Warning!! New email containing trojan virus is spamming World of Warcraft gamers. This new trojan is packed in sexy e-mail with subject line “Do you like to find a girlfriend like me?” and contains this text:

“Wish to have a boyfriend

Be able to protect me, take care of me

Intolerable lonely night and would like to have your care. do you Willing?

This is my photos."

There is also attachment named “my photos.rar”. This .rar file contains 12 explicit photographs of young Asian woman, and also claims to contain two hardcore sex videos.

“The video files, however, are really a password-stealing Trojan horse called Troj/Agent-LVF which steals usernames and password from players of the popular online role-playing game World of Warcraft.”

Source:  sophos.com

Mobile devices aren’t usually the first targets you might think of when it comes to viruses, worms and Trojans. In fact, you could probably be forgiven for not knowing they exist at all. But I think that the recent popularity of smart phones with the consumer market may bring with it an interest in programming malware for those devices, as well.

And for a hacker who wants to make his or her mark on the consumer smart phone world, what better place to start than with the little machine that helped start the whole craze? Though certainly not the first smart phone, Apple’s iPhone was arguably the first smart phone that people found a reason to embrace for their personal use. And it’s sold millions for Apple.

Chet Wisniewski of security provider Sophos posted Saturday about a new worm that affects the iPhone. An Internet service provider in the Netherlands identified the malware. The worm executes itself when you turn on your device, and it also takes data from the iPhone or iPod and sends it to a server in Lithuania.  It only affects those iPod Touches and iPhones that have been jailbroken, or unlocked to allow non-Apple-approved software on them. Attacks have been detected on ISPs around the world, including T-Mobile in many countries, UPC in the Netherlands and Optus in Australia.

The malware assigns each iPod or iPhone a unique number so the hackers who wrote the software can control it as they would with a zombie computer. It also looks for SMS-based authentication systems, the type used by financial institutions for mobile banking purposes. From what Wisniewski said, the worm operates faster on a WiFi network than it does on the 3G network; if your device is infected, you’re likely to see the battery run down more quickly than usual, due to its high network traffic.

If you’ve got a jailbroken iPhone or iPod Touch and suspect that something’s awry, Wisniewski said the best solution at this time would be to revert to an earlier Apple firmware, which will un-jailbreak the device. But it will also prevent the worm from running.

Will mobile malware become a normal happenstance? Will other operating systems, such as Google’s Android, have to fend off similar problems? Time will tell. In the meantime, take a look at these articles for more on these and other related topics:

How Hackers Work
How Cell-phone Viruses Work
How Zombie Computers Work

iPhone Users get all Rick-rolled up their Faces

A bored Australian student decided to teach people who don’t set the passwords on their iPhones a lesson. He programmed a little virus that caused pictures of Rick Astley to show up on users’ screens. The virus also displayed a message saying, “Ikee never gonna give you up” – a reference to the student’s Twitter name @ikeeex.

Nothing bad happened apart from that, but Sophos security experts are warning that now the source code for iPhone viruses is out there, it won’t be long before more malicious examples start finding their way out.

In the Netherlands last week a more enterprising Dutch coder hijacked iPhones and demanded a small fee for their release. Probably a better use of people’s time than hitting them with a year old meme.

Apple have prided themselves on their reputation for security but these cases show that once any platform becomes popular enough, it’s worth hackers targeting them.

Ian Duncan

for more news and reviews get your free subscription of Phonica Magazine UK online here!

ภาพวอลเปเปอร์รูปนักร้องอมตะ Rick Astley ภายหลังไอโฟนติดหนอนไวรัส

โปรแกรมประสงค์ร้ายที่เรียกกันว่า worm นอนขยายตัวออกจากคอมพิวเตอร์มาสู่ไอโฟน (iPhone) โทรศัพท์มือถือหน้าจอสัมผัสยอดฮิตของแอปเปิลแล้ว สำนักข่าวต่างประเทศระบุว่าหนอนไอโฟนตัวแรกนี้แพร่เชื้อแก่ไอโฟนหลายเครื่อง แล้วในออสเตรเลีย อาการไม่ร้ายแรงเพียงเปลี่ยนภาพวอลล์เปเปอร์ในเครื่องให้เป็นภาพของ Rick Astley นักร้องนักดนตรียุค 80 ชาวอังกฤษเท่านั้น มือสร้างหนอนให้สัมภาษณ์ ไม่หวังปั่นป่วนแต่อยากกระตุ้นให้เจ้าของไอโฟนตระหนักถึงปัญหาความปลอดภัยบน ไอโฟนด้วยการเปลี่ยนแปลงรหัสผ่านที่เป็นค่าเริ่มต้นหรือ default

