ELAM Is Black and White

At the Virus Bulletin conference this year, there was a talk about the limitations and suggested enhancements for the Early Launch Anti-Malware (ELAM) environment. The main observation, complaint if you will, was that there is no way for an anti-malware (AM) engine to perform a deep scan. However, there is a very good reason for…

0

Greetings from Tokyo…

This year at the PacSec conference, I will present a Microsoft view of the threat landscape during the first six months in 2009. It will be based on telemetry data published in the latest Security Intelligence Report (SIR) published on Nov 2nd, 2009. You can find agenda of the conference at http://pacsec.jp/agenda.html From data gathered…

0

Where in the world is the MMPC

Based on the interest we saw in the various presentations our team did at Virus Bulletin in Geneva a couple of weeks back we thought you might be interested in where else we will be presenting in the coming weeks. October 13 Vinny Gullotto will be in a panel discussion in Washington D.C. at the Emerging…

0

Notes from the VB Conference

Back in our labs in Dublin, Melbourne, and Redmond from the 2009 Virus Bulletin conference!  This year there were almost 400 attendees and 49 presentations covered by 60 speakers (7 of them from Microsoft). The MMPC had presenters from all three labs at the conference and we started and ended the technical stream. The topics…

0

From Dublin to Geneva

Hello! Greetings from Dublin! As mentioned by Jakub in a previous post, we are presenting at the Virus Bulletin International Conference 2009 in Geneva next week. It’s an understatement to say that we’re excited about attending the conference – and not just about presenting our papers, but about getting the chance to meet the other…

0

The modern rogue - a timely subject

As Jakub mentioned, I’ll soon be presenting at the Virus Bulletin conference in Geneva. I’ve spent a lot of time looking at rogue security software in the last year, so I’m looking forward to sharing some of my findings. The subject of rogues (or “scareware”) is a timely one. You may have heard reports in…

0

I can’t go back to yesterday - see you in Geneva

At last year’s VB conference, my talk “Playing with shadows – exposing the black market for online game password theft”  discussed malware being sold on the black market for password stealing purposes.  During the “Q & A” time, someone asked a question regarding the technical details of Dogrobot, a family of malware that can penetrate…

0

September in Geneva

Another year has passed, and the time of the most important annual anti-malware event is upon us. The Virus Bulletin International Conference 2009 takes place on 23-25 September at The Crowne Plaza Hotel in Geneva, Switzerland. As usual, the program is packed to the rafters with malware-related material, with presentations spread across two parallel streams,…

0

An update from FIRST and what we can learn from the Nijō Castle

Hi, Ziv Mador again. This week I’m attending the FIRST conference in Kyoto, Japan along with four of my Microsoft colleagues: Steve Adegbite, Andrew Cushman, Jonathan Ness and Dan Wolff. Today Jonathan, Steve and I gave a presentation about Microsoft’s response to the attacks which exploited a 0-day vulnerability back in the fall of 2008….

0

PDF E-ducation

Recently, Marian and Andrei presented a paper at the CARO Workshop about PDF vulnerabilities and exploits related to them. As we presented in our latest Security Intelligence Report, there was an increase in the use of these exploits, and the trend keeps going on. Since the beginning of the year, we have received over five…

0