Select Page

Rootcon 5: Greetings from Cebu!

Click to Enlarge This year, Cebu Island is playing host to the fifth Rootcon security conference, which takes place on the 9th and 10th of September. GFI Software has two standalone talks at this one – “Introducing TDL4, a Sophisticated Fraudster’s...

Facebook Profile Rollback Phish

Here’s a phishing scam that lures users with the promise of getting their “old Facebook profile” back. What that means is up for debate – maybe the scammer is harking back to a land of slightly less privacy options, or maybe he just wants you...

The Longstanding KVGB Compromise

Our friends at Zscaler has blogged about a website compromise involving Karnataka Vikas Grameena Bank (KVGB), a prominent regional rural bank in India, last February of this year. It then housed a malicious JavaScript (JS) code that redirects visitors to another...

Facebook Makes a Move Toward Security

Facebook recently published a guide for it’s users on how to secure their online accounts from anything that threatens one’s Facebook security. Among those covered are Wall, Chat, and Comment spams, weak passwords, fake applications, and account hacking....

Of Spam and Speeding

Our engineers over at the AV Labs have spotted recently a deluge of spam about a “traffic ticket” that purports to come from a state department in New York. The said spam has a compressed file attachment that, once extracted, contains a file that bears the...

Phony Mc Bling Sting

CCleaner (formerly Crap Cleaner, which is a glorious name) is a handy program used to remove unwanted files, fix borked registry entries and more besides. There’s a website located at myccleaner(dot)ru which claims to be offering up multiple versions /...

Pottermore: Expecto Riddikulus!

Now that I have Harry Potter fans foaming at the mouth for randomly mashing up two unrelated spells to express the intent of this blog entry, I’ll continue. Pottermore is – help me out here, Wikipedia – a site that will sell eBooks of the Harry...

Department of Defense 419 Mail…

I’m almost certain pretending to be the Department of Defense is not a good idea, but then it’s not like a 419 scammer has that many of those in the first place. In fact, they can’t even format an email properly so here’s my best attempt at...

Grinding your (Top) Gears

Here’s a site called watchtopgear(dot)info that lets you – amazingly enough – watch Top Gear. Sort of.  Click to Enlarge Series 16 / 17 are yours for the taking. Sounds awesome if you’re a Top Gear fan, but of course you need to install...

“Activate Skype”. Or not…

Here’s something that looks like Skype, may or may not give you Skype but certainly wants something in return for it first.  Click to Enlarge  Click to Enlarge So far, so good I guess. It’s all in Russian of course, but it looks like it is...

The state of Typepad security

There are over 3,000 malicious sites on Typepad serving malware. I’ve put the list of malicious domains here.  I’ve also notified Typepad. Typepad — get a clear abuse or security contact on your site, and do some work to police your blogs....

Correct Version Aversion

Here’s a site located at buburuzka(dot)com/xhupt/71093(dot)php offering up some fake Flash. Humorously, they don’t seem to have taken much notice of the latest Flash Player version – compare and contrast: Click to Enlarge As you can see, a bit...

.gov.np Site Serves Up Banking Phish

This is the National Development Volunteer Service of Nepal located at ndvs(dot)gov(dot)np/_vti_cnf/customer(dot)ibc(dot)htm: Click to Enlarge This is an unwelcome addition to the website in the form of a Lloyd’s TSB Phish. Click to Enlarge It’s still live...

We’re (Auto)whalers on the Moon

I don’t know what it is about this one that sets the Spidey Sense tingling. Maybe it’s the fact it promises to make things all too easy – Vader reference there for anyone keeping score – for the lazy crook. Maybe it’s the fact the little...

Unusual Twitter Spam of the Day

I love the smell of some Twitter spam in the morning. iPads, iPods, books, movies, videogames, free holidays: I’ve seen – and blocked – them all. Then this happened. Yes, Twitter users are being sent, er, a free “arse”. Quite a lot of...