Back in our labs in Dublin, Melbourne, and Redmond from the 2009 Virus Bulletin conference! This year there were almost 400 attendees and 49 presentations covered by 60 speakers (7 of them from Microsoft). The MMPC had presenters from all three labs at the conference and we started and ended the technical stream. The topics this year included malware, spam, and this year's hot topic, cloud technology. There were also interesting talks on social networks, URL shortening, browser plug-ins, Banker...

The Microsoft Malware Protection Center (MMPC) would like to introduce you to Microsoft’s new security program - Microsoft Security Essentials . The MMPC is very excited about this release, which should help us to protect more customers around the world at no cost. Here’s a note from the Microsoft Security Essentials team: Microsoft Security Essentials (formerly codenamed “Morro”) is the newest security product from Microsoft that helps protect consumers against viruses, spyware and other...

Hello! Greetings from Dublin! As mentioned by Jakub in a previous post , we are presenting at the Virus Bulletin International Conference 2009 in Geneva next week. It’s an understatement to say that we're excited about attending the conference – and not just about presenting our papers, but about getting the chance to meet the other delegates. From the technical stream we have Elda and Francis: We’re presenting our paper entitled " Blast from the Past: Application of the MS08-067 Exploit...

As Jakub mentioned , I'll soon be presenting at the Virus Bulletin conference in Geneva. I've spent a lot of time looking at rogue security software in the last year, so I'm looking forward to sharing some of my findings. The subject of rogues (or "scareware") is a timely one. You may have heard reports in the past few days of a couple of malware attacks which involved rogues. One of these was an attack where visitors to the New York Times web site were seeing pop-ups telling them that their computer...

At last year’s VB conference, my talk “ Playing with shadows - exposing the black market for online game password theft ” discussed malware being sold on the black market for password stealing purposes. During the “Q & A” time, someone asked a question regarding the technical details of Dogrobot, a family of malware that can penetrate the protection offered by a ‘hard disk recovery card’ (used to restore a machine to a known, clean state). Unfortunately, I don’t think I gave a satisfactory answer...

Another year has passed, and the time of the most important annual anti-malware event is upon us. The Virus Bulletin International Conference 2009 takes place on 23-25 September at The Crowne Plaza Hotel in Geneva, Switzerland. As usual, the program is packed to the rafters with malware-related material, with presentations spread across two parallel streams, and three busy days that, no doubt, will be filled with research papers, discussions and heated but friendly arguments. A strong contingent...

This month we added both Win32/Bredolab and Win32/Daurso families to the latest MSRT release. Win32/Bredolab is a trojan downloader that garnered industry attention over the middle stages of 2009. This is due to a number of spam campaigns employing e-mail lures with parcel delivery themes. The e-mail messages appear to originate from legitimate sources such as UPS (United Parcel Service of America) or DHL (Dalsey, Hillblom and Lynn). However, Win32/Bredolab is a not a new family of malware. Its...