Virus Bulletin - May 2010

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editors: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2010-05-01

Abstract

The best of... (comment); Anti-unpacker tricks - part eight (technical feature); TDSS infections - quarterly report (feature); Adapting to TxF (feature); Exploit kit explosion - part two: vectors of attack (tutorial); VBSpam comparative review (comparative review)

Comment

The best of...

‘[The security industry] has made great strides in attempting to get information across to the general populace in a palatable format..’ Helen Martin, Virus Bulletin

Helen Martin - Virus Bulletin, UK


News

Acquisitions, sales and rumours

Symantec makes purchases, Sophos sells majority interest and rumours rumble about McAfee.

Helen Martin - Virus Bulletin, UK


Cyber Security Challenge challenged by vulnerability

XSS vulnerability in site of project aimed at plugging cyber security skills gap.

Helen Martin - Virus Bulletin, UK


Malware prevalence report

March 2010

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Technical feature

Anti-unpacker tricks – part eight

Last year, a series of articles described some tricks that might become common in the future, along with some countermeasures. Now, the series continues with a look at tricks that are specific to debuggers and emulators.

Peter Ferrie - Microsoft, USA


Features

TDSS infections – quarterly report

The TDSS/TDL rootkit is the cause of many a headache for anti-virus vendors. Here, Alisa Shevchenko presents a report and analysis of statistics collected from the users of a TDSS removal tool during the first quarter of 2010.

Alisa Shevchenko - eSage Lab, Russia


Adapting to TxF

Abhijit Kulkarni and Prakash Jagdale discuss why most real-time anti-virus scanners are ineffective at detecting malware written using the TxF facility and propose a working solution for the problem.

Abhijit P. Kulkarni - Quick Heal Technologies, India & Prakash D. Jagdale - Quick Heal Technologies, India


Tutorial

Exploit kit explosion – part two: vectors of attack

After introducing a multitude of exploit frameworks used in drive-by browser-based attacks in his last article, this month Mark Davis details the functionality of frameworks, focusing on attack vectors (exploits) and counter-intelligence efforts.

Mark Davis -


Comparative review

VBSpam comparative review

On the first anniversary of the VBSpam comparative review VB's team tested a record 20 full anti-spam solutions, together with one reputation blacklist. The number of VBSpam awards earned also reached a record high of 18. Martijn Grooten has the details.

Martijn Grooten - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Quick Links

Poll
Does your company allow you to use a personal laptop/mobile device to access company resources?
Yes, it's allowed
Yes, it's actively encouraged
No
I don't know
Leave a comment
View 2 comments

EC-council-boston

VB100 certification
VB100 As expected, the annual VB100 test on Windows XP was an epic. A higher than usual pass rate was tempered by numerous stability issues with the products under test, prompting the unveiling of a new stability rating system. John Hawes has all the details.
See full results.

Virus Bulletin currently has 225,307 registered users.