June issue of VB published

Posted by   Virus Bulletin on   Jun 1, 2012

The June issue of Virus Bulletin is now available for subscribers to download.

The June 2012 issue of Virus Bulletin is now available for subscribers to browse online or download in PDF or PRC (Kindle) format.

Some of the things this month's issue has in store are:

• Botnets in the browser: '... attackers can trivially create a botnet that will run on any modern OS, on any personal Internet device, in any location in the world.' Robert McArdle, Trend Micro.

• So, enter stage right: Some virus writers try to find obscure side effects of instructions in an attempt to confuse virus analysts. Sometimes they succeed, and sometimes we already know about the side effects. The latter is the case with the technique used in the W32/Flizzy virus. Peter Ferrie has the details.

• Andromeda botnet: The Andromeda botnet recruits its bots thanks to four key elements - compromised websites, an exploit kit, a downloader and a mailing engine - linked by four sequential phases. Neo Tan takes a closer look.

• Automatically detecting spam at the cloud level using text fingerprints: With content-based anti-spam technologies decreasing in efficiency, Marius Tibeica and Adrian Toma propose a fingerprinting algorithm that maps similar text inputs to similar signatures.

• Malware design strategies for circumventing detection and prevention controls - part two: Aditya Sood and Richard Enbody discuss some of the different techniques that are used by present-day malware to circumvent protection mechanisms.

• Understanding the domains involved in malicious activity on Facebook: Recent years have been marked by an explosive growth of social networks, with Facebook becoming one of the most attractive channels for cybercriminal activity. Alin Damian analyses some of the malicious domains extracted from Facebook applications and posts.

• EICAR 2012: Eddy Willems presents a roundup of this year's EICAR conference in Portugal.

Note: The June 2012 VB100 comparative review on Windows Server 2008 R2 will be published as standalone article later in the month. As with all new VBSpam and VB100 reviews, the report will be available for non-subscribers to purchase as a standalone item (Virus Bulletin subscribers will be notified by email when the comparative is available to download). Non-subscribers can purchase VB100 reports here and VBSpam reports here.

Subscribers click here to access the issue.

If you are not already a subscriber why not take the chance to subscribe now.

Posted on 28 May 2012 by Virus Bulletin

Latest posts: