Virus Bulletin - November 2008

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editors: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2008-11-01

Abstract

Co-operation is the only way (comment); XXX racted (malware analysis); Your filters are bypassed: Rustock.C in the kernel (malware analysis); Family matters (opinion) The Ottawa rules (conference report); DriveSentry Desktop 3.1/3.2 & GoAnywhere 1.0.2/2.0 (product review)


Comment

Co-operation is the only way

'An essential force in the fight against online crime is that of law enforcement.' Martijn Grooten, Virus Bulletin.

Martijn Grooten - Virus Bulletin, UK


News

Job cuts in the offing at Symantec

Cutbacks in effort to keep spending under control.

Helen Martin - Virus Bulletin, UK


Plug pulled on dodgy registrar?

ICANN plans to terminate accreditation of registrar favoured by cyber crooks.

Helen Martin - Virus Bulletin, UK


Malware prevalence report

September 2008

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Malware analyses

XXX racted

Peter Ferrie reaches the last in the collection of viruses created by the writer ‘fakemnded’ in the EOF-rRlf-DoomRiderz virus zine.

Peter Ferrie - Microsoft, USA


Your filters are bypassed: Rustock.C in the kernel

Chandra Prakash describes the step-by-step operational characteristics of Rustock.C in kernel mode from its startup to the point at which its spambot code (botdll) is activated in user mode.

Chandra Prakash - Sunbelt Software, USA


Opinion

Family matters

'As the internet is increasingly used for good and evil purposes, how do you know who to trust?' asks Henk van Roest.

Henk van Roest - Microsoft, UK


Conference report

The Ottawa rules

October 2008 saw the annual three-day work-rest-and-play marathon (without so much of the rest) that is the VB conference. A slowly recovering Helen Martin reports on VB2008.

Helen Martin - Virus Bulletin, UK


Product review

DriveSentry Desktop 3.1/3.2 & GoAnywhere 1.0.2/2.0

John Hawes looks at two products from DriveSentry - part of a growing new breed of security products, which focus less on the traditional arts of the anti-malware world, and aim instead to protect systems by preventing unauthorized software from performing any potentially dangerous activity.

John Hawes - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Spam Bulletin

Spam Supplement - November 2008

Anti-spam news; The problem of backscatter - part 3 (feature)




Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments

Jobs Recruit Sidebar

Virus Bulletin

In this month's magazine:
  • Social networking meets social engineering
  • Flying solo
  • Geneva convention
  • 7th German Anti Spam Summit 2009
  • Anti-phishing landing page: turning a 404 into a teachable moment
  • An update on spamming botnets: are we losing the war?
  • Windows Server 2008 Standard Edition SP2 x86
Virus Bulletin 10 2009
Subscribe now!
Virus Bulletin currently has 190,417 registered users.