Hi All,
I would like to announce that the next Beer&Security gathering is scheduled for
Thursday, Apr 14 (or whatever the thursday happens to be), at Angelic (322 W
Johnson St).
Tuesday, April 15, 2008
Tuesday, April 1, 2008
AV/Malware reading list
Vendor/Relevant blogs will provide "situation awareness", and the sandbox/checksum sites will let you know what is that you have found, that looks like something bad, but your local AV says "All good".
While file names are good, but checksums are better. No checksum utility is included with windows, but there are many available (binaries).
Vendors
* McAfee
http://www.avertlabs.com/research/blog/index.php
* The Big Yellow
http://www.symantec.com/enterprise/security_response/weblog/
* F-Secure
http://www.f-secure.com/weblog/
* Sophos
http://www.sophos.com/security/blog
* TrendLabs
http://blog.trendmicro.com/
Relevant Sites
* WormBlog
http://www.wormblog.com/
* MS Anti-Malware team blog
http://blogs.technet.com/antimalware/
* VirusList
http://www.viruslist.com/en/weblog
* Virus Bulletin
http://www.virusbtn.com/news/index
* Dancho Danchev
http://ddanchev.blogspot.com
* Cool post about the state of AV
http://ddanchev.blogspot.com/2006/01/why-relying-on-virus-signatures-simply.html
* Avira, the not-so-anti-but-much-virus
http://www.virusbtn.com/news/2008/01_21.xml
From the "What't that malware?" dpt:
* Virus total
http://www.virustotal.com/
* Norman SandBox
http://www.norman.com/microsites/nsic/
* Bit9
http://fileadvisor.bit9.com/services/search.aspx
* File Checksum Integrity Verifier (md5/SHA1)
http://support.microsoft.com/kb/841290
While file names are good, but checksums are better. No checksum utility is included with windows, but there are many available (binaries).
Vendors
* McAfee
http://www.avertlabs.com
* The Big Yellow
http://www.symantec.com
* F-Secure
http://www.f-secure.com/weblog/
* Sophos
http://www.sophos.com/security
* TrendLabs
http://blog.trendmicro.com/
Relevant Sites
* WormBlog
http://www.wormblog.com/
* MS Anti-Malware team blog
http://blogs.technet.com
* VirusList
http://www.viruslist.com/en
* Virus Bulletin
http://www.virusbtn.com/news
* Dancho Danchev
http://ddanchev.blogspot.com
* Cool post about the state of AV
http://ddanchev.blogspot.com
* Avira, the not-so-anti-but-much-virus
http://www.virusbtn.com/news
From the "What't that malware?" dpt:
* Virus total
http://www.virustotal.com/
* Norman SandBox
http://www.norman.com/microsite
* Bit9
http://fileadvisor.bit9.com
* File Checksum Integrity Verifier (md5/SHA1)
http://support.microsoft.com
Subscribe to:
Posts (Atom)