Mac security firm Intego blogged about Apple’s decision to include an antimalware component in Mac OS X 10.6 "Snow Leopard" and we agree that it is a good step, security-wise, to provide some basic protection against malware. Apple has long mocked Microsoft, up to and including this 2006 advertisement which implied there were no viruses
You probably aren’t looking for trouble, but there’s a good chance you’ll find it when you search the internet. An article in Information Week http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218700239&cid=RSSfeed_IWK_All it was reported that the bad guys are trying to make sure their bad web pages come up when you search common terms on the internet. In this case the
As Valentine’s Day is approaching the criminals behind Win32/Waledac have increased their activity. The Valentine campaign started some time ago but the interesting part is only starting for us. The Waledac botnet has been using fast flux for some time now. This means that the IP addresses of the websites used to distribute this malware
It occurs to me that I should make it clear that this "top ten" isn’t in any particular order. Like the other "top ten" suggestions by the research team that are likely to find their way here in the near future, they’re all significant issues that need thinking about. Point 9 (a short one!) is, don’t
[Update info moved to new blog post on 6th January] In deference to all those old enough to get a panic attack when reminded of how bad pop music was capable of being in the 1970s, I’ll try to overcome by the urge to mention "Chirpy Chirpy Tweet Tweet". Anyway, to business. Having all the
Welcome to prime-time scam season. This is when the advertisements for taxes in the USA really start to pick up. Granted, they go on all year long, but now is when we traditionally see an increase in volume. There are a variety of such scams. The worst of the scams are the phishing attacks. If
Lots of fuss about the paper presented at the Chaos Communication Congress in Berlin yesterday by Alexander Sotirov et al. The paper describes a proof-of-concept attack using a weakness in the MD5 cryptographic hash function to create a rogue Cerification Authority certificate using a hash collision (essentially, two messages with the same MD5 hash value).
I’ve just picked up a comment to a previous blog that pointed to what I presumed to be a malicious URL. We’re grateful for all such information, but for obvious reasons, we won’t approve comments that point to malicious code! You can find information in our knowledgebase here about how to forward malware samples or false