Virus Bulletin - September 2011

Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editors: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2011-09-01

Abstract

Should there be an AV industry code of ethics? (comment); 'Holey' virus, Batman! (malware analysis); Qakbot: a disaster waiting to happen (feature); Hearing a PIN drop (feature); Stux in a rut: why Stuxnet is boring (opinion);

Comment

Should there be an AV industry code of ethics?

‘“Doing good for all is good for business” – helping others protect their users makes all of us stronger.’ Alex Eckelberry, GFI Software

Alex Eckelberry - GFI Software, USA


News

Facebook bounty hunters paid

Facebook introduces bug bounty, pays out $40,000 in first month.

Helen Martin - Virus Bulletin, UK


Drop in cyber attacks

Cybersecurity top concern for businesses despite small drop in cyber attacks.

Helen Martin - Virus Bulletin, UK


Malware prevalence report

July 2011

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.



Malware analysis

‘Holey’ virus, Batman!

Last year the W32/Deelae family showed that a table that has been overlooked for more than a decade can be redirected to run code in an unexpected manner. Now, a table that was used in Windows on the Itanium platform also exists on the x64 platform, and can be misused too. Peter Ferrie explains how.

Peter Ferrie - Microsoft, USA


Features

Qakbot: a disaster waiting to happen

Qakbot’s ability to propagate via network shares is enough to cripple an entire network. Add to that the ability to compromise websites and you have a recipe for a highly successful malware attack. Jessa Dela Torre discusses the different ways in which Qakbot variants arrive on and infect systems, how these affect users, and how the security industry can help mitigate Qakbot system infections.

Jessa Dela Torre - Trend Micro, Philippines


Hearing a PIN drop

While there is plenty of research on password use and re-use, there is virtually no equivalent research concerning purely numerical passcodes such as PINs. David Harley takes a look at some of the most common four-digit combinations used and the security issues raised.

David Harley - Small Blue-Green World/Mac Virus, UK


Opinion

Stux in a rut: why Stuxnet is boring

John Aycock takes the controversial view that Stuxnet is really not that interesting at all. He outlines what makes a piece of malware a game‑changer and explains why last year’s headline hitter is not worth writing home about.

John Aycock - University of Calgary, Canada


Comparative review

VBSpam comparative review September 2011

This month's VBSpam test sees 23 products on the test bench, an expansion to the ham corpus and a new test looking at products' ability to filter newsletters correctly.

Martijn Grooten - Virus Bulletin, UK


Calendar

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.



Quick Links

Poll
Does your company allow you to use a personal laptop/mobile device to access company resources?
Yes, it's allowed
Yes, it's actively encouraged
No
I don't know
Leave a comment
View 2 comments

Jobs Career Sidebar

VB2012
VB2012 VB2012 will take place 26 - 28 September 2012 at the Fairmont Dallas hotel, Dallas, TX, USA.

Virus Bulletin currently has 225,307 registered users.