หนอนไอโฟนนี้ถูกตั้งชื่อว่าไอคี (Ikee) ผู้เชี่ยวชาญด้านการรักษาความปลอดภัยบนระบบอิเล็กทรอนิกส์ชี้ว่าหนอนนี้ สามารถคุกคามเฉพาะเครื่องที่ผ่านการปลดล็อกแบบผิดกฏหมายเท่านั้น ซึ่งทำให้ไอโฟนสามารถรันหรือประมวลผลซอฟต์แวร์ที่ไม่ได้รับอนุญาตจากแอปเปิล ตรงนี้ทำให้หลายฝ่ายเชื่อว่าแอปเปิลจะไม่รู้ร้อนหนาวกับเหตุที่เกิดขึ้น ซึ่งเป็นการประกาศให้ผู้บริโภครู้ว่า ภัยจากการลักลอบปลดล็อกเครื่องนั้นเป็นอย่างไร

แม้หนอนไอคีจะไม่สร้างอันตรายร้ายแรง เพียงเปลี่ยนภาพวอลล์เปเปอร์ในเครื่องให้เป็นรูปนักร้องอมตะ Rick Astley และหาทางแพร่กระจายตัวเองต่อไปเท่านั้น แต่ผู้เชี่ยวชาญตั้งข้อสังเกตว่าแนวคิดของหนอนนี้สามารถนำไปดัดแปลงเพื่อ สร้างเป็นโปรแกรมอันตรายยิ่งขึ้นได้ เช่น โปรแกรมขโมยข้อมูลส่วนตัว ซึ่งจะสร้างความเสียหายใหญ่หลวงแก่ผู้ใช้ไอโฟน

จุด นี้เกรแฮม คลูเลย์ (Graham Cluley) ที่ปรึกษาด้านความปลอดภัยของโซโฟส (Sophos) ให้ข้อมูลว่าช่องทางการแพร่กระจายของหนอนไอคีคือการเจาะส่วน SSH หรือ Secure Shell โดยใช้รหัสผ่านดั้งเดิมที่มากับตัวเครื่องเพื่อให้เครื่องไอโฟนสามารถถูกควบ คุมการทำงานได้จากระยะไกลผ่านอินเทอร์เน็ต หากเจ้าของเครื่องตั้งค่ารหัสผ่านใหม่ก็จะไม่มีความเสี่ยงติดหนอนดังกล่าว ด้วย

คลูเลย์ระบุว่าเมื่อปลายสัปดาห์ที่ผ่านมา นักเจาะระบบชาวดัตช์นั้นเริ่มเปิดศักราชทำมาหากินกับการก่อการร้ายไอโฟนแล้ว ด้วยชี้ให้เจ้าของเครื่องเห็นรูรั่วและช่องโหว่ของระบบซึ่งมีความเสี่ยงต่อ ภัยคุกคามทั้งหลาย ก่อนจะเรียกร้องค่าบริการ 5 อียูหรือประมาณ 260 บาทเพื่อแลกกับคำแนะนำในการอุดรูรั่วที่อาจเกิดขึ้น

รายงานระบุว่า หนอนไอคีนี้ถูกเขียนขึ้นเมื่อวันพุธที่ผ่านมาโดยโปรแกรมเมอร์ว่างงานวัย 21 ปีชาวออสเตรเลียนาม Ashley Towns จากการสัมภาษณ์ Towns ระบุว่าไม่เคยได้ยินเรื่องการทำเงินจากการเจาะระบบไอโฟนในกลุ่มชาวดัตช์ แนวคิดในการเขียนไวรัสไม่ได้หวังให้เกิดการปั่นป่วน แต่ต้องการชี้ให้เห็นว่าผู้ใช้ไอโฟนที่ปลดล็อกมาแล้วควรเปลี่ยนรหัสผ่านที่ เป็น default ใน SSH เสียใหม่

