TechBlog

I recently had an interesting message arrive in my system; after viewing the message, 100% of those polled agreed on what it was. What do you think? What do YOU see? If you answered spam, you’re on your way to having the mentality of a spam analyst. This message has many hallmarks of classic unsolicited commercial email: the middle of the message says “Click Here” in big prominent text there’s an “opt-out” banner, announcing that this is an ad the ad contains a “unique ID” despite the (intentionally obscured) address, the message does not say who it is actually from the “call to action” link is http :/fefcbdacggbfg.[redacted].info/alphaville/4754-1b416/ — random sub-domain, published in the .info top level domain, with a directory name comprised of two random words, and a sub-directory that looks like yet another unique identifier. everything in this message except for the “unique ID” under the opt-out banner is actually an image. Those of you who are actually interested in psychology will also note that the inkblot is not actually part of either the Rorsach or the Holtzman Inkblot Test. It seems to me that this message is more designed to take advantage of those who are willing to try anything to get a job. In the long run, an accredited educational institution will likely be much more beneficial.

Is this the last rogue for 2009? The cyber criminals will probably ditch 2009 in their naming after the New Year.AntivirusPC2009 may still trick some people before next year though. The fraud tool downloads files on the system and detects them after a scan has been performed.

Activities associated with Koobface have increased during the month of December. Often it is for the sending of traffic to compromised servers in order to obtain more servers. Other times the activity centers around using those same compromised servers to proxy users to malicious domains that are then used for further distribution of malware or command and control of the infected machines. I noticed a trend with some of the domain-based locations making use of the holiday theme. This has included everything from “presents for your pets” to “festive holiday trees” – these are domains that appear legitimate but are not. In fact, many of the domains that are being used were legitimate at one point and now are serving a different, more questionable purpose. ...

SystemCleanerPRO is a rogue antivirus program, or a complete scam. SystemCleanerPRO uses fake security alerts and fictitious system pop-ups that warn or infections to frighten users into buying the software. SystemCleanerPRO is a complete rip-off and should be removed form infected PC’s immediately. If SystemCleanerPRO has infected your computer, you may experience the following symptoms: Slow sluggish PC SystemCleanerPRO running a system scan every time you turn your PC on System alerts warning you that the computer is under attack or is not protected, recommending you purchase SystemCleanerPro Web browser redirecting to random websites (which are owned by the crooks who author this and other malicious software) Other programs not opening or shutting down if your windows is infected with these kind of malware Click Here to learn how to remove it.

As you may have heard in the last few days, Twitter has banned 370 passwords (actually only 369, ‘password’ appears twice in the list) as ‘too obvious’ to be safe for their users. A good move in theory but why are so few words banned? And what are they? The list is available in various places online, or even just by viewing the source of the Twitter sign up page. Sadly the sports fans in this Sophos office may be out of luck with both ‘boston’ and ‘redsox’ making the banned list. ...

Hopefully, the holiday season has found you spending a good amount of time offline: enjoying moments spent with friends and family, keeping long-standing traditions or creating new ones to follow for seasons to come, or just relaxing due to some downtime from work or school. It wouldn’t come as much of a surprise, though, if you’ve still found yourself spending a fair share of your time during the holidays online: checking status updates and posting new pictures on Facebook, or sending and checking tweets on Twitter. And, why not? These networking sites are an easy way to connect and share with the people we care about. ...

Antispyware Shield Pro is a phony security software, also known as a rogue. Antispyware Shield Pro uses fake security warnings and pop-up alerts to frighten people into thinking their PC is infected. Antispyware Shield Pro will not remove these supposed infections until you purchase the software. Do not fall for this scam, Antispyware Shield Pro is an infection itself. if your windows is infected with these kind of malware Click Here to learn how to remove it.

Total PC Defender is a rogue security software, a complete scam designed to rip people off. If Total PC Defender has infected your PC, you should remove it immediately. if your windows is infected with these kind of malware Click Here to learn how to remove it.

Atif Mushtaq, a researcher at FireEye security company, has coordinated a global effort to take down of one of the top 10 botnets – Mega-D. PC world said the botnet controlled 250,000 machines in a massive network that was responsible for nearly 12 percent of world spam according to Message Labs statistics. Mushtaq and those working with him coordinated their efforts with Internet service providers to isolate the Mega-D command-and-control servers in Israel, Turkey and the U.S. ...

Security researchers examining the directories of the URLs of some of the latest Koobface runs may stumble upon a Christmas greeting: