Virus Bulletin 2010 Sept. 29, 2010 to Oct. 1, 2010, Vancouver, Canada

Event Page

Tell us about missing data
Title Speakers Summary Topic Types
Russian cybercriminals on the move: profiting from mobile malware Denis Maslennikov " Everybody wonders just how much money cybercriminals who target mobile devices actually make. If ... Security
Social engineering trumps a zero-day every time Bruce Hughes " Hackers know the weakest part of any business is almost always the human sitting ... Security
'Want my autograph?': The use and abuse of digital signatures by malware Mike Wood " Encryption has always been a part of malware, from basic ROT13 string encoding to ... Security
AV testing exposed Peter Ko\xc5\xa1in\xc3\xa1r " As the number of security suites increases, so does the need for accurate tests ...
Targeted malware attacks: then and now Presented Gillo Targeted attacks often arrive silently and aim to exfiltrate specific information from companies and/or their ... Security
Observations and lessons learned from comparing point-in-time cleaning against real-time protection Scott Wu While our main point-in-time removal tool has grown its base to over 500 million machines ... Security
An analysis of real-world effectiveness of reputation-based security Carey Nachenberg In September 2009, Symantec released its first reputation-based security offering as a part of its ...
The Mariposa effect Pedro Bustamante " In March 2010, it was announced that one of the largest botnets ever, called ...
The Webwail botnet: a reputation-based filter killer Xu (kyle) Yang " After several months worth of efforts, the Pushdo/Cutwail botnet gang finally released a new ... Security
P2P as a corporate persona non grata John Alexander " It doesn't start with headlines, but that's when it suddenly got interesting. One morning ... Security
Size matters - measuring a botnet operator's pinkie Gunter Ollmann Every year anti-virus vendors release reports detailing malware distribution rates, Internet infection rates and the ... Security
Attacks from the inside... Righard J. Zwienenberg " Companies have invested heavily in building up their perimeter defences against incoming security threats. ...
Standards and policies on packer use Samir Mody Packers, whether third-party or bespoke, are still widely used by malware authors in an attempt ...
SMS spam detection by operating on byte-level distributions using Hidden Markov Models M. zubair Rafique The volume of spam SMS received by mobile users has increased dramatically in recent years. ...
Still curious about anti-spam testing? Here's a second opinion David Koconis " Every day for the last several years, ICSA Labs has been collecting, analysing and ... Security
Last-minute paper: Dialers are back, and this time they're on smartphones! Mikko Hypp\xf6nen " Computers do not have a built-in billing system. Phones do: it's called the phone ... Security
Last-minute paper: Alureon: the first 64-bit rootkit Joe Johnson The AlureonTDSS family of malware has been around for years. Throughout that time, its authors ... Security
Case study - successes and failures apprehending malware authors Raymond a. Pompon " Most malware authors operate with impunity, very few are prosecuted. Based on the author's ... Security
Last-minute paper: Caution: level Pegel. The ideal computer infecting scheme. Alexey Kadiev " Nowadays, when almost every user has an anti-virus solution and knows at least something ...
Call of the WildList: last orders for WildCore-based testing? David Harley " The well-documented problems with WildList testing derive from difficulties in adjusting to the 21st ...
Last-minute paper: The ROP pack Kurt Baumgartner " In addition to automated social engineering techniques, exploit packs continue to be the rage ... Security
Last-minute paper: Life on stolen land Jiri Sejtko " Gumblar was one of the biggest website infections ever uncovered. In a very short ...
Last-minute paper: Intrusions and inside jobs: lessons from the banking industry Michael Kalinichenko " ATMs across Europe and the US are increasingly compromised by targeted malware that takes ... Security
Automated targeted attacks: the new age of cybercrime Stephan Tanase " There's no doubt that cybercriminals are using targeted attacks to get deep inside corporate ... Security
The Skype is no longer the limit - new ways malware keeps in touch with your friends David Wood Over time, users have regularly been provided with new methods of communicating online with their ... Security
Last-minute paper: An indepth look into Stuxnet Liam O'Murchu " Stuxnet is the first publicly known worm to target industrial control systems, often generically ... Security
Zero-day malware Igor Muttik " The term 'zero-day' came from vulnerability research, but it is now widely used for ... Security
On scanning the Internet or the curse of in-the-cloud URL scanning Alexandru catalin Cosoi " It is an undisputed fact that the number of malicious URLs has skyrocketed dramatically ... Security
Finding rules for heuristic detection of malicious PDFs: with analysis of embedded exploit code Paul Baccas The use of PDFs as a vector for the installation of malicious content has been ... Security
Categorizing the entire web with autonomous system numbers Saeed Abu-nimeh Recent research has utilized Autonomous System Numbers (ASN) to block spam and malware. However, due ...
Last-minute paper: Unravelling Stuxnet Holly Stewart Detailed analysis of Stuxnet has uncovered that Stuxnet is one of the most complex, thought-out, ...
