Archive for the 'obfuscation' Category
My colleague Daniel Novomeský alerted me to a problem he's observed with the way some web-developers use JavaScript: a few of them have the habit of obfuscating JavaScript code on their web sites, presumably in order to compress it so that it takes less disk-space ("packing") or using a "protector" in order to make it … Read More…
It is generally well-understood that antimalware programs—the software which detects computer viruses, worms, trojan horses and other threats to your system—work by scanning files using signatures they already have. A signature could be as simple as a string[i] (like using the "find" command in your word processor to locate a particular piece of text) or as … Read More…
This weekend, an unnamed worm forced Microsoft to temporarily suspend active links in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example, … Read More…
It’s that time of year when everyone wants a top ten: the top ten most stupid remarks made by celebrities, the ten worst-dressed French poodles, the ten most embarrassing political speeches, and so on. Our research team came up with a few rather more serious ideas, most of which are considered at some length in our about-to-be-published … Read More…
AV-Comparatives, one of the major anti-malware testing organizations, has just announced its retrospective test for November. Retrospective or "frozen" testing involves testing the ability of one or more products to detect threats proactively, using techniques such as advanced heuristics rather than signature detection.
The test used new and unique samples received between 4th and 31st … Read More…
…and it’s still hybrid. Or multi-layered, if you prefer. What anti-malware companies (and malware authors, if it comes to that) are constantly doing is revisiting concepts that have worked before so that they fit the current environment better: there’s nothing wrong with an evolutionary approach, but changing the terminology doesn’t make it revolutionary. So what Larry … Read More…
- David Harley (770)
- Randy Abrams (437)
- Cameron Camp (102)
- ESET Research (61)
- Pierre-Marc Bureau (50)
- Stephen Cobb (47)
- Aryeh Goretsky (30)
- Paul Laudanski (17)
- Jeff Debrosse (14)
- Andrew Lee (14)
- Robert Lipovsky (10)
- Sebastian Bortnik (9)
- Dan Clark (8)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Peter Stancik (2)
- Andrea Kokavcova (1)
- David Carnevale (1)
- C. Nicholas Burnett (1)
RSS