ดู เหมือนว่ามือสร้างไวรัสไอโฟนจะคำนึงถึงความผิดทางกฏหมายที่อาจจะมีผู้ฟ้อง ร้องต่อศาล โดยขณะนี้ยังไม่ชัดเจนว่ามีไอโฟนกี่เครื่องแล้วที่ติดเชื้อหนอนดังกล่าว แต่ Towns ระบุว่าเฉพาะเครื่องของเขาเองนั้นเป็นพาหะทำให้ไอโฟนราว 100 เครื่องติดเชื้อแล้ว

เมื่อวันอาทิตย์ที่ผ่านมา บริษัทผลิตซอฟต์แวร์แอนตี้ไวรัสเอฟซีเคียว (F-Secure) ระบุว่ายังไม่มีรายงานยืนยันการติดเชื้อของหนอนไอคีนอกประเทศออสเตรเลีย โดยล่าสุด ชุดโปรแกรมหนอนไอคีถูกนำมาเผยแพร่ต่อสาธารณชนแล้วเมื่อวันอาทิตย์ที่ผ่านมา ผู้เผยแพร่คือ Joshua “JD” Davison กรรมการผู้จัดการบริษัท JelTel บริษัทค้าปลีกบริการอินเทอร์เน็ตในออสเตรเลีย ซึ่งเป็นผู้ที่ได้สัมภาษณ์ Towns มือสร้างไวรัสครั้งนี้

ข่าวการแพร่กระจายของหนอนไอโฟนนี้เริ่มขึ้นจากการถกปัญหาภาพวอลล์เปเปอร์ไอโฟนถูกเปลี่ยนโดยที่เจ้าของไม่ทราบเรื่องภายในกระดานสนทนาของชาวออสเตรเลียแห่งหนึ่งเมื่อหลายวันก่อน โดยมีการวิพากษ์วิจารณ์ในวงกว้างว่างานนี้คงสมใจแอปเปิล ที่ประกาศมาตลอดว่าการลักลอบปลดล็อกเครื่องนั้นจะนำไปสู่ความเสี่ยงทั้งด้าน ความปลอดภัยและประสิทธิภาพการทำงานของเครื่อง

โดย ASTVผู้จัดการออนไลน์

Endpoint, empresa que comercializa los productos de seguridad con la marca comercial ‘Sophos’, ha publicado en su página web un extenso archivo en .PDF donde explica la mayoría de los tipos de amenazas o malware que circulan por la red, además de incluir una serie de trucos de seguridad, un glosario de sistemas de protección y una línea del tiempo que ordena cronológicamente los virus más importantes en los últimos años, desde los primeros worm de la década de los años 70, hasta el revuelo reciente por el Conficker.

Sin restar importancia y utilidad al resto de apartados, en este artículo nos vamos a centrar en los métodos de protección. El manual contiene 18 páginas enteras dedicadas a esto, pero en él entran en escena muchos sistemas de protección a nivel empresarial. Para resumirlo, voy a recopilar los más importantes e imprescindibles a nivel doméstico para Microsoft Windows en cualquiera de sus versiones:

• Usar antivirus, que ofrecen inmunidad frente a las principales amenazas (otra cosa es que cumplan con ello). Recomendaciones personales: Kaspersky Antivirus 2010 (de pago), Avast 5, Panda Cloud Antivirus 00.90, Microsoft Security Essentials 1.
• Usar cortafuegos, principalmente aquéllos con protección HIPS residente que avisen antes de la ejecución de archivos. Recomendaciones personales: OutPost Firewall Free, COMODO Internet Security, OnlineArmor (de pago; la versión gratuita es peor).
• Actualizar el sistema operativo constantemente, ya sea este original o ‘pirateado’. Personalmente recomiendo comprar el sistema, o si no se quiere, se pueden usar alternativas gratuitas como las distribuciones Linux. Si el sistema, aun así, es ‘pirata’, se pueden instalar todas las actualizaciones menos la llamada ‘Windows Genuine Advantage’ (u ‘Office Genuine Avantage’ para Microsoft Office pirata).
• Hacer copias de seguridad periódicas del sistema en medios externos para evitar pérdadas de datos. Recomendaciones personales: Cobian Backup (el mejor, de pago), Macrium Reflect.
• Evitar la conexión de medios externos desconocidos sin antes comprobar su ausencia de infecciones.
• Tener sentido común a la hora de navegar.

La guía contiene muchas más entradas con recomendaciones, pero por limitaciones de espacio nos limitamos a esas pocas. Si estáis interesados en continuar podéis descargar todo el tutorial en esta página (está en inglés).

