Malicious cryptography, part twoThis two-part article series looks at how cryptography is a double-edged sword: it is used to make us safer, but it is also being used for malicious purposes within sophisticated viruses. Part two continues the discussion of armored viruses and then looks at a Bradley worm - a worm that uses cryptography in such a way that it cannot be analyzed. Then it is shown how Skype can be used for malicious purposes, with a crypto-virus that is very difficult to detect. 2006-05-16 http://www.securityfocus.com/infocus/1866
Malicious cryptography, part oneThis two-part article series looks at how cryptography is a double-edged sword: it is used to make us safer, but it is also being used for malicious purposes within sophisticated viruses. Part one introduces the concepts behind cryptovirology and offers examples of malicious potential with the SuckIt rootkit and a possible SSH worm. It then introduces armored viruses that use shape shifting (polymorphism and metamorphism) to avoid detection. 2006-05-08 http://www.securityfocus.com/infocus/1865
Fighting EPO VirusesThis article studies complex Entry Point Obscuring (EPO) viruses, by looking at the detection and removal of the difficult Win32.CTX.Phage virus. 2005-06-29 http://www.securityfocus.com/infocus/1841
The True Computer ParasiteThis article examines the evolution of malware, highlighting developments in replication techniques as well as significant changes in the nature of payload activities -- which now often generate profit for the malware creators. 2005-06-01 http://www.securityfocus.com/infocus/1838
Detecting Complex VirusesThe purpose of this paper is to examine the difficulties of detecting complex viruses, including polymorphic, metamorphic and entry-point obscuring viruses. Whether or not an anti-virus (AV) technology can detect these viruses can be a useful metric to consider when evaluating AV products. 2004-12-06 http://www.securityfocus.com/infocus/1813
Lessons Learned from Virus InfectionsThis article discusses how a virus outbreak will produce a few unique opportunities to examine the health of an organization's network -- and learn ways to further harden the network from future automated attacks. 2004-10-04 http://www.securityfocus.com/infocus/1804
Detecting Worms and Abnormal Activities with NetFlow, Part 2This paper discusses the use of NetFlow, a traffic profile monitoring technology available on many routers, for use in the early detection of worms, spammers, and other abnormal network activity in large enterprise networks and service providers. Part 2 of 2. 2004-09-23 http://www.securityfocus.com/infocus/1802
Detecting Worms and Abnormal Activities with NetFlow, Part 1This paper discusses the use of NetFlow, a traffic profile monitoring technology available on many routers, for use in the early detection of worms, spammers, and other abnormal network activity in large enterprise networks and service providers. 2004-08-16 http://www.securityfocus.com/infocus/1796
Malware Analysis for AdministratorsThe purpose of this article is to help administrators and power users use behavioral analysis to determine if a binary is harmful malware, by analyzing it in a lab environment without the use of anti-virus software, debuggers, or code disassembly. 2004-05-20 http://www.securityfocus.com/infocus/1780
Antivirus Concerns in XP and .NET EnvironmentsThis article will discuss new antivirus concerns within Microsoft's .NET framework and Windows XP applications. 2003-07-07 http://www.securityfocus.com/infocus/1707 |
|
|
Privacy Statement |
