Virus Bulletin 2006 Oct. 11, 2006 to Oct. 13, 2006, Montreal, Canada

Event Page

Tell us about missing data
Title Speakers Summary Topic Types
Spy-phishing - a new breed of blended threats Jamz Yaneza "This paper will investigate an emerging threat, which Trend Micro calls 'spy-phishing', and explain not ... Security
Microsoft Antivirus - extortion, expedience or the extinction of the AV industry? Randy Abrams "In 1993 Microsoft released DOS6.0 which included Microsoft Anti-Virus, a re-branded and ill-conceived entry into ... Security
Phishing trojan creation toolkits: an analysis of the technical capabilities and the criminal organizations behind them Dmitri Alperovitch "Previous works have focused on analysis and reverse-engineering of malware payloads, such as worms, keyloggers, ... Security
Real-time multilanguage threat descriptions using an intelligent template system Oliver Auerbach During the last few years detailed threats descriptions have become more important than ever. In ... Security
Paper TBC Tbc
SymbOS malware classification problems Vesselin Bontchev "Since 'smart' mobile phones running the Symbian operating system have become popular, so has the ... Security
Behavioural modelling of social engineering based malicious software Matthew Braverman "Some of the most active threats in the wild today exploit weaknesses in the component ... Security
The challenge of detecting and removing installed threats Jason Bruce The days when the competitiveness of an AV product was determined by the ability to ... Security
Me code write good - the l33t skillz of the virus writer John Canavan "Viruses and worms pose some of the most formidable threats in the modern computer security ... Security
The Common Malware Enumeration Initiative Desiree Beck During high-profile malware outbreaks, incident responders often face significant confusion when trying to correlate aberrant ... Security
User education: teaching techniques and learning styles for damage limitation Peter Cooper The weakest component in a secure network is the person between the keyboard and the ... Security
Anti-rootkit safeguards and methods of their bypassing Aleksander Czarnowski With the XP and 2003 lines of the Windows operating system Microsoft introduced several safeguards ... Security
Can strong authentication sort out phishing and fraud? Paul Ducklin Authentication, especially two-factor authentication, is seen as an important step against on-line crime, especially for ... Security
Network-centric behavioural malware prevention: spyware and beyond? Richard Ford Based upon the growing threat of spyware and more general network-based threats to user privacy, ... Security
Containing spam - the local challenge Jay Goldin The war against spam cannot be won with a single battle or campaign. During the ... Security
Everything I needed to know about computer security I learned from my dog and a country-western song Sarah Gordon "So often, after a security conference is over, much of the material is forgotten by ... Security
The myth of user education Stefan G\xf6rling "Many discussions in the security community often tend to end in agreement that the only ... Security
Unattended spam filtering using machine learning: implementation, deployment and lessons John Graham-cumming "polymail is a commercial anti-spam library in wide use worldwide. The library supports both attended ... Security
Using expert systems for automated analysis systems: advantages and techniques Ryan Hicks Security vendor and research organizations often rely on external sources to submit samples and potential ... Security
Case: Virus X Mikko Hypp\xf6nen In this up-to-the-minute presentation, Mikko Hypponen will cover in detail the latest major virus case ... Security
Spam - recognition by methods independent from text content Ralf Iffert "Today's spam detection methods are based upon common content analysis methods like Bayesian filters and ... Security
Loathing Lupper in Linux Jakub Kaminski "The development of computer malware targeting Linux machines has been steady during the last few ... Security
Analysis and replication of Unix malware Patrick l. Knight With the prevalence of Windows-based viruses, trojans and rootkits keeping the AV industry fully occupied, ... Security
Dirty money on the wires: the business models of cyber criminals Guillaume Lovet "Scammers, phishers, bot herders, spammers, online extortioners, identity thieves... The names may seem obscure, but ... Security
Ichthyological anatomy, or a study of phish Michael Morgan "This paper describes the progression of techniques at financial fraud using social engineering and other ... Security
The inspector: automating the forensic investigation of infected computers John Morris Zero day outbreaks of bots and viruses, undetected by current AV signatures, are common occurrences ... Security
Data exfiltration techniques: how attackers steal your sensitive data Rob Murawski Data exfiltration, or the unauthorized transmission of data from a system, is a large problem ... Security
Scanning on the wire Igor Muttik Among the side effects of the explosion in both the use of the Internet and ... Security
AIM for bot coordination Lysa Myers In the last few years, there has been increasing interest within the virus-writing community in ... Security
Botnet tracking techniques and tools Jose Nazario Botnets have quickly become one of the chief dangers to large-scale Internet security, threatening nearly ... Security
Applying collaborative anti-spam techniques to anti-virus Adam J. O'Donnell One of the most effective techniques available for combating spam is the widespread application of ... Security
Rootkits: risks, issues and prevention Martin Overton Rootkits have been around almost since the start of computing, however over the last two ... Security
Panel discussion: Fighting cybercrime: one size does NOT fit all! the force "Join the Internet Strike Force as they divide and conquer the world of crimeware, looking ... Security
Panel discussion: Anti-Spyware Coalition - working together to combat spyware Chaired Baldry Security
Early fraud detection using a hybrid of messaging reputation and web activity Phyllis Schneck Current approaches to web fraud detection focus on web-based data and entities: the content of ... Security
The (correct) detection of light grey software Roel Schouwenberg "As brought up in my article in Virus Bulletin (see VB, October 2005, p.6), a ... Security
Exploiting spammers' tactics of obfuscations for better corporate level spam filtering Vipul Sharma "Spam filters that rely on machine learning often use the content of the emails to ... Security
Targeted trojan attacks and industrial espionage Alex Shipp "Currently our statistics show that over email we are stopping 3,000,000 items of malware a ... Security
The WMF shindig: celebrating zero-day new year Pukhraj Singh The Windows Metafile Arbitrary Code Execution vulnerability (MS06-001) has set new benchmarks in zero-day vulnerability ... Security
An analysis of the phishing community Mark Stemm Today, with more than one in five PC users receiving at least five phishing emails ... Security
Evolving shell code Masaki Suenega "This paper deals with the shell code seen in data files, such as image files ... Security
Malware in the UbiComp world Morton Swimmer "While it is not the reality yet, Ubiquitous Computing (UbiComp) and Ambient Intelligence (AmI) is ... Security
The game goes on: an analysis of modern spam techniques Rob Thomas "Spam is perhaps one of the most rapidly changing forms of communication we see today. ... Security
A deep look into Symbian threats Robert x. Wang Protecting a smart device will never be a small task, especially on such a compact ... Security
I know what you did last logon: keystroke logging, spyware and privacy Jeff Williams "The act of capturing keystrokes on a computer can manifest in a range of ways ... Security
Full potential of dynamic binary translation for AV emulation engine Jim Wu "Emulation is widely used for generic unpackers, behavioural AVs, and detection of polymorphic malware. The ... Security
Macintosh OSX binary malware Marius van Oers With the recent appearances of OSX/Leap and OSX/Inqtana it is clear that Macintosh users are ... Security