Here’s an excellent article from SANS, the computer security gurus of this world.  I think it’s great advice and information for everyone.

Keep an Eye on Window’s Security Icons. The icons in the Notification area (located on the Taskbar usually near the lower right corner of your desktop) provide important information about the security of your computer. Pay particular attention to the icons for Windows Update, Windows Security Center, and your security software.

Heads-up! If you see only a few icons or none at all, odds are they’ve been hidden. Unhide them:
http://www.techf5.com/archives/unhide-view-hidden-icons-on-taskbar/

- – Windows Update. A yellow shield with a black exclamation point in the middle near the lower right corner of your desktop in the Notification area. This icon comes and goes. It appears when Windows Update is busy downloading or installing critical security updates intended to patch security holes and help keep your computer safe. When you touch the icon with your cursor, a bubble message tells you what Auto-Update is doing. It may be busy downloading updates. Avoid logging off or shutting down your system until the download and installation are complete. If it has finished downloading updates, it may be waiting for the nod from you to install them. Click on the icon and tell it to go ahead. Or your computer may need to be restarted in order to complete the installation. The sooner you restart your system, the sooner the updates will take effect.

Heads-up! The Auto-Update icon won’t appear if Automatic Updating is
turned off. Make sure Auto-Update is turned on and has the recommended settings:
http://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off

If it’s been some time since updates have been applied to your computer, Automatic Updates will do its best to get your system caught up, and you’ll be seeing a lot of that yellow shield icon for a while. Keep touching it with your cursor whenever it appears, and when prompted, do your part to keep the update process going. Also, if you cannot get Auto-Update to turn on or think something has gone wrong, call the help line provided by the maker of your computer, your Internet Service Provider (ISP), or a computer consultant.

Heads-up! Sometimes when you select Shut Down, your computer will ask you if you want to “Install updates and shut down”, or will just tell
you it’s going to install updates. It’s very important that you let your computer go ahead with installing updates. Do not shut it off manually.
Updating could take an hour or more. It pays to be patient. Also, Microsoft will NEVER send you an email telling you to click on a link to get software updates. If you get such an email, it’s bogus.

- – Windows Security Center. A red shield with a white X in the middle near the lower right corner of your desktop in the Notification area. This icon comes and goes. (You may also see a balloon message.) Whenever the icon appears, that’s your queue to find out what’s gone wrong. Click on the icon or the balloon to open the Security Center, which tells you the status of the (software) firewall, Automatic Updates, and your Virus Protection. When all is well, you will see three green bands. A yellow band means that an adjustment is needed; follow the onscreen instructions. If you see a red band, an essential security system is not working. Avoid using your computer until it is working. Your best course of action is to call the help line provided by the maker of your computer, your Internet Service Provider (ISP), or a computer consultant.

Heads-up! A common cause of Windows Security Center alerts is that your security software is not working or is out-of-date. Read the explanation for the alert, and then click on “Recommendations.” Chances are it is time to renew your subscription. If your subscription is not current, your computer will be vulnerable to malware (viruses and worms). Do not wait for it to expire.

- – Your Security Software. This icon should appear on the Taskbar at all times. Every brand of security software has its own icon or icons, many of which are round or shaped like a shield. Identify the icon for your security software by touching the unfamiliar icons at right end of the Taskbar, near the lower right corner of your desktop in the Notifications area. A small pop-up or balloon will tell what you have. Common security software brands include Symantec, Norton, McAfee, Kaspersky, Sophos, Panda and BitDefender. Security software icons often signal an alert by changing color, flashing, or popping up a message. Pay attention to any change in the icon’s appearance. It may be good news-that your security software has been updated successfully or has blocked a threat to your system-or that it’s time to get out your credit card and renew your subscription.

Heads-up! If you can’t find an icon for security software, your system may not be protected against malware (viruses and worms). Play it safe by not using your computer until you are sure that your security software is working and up-to-date. Also, while many PC’s come with security software pre-installed, these are often limited-time trial versions that expire after 30-90 days. Security trialware generally lets you know in no uncertain terms that it is expiring, so send money!

* Quick Checklist
- – Make security icons visible on the Taskbar. Keep an eye on them.
- – Enable Automatic Updates. When prompted, do your part to get them
installed and working.
- – Use good-quality security software, keep it updated, and do not let it expire.

