October issue of VB published

Posted by   Virus Bulletin on   Oct 1, 2013

The October issue of Virus Bulletin is now available for subscribers to download.

The October 2013 issue of Virus Bulletin is now available for subscribers to browse online or download in PDF or PRC (Kindle) format.

Some of the things this month's issue has in store are:

  • Have NSA leaks given us our cyber-Chernobyl?: It has often been said that the reason the general public does not take IT security seriously is that there has not been a sufficiently serious IT security disaster to make them take notice. But have leaks about the NSA given us the 'cyber-Chernobyl' that will make the public start taking information security seriously? Lysa Myers looks at changing public opinions on security.
  • Doin' the eagle rock... again!: Peter Ferrie revisits W32/Lerock and its so-called 'virtual code' - which, despite some updates and tweaks still lends itself to simple detection by anti virus software.
  • Same Zeus, different features: We have seen hundreds, if not thousands, of variations of Zeus in the wild. The main goal of the malware does not vary, yet different functionalities have been added over time. Raul Alvarez takes a detailed look at some of those functionalities and shows how Zeus does things slightly differently from other malware.
  • Inside an iframe injector: a look into NiFramer: Running an iframe injector on a compromised virtual hosting server can easily result in the infection of hundreds of web servers in just a few seconds. Aditya Sood and colleagues look at the design of a basic injector: NiFramer.
  • In search of a secure operating system: Over the last decade or so, security has steadily become more of an issue for OS vendors due to the changing threat environment. Mark Fioravanti and Richard Ford look to the past in search of a secure operating system.
  • Greetz from academe: counting Jedis: John Aycock considers Internet censuses and a tool that can scan almost the entire IPv4 address space in search of the answer to a given census question in less than 45 minutes.

Note: The October 2013 VB100 comparative review (on Windows Server 2008) will be published as standalone article later in the month. As with all new VB100 and VBSpam reviews, the report will be available for non-subscribers to purchase as a standalone item (Virus Bulletin subscribers will be notified by email when the comparative is available to download). Non-subscribers can purchase VB100 reports here and VBSpam reports here.

Subscribers click here to access the issue.

If you are not already a subscriber why not take the chance to subscribe now.

Posted on 10 October 2013 by Virus Bulletin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.