MRA Consultants has been trading for over 20 years, during this time I have built up a reputation for service, reliability and value for money. A small sample of local business I serve include  Maryport Bodyworks Centre, ABI Motor body Repairs, Taylors Joinery And Plastics, West Cumbria domestic Violence, Distington Community Centre, Macs Removals Ltd .Engineering Pipework Services Ltd, Distington club for young people, Ewanrigg Community Centre, CMS, Robin Dargavel Ltd, Lake District Coast Aquarium as well as countless numbers of individuals. Over 99% of my business comes from referrals. I was the first in the area to pioneer no fix no fee and no call out charges.

Virus Bulletin news

Paper: Learning about Bflient through sample analysis

Flexible module-handling mechanism allows malware to adjust functionalities at will.

The history of the 'Bflient' worm goes back to the discovery of its first variants in June 2010. The malware was created using the 'ButterFly Flooder' toolkit, which is an update to 'ButterFly Bot' - made (in)famous because it was used to create the Mariposa botnet.

Today, we publish a paper by Meng Su and Dong Xie, two researchers from Fortinet, who studied recent variants of Bflient.

In the paper, Meng and Dong dig deep into the malware: from anti-analysis tricks used in the packer and during initialization, to the worm's ability to download 'resource blocks' from the command and control server. This modular architecture gives a lot of flexibility to the malware authors. A number of resource blocks are hard coded in the malware; these handle, for instance, the displaying of advertisements on infected PCs, downloading other pieces of malware, or the spreading of the worm via removable devices.

Read more (1 paragraph)

Report: VB100 comparative review on Windows 7

29 out of 35 tested products earn VB100 award.

The various changes at Virus Bulletin mean that things are busier than ever in our office. Still, behind the scenes we continue to perform what remains one of our core activities: the testing of security products.

John Hawes and his team tested no fewer than 35 anti-malware solutions on the popular Windows 7 platform. 29 of these achieved a VB100 award, showing that they were capable of detecting all malware from the WildList, without erreonously detecting files from a 'clean set' of legitimate files.

Remember that, as of this month, all content published through Virus Bulletin is available free of charge, and the test reviews are no exception. We encourage readers to make use of this and read beyond the passes and the fails: the report includes many details on products' performance and stability that will help home users and system administrators alike in their choice of a good security product.

Read more (2 paragraphs)

Call for last-minute papers for VB2014 announced

Seven speaking slots waiting to be filled with presentations on 'hot' security topics.

Earlier this year, we announced the programme for VB2014: three days filled with excellent papers on a wide range of security topics.

last minute programme

Well, not entirely. As usual, one small part of the programme has been set aside for last-minute papers: presentations dealing with up-to-the-minute specialist topics, with the emphasis on current and emerging ('hot') topics.

Of course, many presentations already on the programme remain or have become 'hot'. Two presentations on malware targeting *nix servers tie in seamlessly with the 'Mayhem' analysis we published last week, while malware targeting 'boletos' - banking documents issued by banks and businesses in Brazil - made the news long after a presentation on the subject had been added to the conference programme.

Read more (3 paragraphs)

Paper: Mayhem - a hidden threat for *nix web servers

New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system.

One of the main trends in malware in recent years is a sudden focus on malware targeting Linux and Unix (web) servers. By targeting these servers, malware authors not only make user of far better network connections and more powerful servers than the average Windows PC has, the servers are also less likely to be updated on a regular basis and they are less likely to run security software.

Earlier this year, we published an article by four researchers from Yandex in Russia on the 'Effusion' malware, that targeted servers running Nginx and only last week researchers from Kaspersky wrote a blog about 'Mayday', a DDoS trojan targeting Linux servers.

Today, we publish a paper by three of the aforementioned Yandex researchers (Andrew Kovalev, Konstantin Otrashkevich and Evgeny Sidorov) in which they analyse 'Mayhem', a new kind of malware that runs on *nix servers and is able to gain maximum benefits, even when running under restricted privileges on the target system.

Read more (5 paragraphs)

Google's Project Zero to hunt for zero-days

Bugs to be reported to the vendor only, and to become public once patched.

Google has created a new team, called Project Zero, whose task is to find vulnerabilities in any kind of widely used software and to report them to the respective vendor.

Few subjects in security are as controversial as the disclosure of zero-day vulnerabilities. Some argue that vulnerabilities should always be reported to the affected vendor, and that a 'bug bounty' is a nice, but not mandatory extra. Others say that without a bug bounty rewarding the researchers for their work, they shouldn't report it - and even if there is a reward, the bug should only be reported if the bounty is deemed reasonable.

Indeed, bug bounties aren't the only way researchers can monetize the vulnerabilities they find: there are various entities that will gladly pay for such vulnerabilities, some of which aren't always seen to have the best interests of the average Internet user at heart. This has led to calls to regulate the sale of zero-days, and in response, strongly voiced opinions that such regulation would be a bad idea, and would violate the researchers' right to free speech.

None of the vulnerabilities found by Google will be reported to third-parties, though: only the affected vendor will be notified, and will be given time to patch. Once the bug has been made public (which, Google says, will typically happen "once a patch is available"), it will be added to a public database. This allows anyone to monitor the time it takes vendors to fix vulnerabilities.

Read more (1 paragraph)

Telephone 01900516363
Visitors to this page : 6,190

Digital Solutions  for Cumbria

 

 

Mobile 07944982166