Virus Bulletin - November 2007

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editor: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2007-11-01

Abstract

Search engines in research and vulnerability assessment (comment); Application whitelisting (letter); Spam from the kernel (analysis); Anonymous proxies: the threat to corporate security enforcement (feature); Malware storms: a global climate change (feature); Birds of a feather (book review); ESET Smart Security (product review)

Comment

Search engines in research and vulnerability assessment

'Search engines are free, powerful and efficient tools that can be used to find vulnerabilities and hacked sites on the web, and even in your own organization.' Alex Eckelberry, Sunbelt Software.

Alex Eckelberry - Sunbelt Software, USA


News

E-crime unit to get government funding?

UK government responds to House of Lords call for better policing of the Internet.



VB100 NetWare update

Updated results for VB100 NetWare comparative.



Malware prevalence report

September 2007

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Letter

Application whitelisting

'Whitelisting is currently nothing more than (admittedly careful and extensive) inverted blacklisting by AV software.' Gabor Szappanos, VirusBuster.

Gabor Szappanos - VirusBuster, Hungary


Analysis

Spam from the kernel

Trojan.Srizbi is the first example seen in the wild of a complex piece of malware that operates fully from kernel mode. Kimmo Kasslin and Elia Florio provide a detailed analysis.

Kimmo Kasslin - F-Secure, Malaysia & Elia Florio - Symantec, Ireland


Features

Anonymous proxies: the threat to corporate security enforcement

The popularity of anonymous proxies is rising rapidly, as is the number of sites offering anonymous proxy services, but what impact do they have on corporate security? Rony Michaely explains the risks.

Rony Michaely - Aladdin, Israel


Malware storms: a global climate change

Pierre-Marc Bureau and Andrew Lee examine the evolution of W32/Nuwar, the 'Storm worm', from its rather humble beginnings as a minor malware threat into one of the most bleeding-edge malware technologies currently affecting systems across the globe.

Pierre-Marc Bureau - ESET, Canada & Andrew Lee - ESET, UK


Book review

Birds of a feather...

The AVIEN Malware Defense Guide has been written by members of the AVIEN/AVIEWS online communities with the aim of passing on knowledge that they believe will be both interesting and useful to those involved in the real-world battle against malware in organisations. Martin Overton suggests you find a space for it in your bookshelf.

Martin Overton - Independent researcher, UK


Product review

ESET Smart Security

The latest offering from ESET is a multifunction home-user product. John Hawes was given the chance to take a look at ESET Smart Security just days before its official release - and found a product which promises to be formidable competition for the range of security suites already on the market.

John Hawes - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Spam Bulletin

Spam Bulletin - November 2007

Anti-spam news; Evading SpamAssassin with obfuscated text images (feature)



Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Jobs
In Virus Bulletin's jobs pages among others:

Virus Bulletin currently has 224,239 registered users.