Kisswow: the OnlineGames gang Josh Murray " In February 2007, a Chinese hacking group made headlines by compromising the Dolphin Stadium ... Security
Waste management: the current state of sample sharing Dmitry Gryaznov At the Virus Bulletin 2007 Conference in Vienna, Joe Telafici and Dmitry Gryaznov presented What ... Security
community DoSing itself". Three years later we have at least three times more malware appearing every day. How good are we None None None
at coping with the increased flood? None None None
This presentation will provide a detailed view of the current numbers of malware samples circulating in malware None None None
collections that vendors and other players in the computer security field share with each other. The huge percentage of None None None
duplications in the collections will be discussed. The relevance of the collections to comparative testing and to real None None None
life "in the wild" encounters will be detailed. There will be examples of samples that make the most rounds in the sample None None None
sharing - both malicious and clean. A discussion of whether we, as an industry, should consider large-scale clean samples None None None
or metadata sharing will be offered. None None None
\t" None None None
Gaming the gamers: tricks of the trade in the world of PWS warcraft Chun Feng " With the increasing prevalence of online games password stealers (hereinafter referred to as 'PWS'), ... Security
How much do you cost? The black market price of your digital data Dmitry Bestuzhev Have you ever asked yourself how much am I worth?" Maybe you have, maybe you ... Security
think about it - your computer-related data (credit card numbers, desirable ICQ UINs, premium RapidShare accounts, None None None
social network and email accounts, etc.) is a very attractive target for cybercriminals. Stolen credit cards are priced None None None
according to the country of issue, and the same goes for premium accounts for any popular web services, including online None None None
games servers. None None None
This presentation shows how cybercriminals get their hands on confidential data, how they make money laundering, how None None None
this can be prevented, and what steps anti-virus vendors are taking to combat this threat. The presentation will also highlight None None None
the huge increase in trojan data theft during last five years, the most attacked credit card systems and social networks, and the None None None
most active countries in terms of production and delivery of data theft malware. Finally, based on our html frame, anyone None None None
will be able to make an average calculation of hisher own profile for the criminals. \t" None None None
Challenging conventional wisdom on byte signatures Thomas Dullien " We have heard 'byte signatures suck' from all directions. But do they really? The ...
Cyberterrorism: oh really? Morton Swimmer " Ever since the Al Qaeda attacks on the New York World Trade Center buildings ... Security
High speed JavaScript malware sandbox Rajesh Mony Malware delivery through malicious JavaScript continues to be very evasive and detection rates continue to ... Security
The age of Russian trojan-ransoms Timur Biyachuev " Trojan-ransoms are not new; it's now more than 20 years since the first variant ...
Victims of friendly fire Corrado Ronchi In the ongoing war against malware, in order to substantially lower the hacking ROI, one ...
Industry testing and telemetry sharing Tony Lee We will focus on the following related subjects:Industry sharing of threat meta-data and telemetry Industry ...
False Positive Finder John Graham-cumming " Every spam filter is forced to weigh the relative cost of a false positive ... Security
The difference between false positives and FALSE POSITIVES Mark Kennedy Many tests of security software (including all worthwhile ones) test for false positives. As security ... Security
Large-scale malware experiments, why, how, and so what? Joan Calvet " One of the most popular research areas in the anti-malware industry (second only to ...
Sneaky Mac OS X threats Methusela cebrian Ferrer " The emergence of crimeware[1] in Macintosh displayed immense awareness in security. Apple stepped in ... Security
Anatomy of Virtusis: a plague of malware destruction Rex Plantado " Since its inception, Virut (aka Virtu) has caused much trouble to network administrators and ... Security
AntiRE en masse Kurt Baumgartner " From Autorun to Zbot, behavioural technologies ignore the most effective evasion strategies implemented in ... Security
P0isoning the social web Dan Hubbard " Attackers have been utilizing weaknesses within search engine algorithms for some time now. Today ... Security
Windows 7 impact upon rogue security software Josh Norris Windows 7 implements several new features that have the potential to impact rogue security software ...
Why your AV solution is ineffective against today's email-borne threats Greg Leah " The onslaught of mass email attacks has become a daily occurrence in the industry ... Security
Blackhat SEO: abusing Google Trends to serve malware Donald Debolt " More than 90% of today's malware is spread via the Internet. Spam continues to ...
The psychology of spamming Terry Zink " Aside: This paper fuses statistics, psychology, economics, editorial and entertainment. Everything will be presented ... Security
Play by the rules? Should AV be enforcing the rules to prevent uncontrolled obfuscation by malware? Rachit Mathur This paper will present the most up-to-date techniques used by malware to hide in the ...
Experiences in malware binary deobfuscation Hassen Saidi " Malware authors employ a myriad of evasion techniques to impede automated reverse engineering and ...
Threats to the Social Web Nick Bilogorskiy Nick Bilogorskiy will present an brief overview of the Facebook security organization, followed by a ... Security
Bypassing defences - when old tricks work in Windows 7 Zarestel Ferrer " The Windows operating system offers security features designed to improve a user's experience and ... Security