New Malware Spam Thanks You for Purchasing and Shopping with Them

In the last 24 hours some malicious agent has sent out a massive spam run with a malware payload behind a link to “open your invoice”, “download details” or “open your payment details”. The emails seem to come from senders such as,,,, and, and the text is all very gappy.

Computer Users Urged to Disable Java Because of Security Flaws

The U.S. Department of Homeland Security alerted users of Java to a serious and urgent security risk, recommending that users disable Java until a suitable fix has been released. In the statement, the United States Computer Emergency Readiness Team (US-CERT), the branch of the federal government that manages computer security risks, warned that any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7), Java SE Development Kit (JDK 7) and Java SE Runtime Environment (JRE 7) are at risk.

Study Reveals that as Many as 16% of All Visits to Websites are from Bots, and 26% of All Traffic is “Aberrant”

Bots generate at least 10% of all online traffic, according to data released today by Solve Media, a company that provides security authentication solutions through CAPTCHA-based advertising technology. Solve Media indicates that they have seen a 400% increase in what they term ‘aberrant’ traffic across web-based services such as commenting, voting, registration, contact and commenting.

Cyber Attack Unleashes Most Brutal Attack Yet on Iranian Nuclear Plant: AC/DC

There are few things as comforting to hear as, “Our nuclear program has been compromised again” from an Iranian nuclear facility, but it appears that someone behind a cyber attack, or possibly some snickering 12 year old boys in their parent’s basement, have unleashed a cyberattack on Iran’s Atomic Energy Organization; hard rock-style. That’s right, the latest Iranian nuclear cyberattack has the nuclear physicists shaking all night long to AC/DC rock music; “Thunderstruck” to be exact.

Fake Kindle E-Book Order Confirmations Lead to Malicious Sites

Starting early this morning, a rash of fake Kindle ebook orders hit the Internet. Sent out as part of the Sakura exploit malware, the email is designed to alarm the recipients into thinking that their Amazon accounts have been charged outrageous amounts for ebooks that they didn’t order, going to addresses they don’t recognize (including “Gahanna, United States”), but the links to “your account” actually take the unsuspecting recipients to malicious sites where the Sakura exploit will infect their computer, adding it to their botnet. The subject of the email is usually “Your Kindle e-book order confirmation” or “Your Kindle e-book order receipt” and appears to come from “Thanks for your order (your email address)!” the email starts out, going on to say “Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.” Don’t fall for it!

First Serious Mac Infection: Flashback Trojan

Up until now Mac owners have been relatively safe (and smug) when it came to the infectability of their computers. Worms, trojans, viruses, and other malware were considered to be primarily the domain of Windows. That may have changed last week, however, when the Russian security company, Dr. Web, reported that as many as a half a million Macs are already infected with what is being called the “Flashback Trojan”. Here’s how to know if you have Flashback Trojan, and how to get rid of Flashback Trojan.

Stuxnet Worm that Struck Iran Nuke Site May be on the Move Again

The worm that infected an Iranian nuclear site, Stuxnet, or something very much like it, may be getting ready to strike again, say researchers. A recently discovered malware dubbed Duqu (for the prefix of its files, ~DQ, is designed to steal information needed to mount another such attack, and provide remote access to industrial installations such as, well, nuclear plants.

Conficker Worm Hiding on Millions of PCs Around the World, How to Tell if Your Own PC has the Conficker Worm

With the release of the new book, Worm: The First Digital World War, the Conficker worm (also known, depending on which variant you have, as Conficker A, Conficker B, Conficker C, Conficker D, Conficker E, and the Conficker Virus) is back in the news. This is a good thing, as it is very much still one of the biggest threats on the Internet, but as it has been around since 2008, it’s been “out of sight, out of mind” for many users, who no longer think about detection and Conficker removal. Here’s a quick refresher on how to tell if you have Conficker (the handy Conficker eyechart) and having been infected with Conficker, how to find a Conficker removal tool so that you can delete Conficker.

The Facebook “Dislike Button” Virus Scam

If a link to “activate dislike button” shows up on your Facebook page – do not, Do Not, DO NOT click that link! The scam link, spreading like wildfire, appears as a post on your wall that says “Facebook just added the dislike button! Click on ‘Activate Dislike Button’ below to enable it on your account!” Of course, the FB dislike button is another Facebook scam, carrying with it a Facebook virus and a bonus of malware that it downloads to your computer in the background.

“Web Security” Pop-Up Trojan Making Rounds Again, This Time Attacking Both Windows and Macs

The “Security Alert” trojan, sometimes known as a ‘rogue antivirus’ attack, is making the rounds again. First spotted a few years ago, until recently the “web security” antivirus alert trojan targeted mainly PCs, tricking Windows users into downloading the evil ‘BestAntivirus2011.exe’ file by telling them that “To help protect your computer Windows web security have detected trojans and ready to remove them.” (Note the poor language usage.) Now this same tactic is being used to attack Mac users – all that has changed is the “Windows” to “Apple” and the file name (‘MacProtector.mpkg for Macs’) – even the poor language remains the same! “To help protect your computer Apple web security have detected trojans and ready to remove them.” says the pop-up. Don’t fall for it, and whatever you do, don’t click on “Remove all”, which will cause the malware to be downloaded to your computer.