Bulletin

‘Yet another Rustock analysis ...’

Lukasz Kwiatek and Stanislaw Litawa take a detailed look at Rustock.C.

Fast flux trojan author to plead guilty

Nugache author enters plea bargain.

New best practices for ISPs

MAAWG produces two new sets of ISP best practices.

Reversing Python modules

The object-oriented programming language Python can be used for many kinds of software development – potentially including malware development. Aleksander Czarnowski believes in being prepared and here he provides a brief overview of how to reverse…

Spear phishing – on the rise?

Paul Baccas (Sophos)

Paul Baccas looks at the recent rise in targeted phishing campaigns alongside a decline in the profitability of more traditional phishing methods.

The road less truvelled: W32/Truvel

By the addition of a relocation table, Vista executables can be configured to use a dynamic image base. That essentially turns them into executable DLLs. Now a virus has come along that has made a ‘breakthrough’ by infecting these executables - or it…

Sunbelt Software VIPRE Antivirus + Antispyware

John Hawes gets his hands on a beta copy of Sunbelt's VIPRE - a genuinely new anti-malware product emerging from the anti-spyware boom.

Advertising database poisoning

Adware programs have variously been dressed up as providing anti-phishing protection, intrusion detection capabilities as well as the ‘benefit’ of targeted advertising, but their presence is still a considerable nuisance to many. Here, Lysa Myers…

A commitment to quality and reliability

'The purpose of the VB100 is to provide a regular measure of the competence, reliability and credibility of software vendors in the security field.' John Hawes, Virus Bulletin.

New memory persistence threats

Eric Filiol describes a set of computer memory weaknesses that could enable the theft of sensitive data via malware attacks.