*********************************************************************
Copyright 2009, SANS Institute (http://www.sans.org)
Editorial Board: Bill Wyman, Walt Scrivens, Barbara Rietveld, Alan Paller.
Email: OUCH@sans.org
Download the formatted version of the OUCH! at https://www.sans.org/newsletters/ouch Permission is hereby granted for any person to redistribute this in whole or in part to any other persons as long as the distribution is not being made as part of any commercial service or as part of a promotion or marketing effort for any commercial service or product. We request that redistributions include attribution for the source of the material.

Am Betriebssystem der Borg wurde vieles verändert, manches verbessert, einiges verschönert. Nur eine Sache scheint unverändert: Die Sicherheit. Also, der Mangel daran.

Die Hersteller von Sicherheitssoftware haben natürlich ein gepflegtes Eigeninteresse daran, die digitale Welt immer am Rande des Untergangs zu wähnen. Aber nehmen wir mal an, die Kassandra-Rufe von Sophos stimmen und deren Test von Windows 7 wurde halbwegs neutral durchgeführt. Dann müssen wir uns die gleichen Sorgen machen wie immer, denn ein fabrikneues sauberes Win-7-System werde innerhalb von Minuten bei zehn Angriffen aktueller Malware gleich acht Mal erfolgreich verseucht.
“Windows 7 enttäuscht in Sachen Sicherheit genauso wie seine Vorgänger”, urteilt Chester Wisniewski von Sophos. Ursache sei eben die von Kunden und Markt geforderte Abwärtskompatibilität bei der Software. Da etliche Vista- und XP-Programme lauffähig seien, gelte dies eben auch für die Schädlinge. Der Sophos-Mann räumt allerdings ein, dass Microsoft im Vorfeld nicht gerade die Werbetrommel für mehr Sicherheit gerührt habe. Wohlwissend, dass es damit nicht klappt.
Immerhin gibt es nun eine automatische Datenverschlüsselung für Dongledrives. IT-Admins können unter Win 7 besser kontrollieren, welche Apps auf dem Firmennetz laufen dürfen. Für die übrige Systemsicherheit brauche der Nutzer nach wie vor regelmäßige Updates, Firewalls und Schutzprogramme.
Das bewahrt natürlich Anbieter wie Sophos davor, sich ein neues Betätigungsfeld suchen zu müssen… [Ralf]

[Wired]

Microsoft lockt mit Onlineservice auf die dunkle Seite

Probleme mit Windows 7? Helft Euch selbst, sagt Microsoft

Windows 7: Das Vista-Upgrade-Desaster (Update)

Internet: Die dreckigen 100

PC Security Firm, Sophos, noted that Windows 7 users may still need to use an antivirus software. Check the table for the results made by Sophos.

If you want a free antivirus solution download Microsoft Security Essentials 1.0 here.

Sono ufficialmente disponibili da qualche giorno i nuovi prodotti sophos giunti alla versione 4.0. Tra le novità troviamo il nuovo client (versione 9) e una politica sempre più vicina alla protezione dell’endpoint a 360° con l’introduzione di private crypto (per la versione SBE) che permette la cifratura di singoli file e del prodotto data protection lite incluso nella versione enterprise security and data protection, viene inoltre migliorata la gestione dei criteri relativi ai dispositivi mobili come chiavi USB e cd rom.

Davide

Do small business owners ever truly get a vacation? Hard to say but the reality is this, we do take working vacations and peek at our e-mails in the morning and spend time with the family in the afternoon. Such is life. Work hard and play hard.

So in my recent August vacation to Whistler, BC, Canada to “grandma’s” I took my traditional “Harry Day” where I could sneak down to Vancouver BC and work for a day. I used that time to meet with Sophos (thanks for Sacramento, CA SBSer Bob Nitro for introducing me)and get to know them a bit. In kind, Sophos expressed a desire to get to know the SBS tribe a bit better and it attended the SMB Nation Fall conference a couple of weeks ago in Las Vegas!

