and although we’re not sure if there’s a theme to this year’s conference, who could doubt the importance of info security in today’s environment of government surveillance and blockbuster data breaches?
Sign up for your expo pass (free until 28 April), get ready for a good time, and join us in London. Here’s a sneak peek at what we’ll be sharing at Infosec.
The big story in security news right now is Heartbleed — a serious bug in the software responsible for encrypting traffic on the Internet, called OpenSSL.
OpenSSL is open source software used by websites, including Google, Gmail, Facebook, Yahoo and many thousands more, to encrypt all of our data. But the Heartbleed bug, just recently discovered by two researchers, left the door wide open to data attacks on vulnerable web servers.
We also found out that the Heartbleed bug is in a version of the OpenSSL software that’s two years old — so this vulnerability could have been attacked for a very long time by someone with the resources to exploit it.