Virus Bulletin - October 2006


Editor: Helen Martin

Technical Consultant: John Hawes

Technical Editor: Morton Swimmer

Consulting Editor: Ian Whalley, Nick FitzGerald, Richard Ford, Edward Wilding

2006-10-01


Comment

DDoS: the rise from obscurity

'The cost of a DDoS attack can be substantial – they can last hours, weeks and even months, and are capable of bringing unprotected organizations to a grinding halt.' Danny McPherson, Arbor Networks.

Danny McPherson - Arbor Networks, UK

News

News round-up

September's goings on in the AV industry.


Malware prevalence report

August 2006

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.


Analysis

Chamber of horrors

W32/Chamb is the first virus to infect compiled HTML (CHM) files parasitically. Peter Ferrie has the details.

Peter Ferrie - Symantec Security Response, USA

Opinion

AV Testing SANS virus creation

David Harley writes to the director of research at the SANS Institute to express his concerns about Consumer Reports' AV testing methodology.

David Harley - Independent researcher, author and consultant, UK

Feature

Scanning embedded objects in Word XML files

Christoph Alme looks at the embedding of arbitrary objects into Word 2003 XML files and shows why finding them and passing them onto the virus scanner is not such a 'walk in the park' as one might expect.

Christoph Alme - Secure Computing Corporation, Germany

Comparative review

VB Comparative: Windows 2000 Server - October 2006

John Hawes serves up another VB comparative - this month, he puts 26 AV products through their paces on Windows 2000 Server and finds 18 of them worthy of a VB 100%.

John Hawes - Virus Bulletin

Spam Bulletin

Spam Bulletin - October 2006

Anti-spam news; AISK - a different approach (feature)


 

Latest articles:

The dark side of WebAssembly

The WebAssembly (Wasm) format rose to prominence recently when it was used for cryptocurrency mining in browsers. This opened a Pandora’s box of potential malicious uses of Wasm. In this paper Aishwarya Lonkar & Siddhesh Chandrayan walk through some…

Through the looking glass: webcam interception and protection in kernel mode

The computer’s webcam is one of the most relevant components when it comes to digital privacy. In this paper, Reason Software's Ronen Slavin dives into the video capturing internals of Windows and discusses the implementation of a driver that…

VB2017 paper: Browser attack points still abused by banking trojans

With the ever-increasing use of banking-related services on the web, browsers have naturally drawn the attention of malware authors. They are interested in adjusting the behaviour of the browsers for their purposes, namely intercepting the content of…

Does malware based on Spectre exist?

It is likely that, by now, everyone in computer science has at least heard of the Spectre attack. Since many excellent explanations of the attack already exist, this article focuses on the probability of finding Spectre being exploited on Android…

EternalBlue: a prominent threat actor of 2017–2018

At the centre of last year's infamous WannaCry ransomware attack was an NSA exploit leaked by the Shadow Brokers hacker group, known as ‘EternalBlue’. The worm-like functionality of the exploit made a deadly impact by propagating to interconnected…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.