So I was thrilled when Sophos announced its 9.0 release as per the details below. Read on!

cheers…harrybbbb

Sophos Introduces a New Approach to Data Loss Prevention within Endpoint Security and Data Protection 9

Designed to overcome the predominant objections to implementing DLP – complexity, cost and manageability

Boston (PRWEB) October 15, 2009 — IT security and data protection vendor Sophos today announced that it has fully integrated data loss prevention (DLP) capabilities into the new release of Sophos Endpoint Security and Data Protection, version 9, thus enabling businesses to have visibility and control over sensitive data without requiring the deployment of any additional agents or any additional licensing costs. Within Sophos Endpoint Security and Data Protection 9, which is available immediately, Sophos is uniquely delivering to customers a range of data protection functionality – consisting of full-disk encryption (integrated in June 2009), device control, application control, and now DLP – all managed from a single, simplified dashboard.

Sophos is ‘Changing the Game’ with how DLP is Managed by:

At its core, the data loss problem is one largely of human error or irresponsibility

Some of this is due to lack of knowledge, some is due to end-user resistance to, and circumvention of, overly restrictive IT policies. Our approach to DLP acknowledges end-user needs and preferences and guides them in safe data-handling practices.

Sophos continues to set the bar by adding new features and functionality to its endpoint security solution, giving customers the best protection without tacking on additional fees

DLP deployments have not reached critical mass, where it would be expected that an organization should have this capability. However, content-aware DLP will become part of the standard of due care in the U.S. by year-end 2011, and by 2015 in the European Union.

Critical Capabilities for Content-Aware Data Loss Prevention

// <![CDATA[
numquotes=5;
quote_index = 0;
quote_naptime = 1000 * 4;
quote_timeout = 0;

function sequentialQuotes()
{
var i;
for( i = 0; i = numquotes ) { quote_index=0; }
//alert( quote_index );
document.getElementById( “quote_”+quote_index ).style.display = “inline”;
if( enable_random )
{
quote_timeout = setTimeout( “randomQuotes()”, quote_naptime );
}
}
function randomQuotes()
{
var randQuotId;
var i;
for( i = 0; i

Sophos is making DLP accessible to businesses unable to expand their budgets or IT teams any further. The latest upgrade also appeals to those enterprise customers who have evaluated, but ultimately rejected standalone DLP products based on their level of complexity.

“At its core, the data loss problem is one largely of human error or irresponsibility,” said Rainer Gawlick, chief marketing officer at Sophos. “Some of this is due to lack of knowledge, some is due to end-user resistance to, and circumvention of, overly restrictive IT policies. Our approach to DLP acknowledges end-user needs and preferences and guides them in safe data-handling practices.”
Additional Capabilities in Sophos Endpoint Security and Data Protection 9

In addition to integrated data loss prevention, Sophos Endpoint Security and Data Protection 9 includes several new features and functionality aimed at further simplifying how customers manage their endpoints such as:

“Sophos continues to set the bar by adding new features and functionality to its endpoint security solution, giving customers the best protection without tacking on additional fees,” said IT Security Manager John Raymond at SAFE Credit Union based in Northern California. “There aren’t too many security vendors providing easy-to-manage malware and data protection using one agent and one management console that are able to deliver significant product updates and support without also significantly increasing your budgetary requirements. With the growing demands on businesses to comply with industry, state and government regulations, adding DLP functionality comes at a pivotal time for budget-conscious IT teams as they look to better protect confidential member, employee and company information.”

According to Gartner, “DLP deployments have not reached critical mass, where it would be expected that an organization should have this capability. However, content-aware DLP will become part of the standard of due care in the U.S. by year-end 2011, and by 2015 in the European Union.”(1)

(1) Gartner Research “Critical Capabilities for Content-Aware Data Loss Prevention” by Paul E. Proctor, Eric Ouellet. 23 June 2009/ID Number: G00167644.

About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry’s lowest total cost of ownership. Sophos offers award-winning encryption software, endpoint security, antivirus, web, email, and network access control solutions backed by SophosLabs – a global network of threat intelligence centers. With more than two decades of security software experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

A network of Russian spammers hasn’t only infected Mac owners; they also made them very cheap:

‘Mac users, beware: the Russians are after you. A notorious network of spammers in the country pays hackers 43 cents for every Mac they infect with fake software, an investigator says. At a security conference in Switzerland, the researcher laid out a specific scheme to get Mac users to install malware in the guise of a video player. The Russian spammers still mostly go after Windows, but the Mac threat is a disturbing new trend, notes ComputerWorld.

