”Duh” ändrar lösenord på din iPhone – vilket betyder att cyberbrottslingarna vet vilket lösenord telefonen har men den infekterade användaren vet det inte. På så sätt kan brottslingarna logga in på din iPhone senare. Dock lyckades Sophos experten Paul Ducklin att knäcka lösenordet samt avslöja att smittade användare kan logga in som root med lösenordet ”ohshit”.

Paul säger: ”Apple’s default root password – ‘alpine’ – on the iPhone breaks two fundamental rules – it’s both a dictionary word and well-known. This doesn’t matter for most iPhone users, as they haven’t jailbroken their iPhones and installed SSH to allow remote access – but the new worm will break in and immediately change it. This change is made by directly editing the encrypted value of the password in the master password file, so that the new password is never revealed,” förklarar Paul Ducklin, head of technology på Sophos Asia Pacific. ”This password-changing represents an additional risk, as it means that cybercriminals now know what your password is – allowing them to log back into your iPhone later – but you don’t, so you cannot login and eliminate the virus.”

Så om du har en jailbroken iPhone så rekommendera jag dig att byta lösen omdelbart.

Enligt en undersökning på webben som Sophos har gjort tror 96 procent att vi kommer se en ökning av skadlig kod för iPhone. Vad tror du?

Grahan Cluley från Sophos deltar på ett nyhetsinslag på CNBC där han beskriver hur kriminella grupper utnyttjar människors oro för svininfluensan för att tjäna pengar.

Se även:
Graham Cluley’s blogginlägg – www.sophos.com/killazombie
Facebookgrupp – http://www.facebook.com/group.php?gid=193824371417

Graham Cluley på Sophos intervjuar personer på stan och får dem att avslöja en hel del om sig själva till en för dem helt okänd person. Läs mer på http://www.inuit.se/?page=49&display=234:2653

October 22nd, 2009 was the official public launch of Microsoft Windows 7. Those of us in the software development, hardware, and large enterprise space have had access to it for a few months now. We have been working to put the final polish on our compatibility, look and feel, and quality assurance testing.

We officially support Windows 7 as part of Enterprise Security and Control 9, which was released to the public on October 14th. We also provide a Knowledgebase article with best practices regarding Windows 7 deployments.

In talking with the press there has been a lot of interest as to how secure Windows 7 is, what improvements there are, and what Microsoft might have missed.

One thing I have not mentioned here previously that I think Microsoft missed is the default behavior of hiding extensions in Windows Explorer and file selection dialogs. Microsoft has defended this decision as intentional and designed to simplify the Windows experience. They believe that legacy file extensions are confusing to the average customer.

I’m not sure about your users, but the PC users I know think of things as being a PDF, Doc, etc. They don’t pay much attention to things like the icon Windows presents to them. They have been taught not to open files with extensions like .exe, .scr, and .bat that are known to be potentially dangerous.

This leaves the door open for nasty malware to masquerade as .txt files in users’ email and dupes them into opening malicious files. In an enterprise environment, I would recommend using GPOs to change this setting to always show extensions.

I have posted several articles detailing changes made to security in Windows 7, which you can find listed below:

• Windows 7 security – 5 things you can do to secure XP mode
• Windows 7 security – Myths, by Wired.com
• Windows 7 security – Microsoft DirectAccess
• Windows 7 security – Close, but still room for improvement

Sophos CTO Richard Jacobs started a rather interesting debate with some representatives from Microsoft this August with his guest blog ”XP mode – demonstrating security is never Microsoft’s first priority”. This prompted a response from Microsoft’s Roger Halbheer pointing out the continued need for Windows XP compatibility. In reply Richard Jacobs provides more details concerning XP mode’s manageability and resource consumption.

James Lyne and Carole Theriault put Windows 7 in the security spotlight in their podcast at the end of August. I also published a more in-depth paper on Windows 7 security issues last month titled ”Windows 7 security: A great leap forward or business as usual?”

In summary, I would like to remind users of Windows 7 that, as for users who have chosen OS X, Linux, or even Blackberries, much of the risk on the internet today is not OS-targeted malware. Sure, there have been outbreaks of things like Conficker, Virtumundo, and JSRedir (Gumblar) that exploit flaws in Windows, but many attacks are focused on social engineering.

Many users have already decided to move away from Microsoft based on previous bad experiences. This is leading criminals to take new approaches to compromising your data, identity, and finances.

As Graham pointed out in his video, people readily share their personal details without having been compromised by viruses. Using multiple techniques, scammers were able to steal tens of thousands of Hotmail and other online service passwords through fake websites, malware, and possibly other nefarious techniques.

Microsoft has closed and locked the windows. You must educate your users, Windows 7 or not, because your data, identity, and money are up for grabs.