VB - 2007 05

Download PDF of this issue
Virus Bulletin - May 2007

Virus Bulletin - May 2007

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editor: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2007-05-01

Abstract

Securing the Web 2.0 (comment); ANI-hilate this week (analysis); Beyond Virtu(e) and evil (analysis); Nirbot: targeted attacks get personal (analysis); Covert zombie ops (feature); Trend Micro PC-cillin Internet Security 2007 (product review)

Comment

Securing the Web 2.0

'I believe that if the human factor is such a significant part of the problem, then it must also form part of the solution.' David Emm, Kaspersky Lab.

David Emm - Kaspersky Lab, UK


News

A new generation of Panda

Panda sells majority shareholding.



Websense snaps up SurfControl

$400m for British web-filtering company.



VB100 procedure review

Test procedures clarified.



Erratum: VB100 Linux comparative

Dr.Web results corrected.



Malware prevalence report

March 2007

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Analyses

ANI-hilate this week

The time between the announcement and exploitation of vulnerabilities continues to shrink - especially in the case of stack overflow vulnerabilities, which require very little skill to exploit. Peter Ferrie describes a prime example: the recent ANI vulnerability and its exploits.

Peter Ferrie - Symantec Security Response, USA


Beyond Virtu(e) and evil

While not technically a new virus (being modelled on the almost ancient Tenrobot family), W32/Virtu does introduce some interesting changes and new techniques. Víctor Álvarez and Mario Ballano describe this polymorphic file infector that also behaves as an IRC bot.

Víctor M. Álvarez - PandaLabs, Spain & Mario Ballano - PandaLabs, Spain


Nirbot: targeted attacks get personal

Nirbot gains its notoriety primarily from the cat fight in which its author has been engaged. Although keenly aware of the descriptions and blog entries posted about his creations, the author seems not to be so well versed on the naming conventions used within the AV industry. Lysa Myers shares the details of this technologically unremarkable, yet reasonably successful bot.

Lysa Myers - McAfee, USA


Feature

Covert zombie ops

Can a botmaster send commands covertly to a botnet of over a million zombies and control them in real time? John Aycock considers how such a botmaster’s command channel might look.

John Aycock - University of Calgary, Canada


Product review

Trend Micro PC-cillin Internet Security 2007

John Hawes shares his experiences with Trend Micro's PC-cillin Internet Security suite.

John Hawes - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Spam Bulletin

Spam Bulletin - May 2007

Anti-spam news; MIT Spam Conference 2007 (conference report)

Poll

Is it reasonable to teach virus writing as part of a computer security course?
Yes
No
I don't know

Leave a comment
View 7 comments
vb2008-sidebar

Virus Bulletin

In this month's magazine:
  • Does the punishment fit the crime?
  • Prophet and loss
  • All your MP3s are belong to us
  • Malware teaching considered harmful?
  • Il buono, il brutto, il cattivo
  • Lavasoft Ad-Aware 2008
  • The problem of backscatter – part 1
Virus Bulletin 09 2008
Subscribe now!
Virus Bulletin currently has 133,998 registered users.