“‘The growing evidence of financially-motivated criminals looking at Apple Macs as well as Windows as a market for their activities, is not good news,” blogs Graham Cluley at Sophos. “Especially as so many Mac users currently have no anti-malware protection in place at all.”‘
—John Johnson Sources: ComputerWorld, Sophos.com

Are you facing the same scenario at your workplace?
Here is why…….

It may be the latter-day media darling, but microblogging service Twitter is getting locked out of corporate networks just like Facebook, MySpace and LinkedIn before it.

Survey of Reasons for Blocking Social Netwworking sites

A survey of 709 system administrators released today by the internet security company Sophos shows that 54% of companies are blocking their employees’ access to these top four social networks, with workplace slacking and the security of company data top of the heap of concerns. More detailed results are in the graph above. The poll also revealed that some 63% of administrators fear people share too much company information on social sites. Half of the polled companies reported their networks had been subject to spamming or phishing attacks via social network sites.

Facebook remains the biggest social network risk to companies, says Sophos chief security expert Graham Cluley, due to its popularity. The site has a user base three times the size of the UK population – at around 200 million users – and where people go, criminals always follow.

But with TV megastar Oprah Winfrey joining the ranks of the tweeters lately, supposedly inspiring a million more to join, Twitter is the latest network to go bigtime. “Twitter is something fairly new and there are some companies without a definite policy on it yet,” says Cluley. But that won’t last long.

Twitter suffered its first major attack earlier this month when the Mikeyy worm spread thousands of spam tweets across the network. Although that worm has been put out of action, Cluley says Twitter remains vulnerable to similar attacks.

The social network is also unpopular with network administrators because the 140 character message limit means users typically send out shortened web addresses using services like TinyURL that hide the site a person is being directed to when they click a link.

Some third party Twitter clients – eg TwitterFox – make it possible to see where such links truly go, as does the Twitter search results page. But on the whole, most users are browsing blind.

There’s a form of ‘client blindness’ too: I think the large number of packages you can use with Twitter can lead to confusion amongst users – especially new ones. When you switch between different clients it’s not always clear whether you’ve directed a message to one person, or the whole world. Indeed, Cluley cites the case of a friend who accidentally sent his birth date to the whole Twitterverse.

Unless Twitter ups its security act, the proportion of firms blocking it isn’t going to change any time soon.

by Paul Marks, technology correspondent

Très simple…

Infiltrez-vous parmi un groupe d’amis, prétextez que votre petit(e) ami(e) s’est fait voler sa carte de crédit, son téléphone portable, son billet d’avion etc etc et que vous êtes bloqué dans un aéroport d’un pays étranger.

Faites passer un appel téléphonique, si possible, par un complice se faisant passer par un agent de l’immigration pour expliquer la situation à vos “amis”, celui-ci réclamera d’ailleurs de l’argent pour pouvoir vous libérer, et vous voila avec plusieurs virements bancaires sur votre propre compte.

C’est en faite ce qui est arrivé à une Dentiste pédiatrique américaine, Jayne Scherrman, habitante du Missouri.

Grâce à cette technique, les ravisseurs ont pu lui subtiliser environ 4000 dollars.

Sophos, éditeur de solutions de sécurité, qui révèle cette histoire, conseille aux utilisateurs de traiter leurs amis sur Facebook ou autres avec suspicion, dès lors qu’un virement d’argent est demandé.

Pour comprendre l’histoire allez sur generation-nt.com, cela est étonnant !

La empresa de seguridad Sophos acaba de advertir de un nuevo ataque a los usuarios de Twitter basado en imágenes morbosas que invitan a los usuarios a conectarse a MSN y de allí, llevarles a una página web para adultos.

El trabajo de los spammers ha sido el de crear decenas de perfiles falsos y perseguir, al azar, a usuarios en masa. Cada uno de estos perfiles se completa con una imagen sexy que se incluye en un mensaje. Al incluir mensajes en las imágenes, los ciberdelincuentes saben que serán más difícil de detectar por Twitter que si se enviaran como texto.

Desde Sophos afirman que los spammers han utilizado el truco de las imágenes desde hace años en relación con el correo electrónico, “por lo que sólo ha sido cuestión de tiempo antes de que empezáramos a verlo en Twitter”.Graham Cluley, Consultor de Tecnología de Sophos afirma que aunque a algunos usuarios les halague ver que tienen muchos seguidores, “hacerse amigos de extraños a través de la red siempre será muy arriesgado”.