| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
AntiVirus Software
|
|
Spam
|
|
Worms
|
|
An Analysis of Simile Virus writers have always tried to develop new methods to make malware detection more difficult. For instance, encryption was a natural step in virus evolution when scanners started to use databases with scan strings for detection. When scanners started to handle encryption patterns generically, first oligomorphism (a limited form of polymorphism - the polymorphic decryptor can have a strictly limited, relatively small number of shapes) and then polymorphism were introduced. Then, as emulation was used more and more by antivirus programs, it became clear that new methods must be developed to hide the viral code.
03/23/2004
|
|
A Virus by Any Other Name: Virus Naming Practices When the "VBS/VBSWG.J" virus appeared, the media decided to call it by a more appealing name, "AnnaKournikova", which was derived from the JPEG file that the virus claimed to be. However, none of the anti-virus products included in the excellent virus names cross reference tool VGrep currently lists this virus as "AnnaKournikova", "Kournikova", or any other variation based on the name of the charismatic tennis player. On the other hand, a considerable number of AV programs detect it as "SST", while a very small number don?t call it "VBSWG" or "SST".
03/23/2004
|
|
.NET/MSIL Malicious Code and AV/Heuristic Engines The .NET strategy/technology from Microsoft has caused quite a stir amongst the security community. While the Windows .NET strategy incorporates numerous aspects, this article will focus on what aspects to cover in order to develop an AV/heuristic engine for this new platform. Specifically it will address the additions introduced by .NET technologies to standard Windows PE (portable executable) file format and how that will affect the development of an effective heuristic engine. It will also briefly discuss the existing malicious codes for the .NET environment.
03/23/2004
|
|
Understanding Macro Viruses Functional capabilities of this virus type are limited to features of the language in which it is written. The language allows the macro to replicate, spread and adversely affect a computer. The more advanced the macro language, the more complex, and harmful the resulting macro virus. The most common macro language, Visual Basic for Applications (VBA) allows viruses to be written with a wide spectrum of capabilities. What's more, with each new version of the language, these capabilities may be enhanced still further.
03/23/2004
|
|
The Gentlemen's Review of Computer Viruses in the Media About a month ago the English anti-virus firm Sophos released a report on virus incidence around the world, as compiled from its client experience. KAK Worm was numero uno. It did not make the local TV news. It was not featured above the fold. Oh, chroniclers of Love Bug, why have you forsaken us?
03/23/2004
|
|
Malware Myths and Misinformation, Part One: Windows, Mac, Exchange, and IIS This is a bad news article. It addresses some common misconceptions deriving from complacency, wishful thinking, an inability to question, and a lack of research. The fallacies we address here tend to begin with the words "I'm safe from viruses because..." The good news is that there are plenty of misconceptions about the intellectual and programming superiority of malware authors and the inability of malware management software to offer some compensation. We will consider some of those issues in the third part of this three-part article.
03/23/2004
|
|
Infectable Objects, Part Five - HTML and Other Scripts One of the more interesting developments in the virus world has been the extension of viruses from compiled executable files into script files. Just as was the case with macros, which infected previously safe document files, there is now an expanding range of script file types that can contain malicious code.
03/23/2004
|
|
Infectable Objects Part Four - Viruses in Archive Files and Compressed Files No matter how quickly the speed of the Internet increases, we still find it convenient to compress files before we send them. Once a file is compressed, however, it becomes harder for a virus scanner to find any virus that may be lurking inside it. This challenge - peering inside the various compression and archival formats to discover the viruses hidden there - has not gotten easier over time. This article will discuss the implications of utilizing various forms of file compression on virus protection.
03/23/2004
|
|
Infectable Objects Part Three - Win Apps The summer of 1995 was a very interesting one in the anti-virus world. The number of new viruses arriving was at a rate that most, if not all, Anti-Virus software developers could handle quite easily. In fact, the upcoming launch of Windows 95 seemed likely to put a damper on Anti-Virus product sales, as tests with the pre-release versions indicated that the most prevalent viruses, those which attacked boot and partition sectors, had difficulty replicating under this new operating system. Was the end in sight for viruses? The answer, as we all now realize, was no as the Concept macro virus would soon dispel any notions that viruses were diminishing their impact.
03/23/2004
|
|
Infectable Objects Part Two - Windows Infectable This series covers the range of objects that can become infected by a computer virus. In the first article, we took a look at the early types of virus targets, DOS executables and system areas on floppy and hard disks. When Windows 3.x was launched in the early 90s, virus authors slowly developed new types of viruses to attack the new executable files used by Windows.
03/23/2004
|
|
Page: 12345678 9 10 |
