Virus Bulletin

Virus Bulletin 2011: Fake but free…

ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish

TDSS: The Next Generation

Win32/Olmarik (also known as TDSS, TDL, Alureon and sundry less complimentary names) has gone through some interesting evolutions in the last couple of years. TDL4 is no exception, with its ability to load its kernel-mode driver on systems with an enforced kernel-mode code signing policy (64-bit versions of Microsoft Windows Vista and 7) and perform

Another VB Cybercrime Seminar

One that will be of most interest to our readers in the UK, I guess. Our friends at Virus Bulletin are holding another "Securing Your Organization in the Age of Cybercrime" seminar, this time on the Open University Campus at Milton Keynes on the 24th May. The full agenda is already available on that page, and

Thanks for your support scam

…In fact, while the season for the traditional end of year crystal ball-gazing is pretty much over, I’ll venture a few extra predictions based on recent observations of the support scam business…

Stuxnet Analysis 1.31 and TDSS article

…version 1.31 of “Stuxnet Under the Microscope” is now available on the white papers page … Until now Rooting about in TDSS was only available to VB subscribers, but it too is now available on the ESET white papers page.

First, Catch Your Botnet

The paper presents an alternative approach to botnet research, employing “in the lab” experiments involving at-scale emulated botnets.

Crouching Worm, Hidden Virus Writer, Rising Damp

…poachers turned gamekeeper are not uncommon in the security industry as a whole, and it’s all too common for aspirant virus-writers whose notoriety is not necessarily matched by their technical skill to be hired by companies on the remote borders of malware detection and filtering, but the “real” AV industry goes out of its way to avoid hiring the ethically challenged….

Simulation Testing and the EICAR test file

“Test Files and Product Evaluation: the Case for and against Malware Simulation” is a paper presented at the recent AVAR conference by Eddy Willems, Lysa Myers and myself: we were all at the EICAR conference and figured that it was a good moment to combine our experience of testing, EICAR, AMTSO and the anti-malware industry to cover the developments that had taken place since Sarah’s paper.

Stuxnet Code: Chicken Licken or Chicken Run?

…given the amount of detailed analysis that’s already available (and I mean substantial blocks of reverse-engineered code, not high-level analysis and code snippets and descriptions), I’m not sure that anyone with malicious intent and a smidgen of technical skill would need the original code…

Virus Bulletin Seminar

Our friends at Virus Bulletin are hosting a seminar later this month … organized by the security-knowledgeable but vendor-agnostic magazine whose annual conference is one of the major highlights of an anti-malware researcher’s year.

Stuxnet the Inscrutable

This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.

A Little Light Reading

1) Another Virus Bulletin conference paper has just gone up on the ESET white papers page, by kind permission of the magazine. Large-Scale Malware Experiments: Why, How, And So What? by Joan Calvet, Jose M. Fernandez, our own Pierre-Marc Bureau, and Jean-Yves Marion, discusses how they replicated a botnet for experimental purposes, and what use they

Virus Bulletin 2010 papers

By kind permission of Virus Bulletin, we’ve already put two of the papers written or co-authored by ESET researchers up on the White Papers page.

Cyberwar, Cyberhysteria

I guess I wasn’t forceful, or controversial, or sensationalist, or ungeek enough to rate any column inches. So I’m going to give you a sneak preview … in the light of all the speculation today on whether Stuxnet is an attack by Israel on Iran.

New Papers (2): two views of Mac security

While I was at the EICAR conference earlier this week, I also co-presented (along with Pierre-Marc Bureau and Andrew Lee) a paper on “Security, Perception and Worms in the Apple”… so along with the new paper, I’ve made available again the paper on Macs and malware that I presented at Virus Bulletin in 1997.

New Documents

Just a quick note to draw your attention to a couple of new documents that have just become available. "AMTSOlutely fabulous" (sorry – it seemed like a good idea when I wrote it…) is a review of what the Anti-Malware Testing Standards Organization has achieved so far and what it might achieve in the future. It's

Follow us

Copyright © 2015 ESET, All Rights Reserved.