Tumblr attacks – what to watch out for

‘Tumblr is definitely a hot property for scammers, and users should be very careful.' Christopher Boyd, GFI Software.

Anti-phishing feature for Gmail

Gmail users get helping hand in avoiding phishing scams.

Spam levels take a nose dive

Spamming losing its attraction for criminal operators?

May 2011

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.

Toll fraud: SipPhreak

PHP/SipPhreak.A acts like an ancient SMTP open relay scanner, but with a twist: it targets open or vulnerable SIP devices instead of mail servers. Alexis Dorais-Joncas gives a detailed analysis of this threat - which is probably the initial step in a broader toll fraud scheme.

SpyEye malware infection framework

The SpyEye bot has a sophisticated, modular design and has improved its capabilities over time. In this article, Aditya Sood and colleagues examine SpyEye’s modules and map out how they are initialized and how they interact with each other, providing an insight into the design and methods of the bot, and into an effective instance of modern malware.

Reversing Python objects

As Python has gained popularity with malware writers, new bytecode obfuscation techniques have started to appear. Aleksander Czarnowski describes some of those techniques.

Not so random

Pseudorandom generators are increasingly becoming an integral component of modern malware. Raul Alvarez shows how Conficker uses a pseudorandom generator to produce random domain names while retaining its ability to communicate with the Command and Control (C&C) server.

VBSpam comparative review July 2011

The 14th VBSpam test showed both a number of excellent performances as well as some that leave room for improvement. Martijn Grooten has all the details.

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.