Fighting malware and spam
2009-07-01
Abstract
Same malware, different code (comment); Can you spare a seg? (malware analysis); Kernel mechanics of Rustock (malware analysis); Early warning approaches to combat typosquatting (feature); The challenges of collecting and monitoring URLs that point to malware (feature); Norman Network Protection Appliance (product review); Anti-spam comparative review July 2009 (comparative review)
Comment
Same malware, different code
'The intent is the same, the information displayed to the user is the same, and the extorted money probably ends up in the same pocket.' Pierre-Marc Bureau, Eset.
News
Spam away
VB says goodbye to the Spam Supplement.
Jobs for the naughty boys
UK's cyber security minister recruits team of former hackers.
Spammer to serve time
Prolific spammer gets his just desserts.
Malware prevalence report
May 2009
The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.
Malware analyses
Can you spare a seg?
Peter Ferrie resumes his series of analyses of viruses contained in the EOF-rRlf-DoomRiderz virus zine.
Kernel mechanics of Rustock
Chandra Prakash provides details of the kernel-mode operations of a recent (March 2009) version of Rustock, concentrating on the changes from its previous version.
Features
Early warning approaches to combat typosquatting
Typosquatting takes advantage of the typographical mistakes often made by users when entering a website address into a web browser. Amit Verma discusses a two-step approach to combatting the problem, prioritizing the registration of domain typos and detecting typos entered into Internet browsers and email clients.
The challenges of collecting and monitoring URLs that point to malware
Since 2005, the Malware Patrol Project has been cataloguing URLs used in phishing scams and distributing block lists for the most popular proxies and anti-spam systems. André D. Corrêa describes the challenges of collecting and monitoring malicious URLs.
Product review
Norman Network Protection Appliance
The security appliance market seems to have become a boom area of late, with just about every security firm worth its salt introducing an appliance solution to provide its services in a single package. This month VB's test team look at a dedicated anti-malware appliance: Norman’s Network Protection Appliance.
Comparative review
Anti-spam comparative review July 2009
In VB’s second round of anti-spam comparative testing and certification the all-important question was whether the high achievers from the first test could maintain the same high standards this month. Martijn Grooten has the results of a test in which more products were tested against a larger spam corpus and with stricter benchmarks.
Calendar
Anti-malware industry events
Must-attend events in the anti-malware industry - dates, locations and further details.
Poll
How should software and OS patching/security updates be managed?Leave a comment
View 19 comments
Virus Bulletin
In this month's magazine:- Same malware, different code
- Can you spare a seg?
- Kernel mechanics of Rustock
- Early warning approaches to combat typosquatting
- The challenges of collecting and monitoring URLs that point to malware
- Norman Network Protection Appliance
- Anti-spam comparative review July 2009
Subscribe now!
Virus Bulletin currently has 165,654 registered users.