Virus Bulletin - November 2008

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editors: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2008-11-01

Abstract

Co-operation is the only way (comment); XXX racted (malware analysis); Your filters are bypassed: Rustock.C in the kernel (malware analysis); Family matters (opinion) The Ottawa rules (conference report); DriveSentry Desktop 3.1/3.2 & GoAnywhere 1.0.2/2.0 (product review)


Comment

Co-operation is the only way

'An essential force in the fight against online crime is that of law enforcement.' Martijn Grooten, Virus Bulletin.

Martijn Grooten - Virus Bulletin, UK


News

Job cuts in the offing at Symantec

Cutbacks in effort to keep spending under control.

Helen Martin - Virus Bulletin, UK


Plug pulled on dodgy registrar?

ICANN plans to terminate accreditation of registrar favoured by cyber crooks.

Helen Martin - Virus Bulletin, UK


Malware prevalence report

September 2008

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Malware analyses

XXX racted

Peter Ferrie reaches the last in the collection of viruses created by the writer ‘fakemnded’ in the EOF-rRlf-DoomRiderz virus zine.

Peter Ferrie - Microsoft, USA


Your filters are bypassed: Rustock.C in the kernel

Chandra Prakash describes the step-by-step operational characteristics of Rustock.C in kernel mode from its startup to the point at which its spambot code (botdll) is activated in user mode.

Chandra Prakash - Sunbelt Software, USA


Opinion

Family matters

'As the internet is increasingly used for good and evil purposes, how do you know who to trust?' asks Henk van Roest.

Henk van Roest - Microsoft, UK


Conference report

The Ottawa rules

October 2008 saw the annual three-day work-rest-and-play marathon (without so much of the rest) that is the VB conference. A slowly recovering Helen Martin reports on VB2008.

Helen Martin - Virus Bulletin, UK


Product review

DriveSentry Desktop 3.1/3.2 & GoAnywhere 1.0.2/2.0

John Hawes looks at two products from DriveSentry - part of a growing new breed of security products, which focus less on the traditional arts of the anti-malware world, and aim instead to protect systems by preventing unauthorized software from performing any potentially dangerous activity.

John Hawes - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Spam Bulletin

Spam Supplement - November 2008

Anti-spam news; The problem of backscatter - part 3 (feature)




Poll

How should software and OS patching/security updates be managed?
Manually, at the user's discretion
Automatically via an optional, user-defined schedule
Automatically via a fixed, but optional schedule
Automatically via a fixed schedule, on by default with opt-out system
Automatically and silently, with no option to run unpatched

Leave a comment
View 19 comments

Jobs Recruit Sidebar

VB2009

VB2009 VB2009 will take place 23-25 September 2009 at the Crowne Plaza Geneva, Switzerland.
Virus Bulletin currently has 165,657 registered users.