MadSec 04849, Apr 14, 2007, 7pm

Hi All,

I would like to announce that the next Beer&Security gathering is scheduled for
Thursday, Apr 14 (or whatever the thursday happens to be), at Angelic (322 W
Johnson St).

AV/Malware reading list

Vendor/Relevant blogs will provide "situation awareness", and the sandbox/checksum sites will let you know what is that you have found, that looks like something bad, but your local AV says "All good".

While file names are good, but checksums are better. No checksum utility is included with windows, but there are many available (binaries).

Vendors
* McAfee
http://www.avertlabs.com/research/blog/index.php
* The Big Yellow
http://www.symantec.com/enterprise/security_response/weblog/
* F-Secure
http://www.f-secure.com/weblog/
* Sophos
http://www.sophos.com/security/blog
* TrendLabs
http://blog.trendmicro.com/

Relevant Sites
* WormBlog
http://www.wormblog.com/
* MS Anti-Malware team blog
http://blogs.technet.com/antimalware/
* VirusList
http://www.viruslist.com/en/weblog
* Virus Bulletin
http://www.virusbtn.com/news/index
* Dancho Danchev
http://ddanchev.blogspot.com

* Cool post about the state of AV
http://ddanchev.blogspot.com/2006/01/why-relying-on-virus-signatures-simply.html
* Avira, the not-so-anti-but-much-virus
http://www.virusbtn.com/news/2008/01_21.xml

From the "What't that malware?" dpt:
* Virus total
http://www.virustotal.com/
* Norman SandBox
http://www.norman.com/microsites/nsic/
* Bit9
http://fileadvisor.bit9.com/services/search.aspx
* File Checksum Integrity Verifier (md5/SHA1)
http://support.microsoft.com/kb/841290