‘The people behind these scams are making significant amounts of money, and they are infecting users all over the world.’ David Jacoby, Kaspersky Lab
Calling all speakers: submissions now being accepted for VB2013 Berlin.
Dutch government attempts to encourage responsible disclosure of vulnerabilities.
The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.
Thousands of unsuspecting chat users clicked on a malicious link a few months ago. A spam message contained a link that led to a worm being downloaded, which, in turn, downloaded a component that sent more copies of the spam message. Variously dubbed ‘Phopifas’, ‘Dorkbot’ and ‘Rodpicom’, Raul Alvarez looks into the detail of the malicious executable that sent the spam messages.
The 010 Editor is a powerful tool for analysing files. The editor can also alter files, and it supports a scripting language to automate certain tasks. Who would have guessed that one of those tasks would be to infect files? Peter Ferrie describes how {W32/1SC}/Toobin demonstrates a case of 'when tools attack'.
With recent studies reporting a dramatic increase in the usage of mobile devices, a decrease in sales of PCs and notebooks, and ‘BYOD’ being the hot trend of the moment, it is no longer possible to ignore non-x86 architectures. Aleksander Czarnowski provides a basic starting point for understanding how to write shellcode on ARM based CPUs.
Sebastian Eschweiler describes a static unpacker for the 'XPACK' packer - outlining each step of the unpacking process and looking at how weaknesses in vital steps can efficiently be exploited to produce a generic unpacker.
Recently, there has been a change in the toolkit/exploit kit landscape, with bad guys dedicating more time and resources to securing their creations and the servers on which their software will be installed. Loucif Kharouni explains why we need to adapt and adjust our ways of working to keep up with these changes.
No fewer than ten of the 21 complete solutions tested this month achieved a VBSpam+ award by blocking at least 99.5% of the spam from the test stream, while not blocking any of the 9,000+ legitimate emails. This month's test also saw the first product to correctly identify every one of the 74,240 emails in the test corpus. Martijn Grooten has the details.
Must-attend events in the anti-malware industry - dates, locations and further details.