Bulletin

IM_a nuisance – W32.Imav.A

Two years after its emergence the Beagle family is still one of the most pervasive families of Internet worms. John Canavan takes a close look at one variant that has made the surprising switch from email to ICQ as its major infection vector.

Proxies for the underworld: I-Worm.Locksky.AS

The Locksky email worm first appeared in October 2005. Its aim is to install proxies on victims' machines, which can then be sold. Ferenc Laszlo Nagy has the details.

Solving the metamorphic puzzle

Metamorphic viruses have posed a challenge for the anti-virus industry for quite some time. This article focuses on a number of metamorphic techniques and highlights different methods for detecting them.

Improving proactive detection of packed malware

Dynamic translation is a technique that can be used instead of emulation for decrypting complex malware. Adrian Stepan describes how the technique can also be used to perform generic unpacking.

Changes to the VB test sets

VB's product reviewer Matt Ham describes some changes to the test sets used for VB's comparative reviews.

How can a web filter add proactive security?

Steen Pedersen explains how the perimeter defence layer can be enhanced with the use of a web filter.

Not worthy

Peter Ferrie has the details of MSIL/Idonus.

Signature updates vs BCP

Aleksander Czarnowski (AVET Information and Network Security)

Would you ever expect a well established anti-virus company to fail to provide you with signature updates? Would your company's security policy be ready to deal with such a situation?

Inside the Windows Meta File format

The Windows Meta File (WMF) format has received a lot of attention over recent weeks. Peter Ferrie looks at why.

What threats may come

'A serious threat in 2006 will be multi-stage, targeted phishing attacks.' Tomer Honen, Aladdin Knowledge Systems.