Virus Bulletin - May 2010

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editors: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2010-05-01

Abstract

The best of... (comment); Anti-unpacker tricks - part eight (technical feature); TDSS infections - quarterly report (feature); Adapting to TxF (feature); Exploit kit explosion - part two: vectors of attack (tutorial); VBSpam comparative review (comparative review)

Comment

The best of...

‘[The security industry] has made great strides in attempting to get information across to the general populace in a palatable format..’ Helen Martin, Virus Bulletin

Helen Martin - Virus Bulletin, UK


News

Acquisitions, sales and rumours

Symantec makes purchases, Sophos sells majority interest and rumours rumble about McAfee.

Helen Martin - Virus Bulletin, UK


Cyber Security Challenge challenged by vulnerability

XSS vulnerability in site of project aimed at plugging cyber security skills gap.

Helen Martin - Virus Bulletin, UK


Malware prevalence report

March 2010

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Technical feature

Anti-unpacker tricks – part eight

Last year, a series of articles described some tricks that might become common in the future, along with some countermeasures. Now, the series continues with a look at tricks that are specific to debuggers and emulators.

Peter Ferrie - Microsoft, USA


Features

TDSS infections – quarterly report

The TDSS/TDL rootkit is the cause of many a headache for anti-virus vendors. Here, Alisa Shevchenko presents a report and analysis of statistics collected from the users of a TDSS removal tool during the first quarter of 2010.

Alisa Shevchenko - eSage Lab, Russia


Adapting to TxF

Abhijit Kulkarni and Prakash Jagdale discuss why most real-time anti-virus scanners are ineffective at detecting malware written using the TxF facility and propose a working solution for the problem.

Abhijit P. Kulkarni - Quick Heal Technologies, India & Prakash D. Jagdale - Quick Heal Technologies, India


Tutorial

Exploit kit explosion – part two: vectors of attack

After introducing a multitude of exploit frameworks used in drive-by browser-based attacks in his last article, this month Mark Davis details the functionality of frameworks, focusing on attack vectors (exploits) and counter-intelligence efforts.

Mark Davis -


Comparative review

VBSpam comparative review

On the first anniversary of the VBSpam comparative review VB's team tested a record 20 full anti-spam solutions, together with one reputation blacklist. The number of VBSpam awards earned also reached a record high of 18. Martijn Grooten has the details.

Martijn Grooten - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

VB2012
VB2012 VB2012 will take place 26 - 28 September 2012 at the Fairmont Dallas hotel, Dallas, TX, USA.

Virus Bulletin currently has 224,238 registered users.