Virus Bulletin - December 2007

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editor: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2007-12-01

Abstract

A year of threats across several technologies (comment); VB2008 Ottawa (call for papers); Something smells fishy (analysis); Exploring the evolutionary patterns of Tibs-packed executables (feature); Exepacker blacklisting part 2 (feature); Blow up your video (feature); Windows 2000 Professional (comparative review)

Comment

A year of threats across several technologies

'The main trend I have observed this year has been the spread of malware activity across several forms of technology and applications.' Eddy Willems.

Eddy Willems - EICAR, Belgium


News

Yuletide greetings

Festive wishes.



Vista fails to reassure web users

50% of users don't believe Vista has made the Internet any safer.



Botnets roasting on an open fire

FBI reports successes of operation Bot Roast; McAfee predicts cyber espionage for 2008.



Malware prevalence report

October 2007

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Call for papers

VB2008 Ottawa

Calling all speakers.



Analysis

Something smells fishy

The author of MSIL/Yakizake claimed that ‘very few implementations of multi-platform malware exist up until now'. Peter Ferrie lists a dozen multi-platform viruses and explains why Yakizake does not qualify for the category.

Peter Ferrie - Symantec, USA


Features

Exploring the evolutionary patterns of Tibs-packed executables

Rachit Mathur and Aditya Kapoor present an analysis of the techniques used by the Tibs packer and describes the reasons for its prolonged effectiveness.

Rachit Mathur - McAfee, USA & Aditya Kapoor - McAfee, USA


Exepacker blacklisting part 2

In the second installment of this three-part series on exepacker blacklisting, Robert Neumann provides a more detailed look at the different types of blacklisting and describes the tools that are available for analysis.

Robert Neumann - VirusBuster, Hungary


Blow up your video

These days we are used to seeing interactive multimedia content on websites - but unfortunately it is possible for these file formats to contain more than one might expect. Christoph Alme and Dennis Elser present a round-up of recent multimedia vulnerabilities.

Christoph Alme - Secure Computing, Germany & Dennis Elser - Secure Computing, Germany


Comparative review

VB comparative review: Windows 2000 Professional

Fewer than half the products submitted for this VB100 review on Windows 2000 made the grade - largely thanks to some pesky polymorphic file infectors and a rash of false positives. John Hawes has all the details.

John Hawes - Virus Bulletin


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Spam Bulletin

Spam Bulletin - December 2007

Anti-spam news; Spam and the digital divide (feature)



Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Malware Prevalence
Autorun |#######|
Encrypted/Obfuscated |#####|
Heuristic/generic |#####|
Sality |####|
Zbot |####|
 View this month's full report

Virus Bulletin currently has 224,240 registered users.