VB - 2007 05

Download PDF of this issue
Virus Bulletin - May 2007

Virus Bulletin - May 2007

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editor: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2007-05-01

Abstract

Securing the Web 2.0 (comment); ANI-hilate this week (analysis); Beyond Virtu(e) and evil (analysis); Nirbot: targeted attacks get personal (analysis); Covert zombie ops (feature); Trend Micro PC-cillin Internet Security 2007 (product review)

Comment

Securing the Web 2.0

'I believe that if the human factor is such a significant part of the problem, then it must also form part of the solution.' David Emm, Kaspersky Lab.

David Emm - Kaspersky Lab, UK


News

A new generation of Panda

Panda sells majority shareholding.



Websense snaps up SurfControl

$400m for British web-filtering company.



VB100 procedure review

Test procedures clarified.



Erratum: VB100 Linux comparative

Dr.Web results corrected.



Malware prevalence report

March 2007

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Analyses

ANI-hilate this week

The time between the announcement and exploitation of vulnerabilities continues to shrink - especially in the case of stack overflow vulnerabilities, which require very little skill to exploit. Peter Ferrie describes a prime example: the recent ANI vulnerability and its exploits.

Peter Ferrie - Symantec Security Response, USA


Beyond Virtu(e) and evil

While not technically a new virus (being modelled on the almost ancient Tenrobot family), W32/Virtu does introduce some interesting changes and new techniques. Víctor Álvarez and Mario Ballano describe this polymorphic file infector that also behaves as an IRC bot.

Víctor M. Álvarez - PandaLabs, Spain & Mario Ballano - PandaLabs, Spain


Nirbot: targeted attacks get personal

Nirbot gains its notoriety primarily from the cat fight in which its author has been engaged. Although keenly aware of the descriptions and blog entries posted about his creations, the author seems not to be so well versed on the naming conventions used within the AV industry. Lysa Myers shares the details of this technologically unremarkable, yet reasonably successful bot.

Lysa Myers - McAfee, USA


Feature

Covert zombie ops

Can a botmaster send commands covertly to a botnet of over a million zombies and control them in real time? John Aycock considers how such a botmaster’s command channel might look.

John Aycock - University of Calgary, Canada


Product review

Trend Micro PC-cillin Internet Security 2007

John Hawes shares his experiences with Trend Micro's PC-cillin Internet Security suite.

John Hawes - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Spam Bulletin

Spam Bulletin - May 2007

Anti-spam news; MIT Spam Conference 2007 (conference report)

Poll

Will new browsers like Firefox 3, Internet Explorer 8 and Opera 9.5 help fight web-based malware?
Yes
No
I don't know

Leave a comment
View 15 comments
Jobs Career Sidebar

VB2008

VB2008 VB2008 will take place 1-3 October 2008 at the Westin Ottawa, Canada. Registration has opened; please check the call for papers.
Virus Bulletin currently has 127,159 registered users.