Avantare writes "ZDNet Australia has a writeup about why AV apps don't work. The reason given is because the malware authors are writing code that will get around the signatures of the application by testing their code on the most popular anti-virus software before release." This comes as a follow up to another article detailing the sad state of anti-virus software currently on the market.

An anonymous reader writes "The rootkit wars have started to escalate with a rootkit named Rustock which is able to remain hidden from all the popular anti-rootkit tools. It uses some new techniques including not only putting itself in a ADS (NTFS alternate data stream) which isn't seen by normal file system enumeration tools, but even blocks ADS aware tools from seeing the stream. Works in Vista, too! Analysis in both Symantec and F-Secure blogs."

Casper the Angry Ghost writes "Malware hunters have figured out a way to use the freely available Google SOAP Search API, as well as WDSL, to find dangerous .exe files sitting on thousands of Web servers around the world. Queries can be written to examine the internals of web-accessible binaries, thus allowing the hunters to identify malicious code from across the internet." From the article: "We're finding literally thousands of sites with malicious code executables. From hacker forums, newsgroups to mailing list archives, they're all full of executables that Google is indexing. About 15 percent of the results came back from legitimate Web sites hijacked by malicious hackers and seeded with executables."

Sandbagger writes "Here's an interesting problem for MySpace — groups of websites that entice MySpace users into placing videos onto their profile pages (under the guise of 'free content'), without disclosing a key piece of information that might make them think twice. When someone visits one of these profiles carrying the video, a DRM acquisition box pops up and attempts to install Zango adware. In all likelihood, the profile owners don't even know these videos are doing this to their visitors. The end result is an Adware affiliate effectively removing himself from the distribution chain and letting kids promote these videos instead, in a strange example of viral marketing gone wrong."

prostoalex writes "Business Week has a detailed expose of Direct Revenue. The article has some juicy details on the everyday workings of a spyware outlet, talks about the the business model and advertisers who funnel cash to Direct Revenue, and even mentions Direct Revenue's anti-spyware achievements (the company's installer blasted away competing spyware apps, so that the user's computer wouldn't be overwhelmed with redundant pop-ups)."

Mindpicnic writes "The recent switch of two lifelong Mac nerds to Ubuntu hasn't escaped Tim O'Reilly's radar. He cites Jason Kottke: 'If I were Apple, I'd be worried about this. Two lifelong Mac fans are switching away from Macs to PCs running Ubuntu Linux: first it was Mark Pilgrim and now Cory Doctorow. Nerds are a small demographic, but they can also be the canary in the coal mine with stuff like this.'"

blamanj writes "Apple has joined the list of over fifty companies (most in Silicon Valley) that possibly mishandled stock options by backdating them. The technique is not illegal, but it can cause a company to improperly deduct employee compensation expenses and result in an underpayment of taxes. So far, Apple is conducting the investigation itself, but it has notified the SEC."

techmuse writes "eWeek has an article about a prototype rootkit that is implemented using a virtual machine hypervisor running on top of AMD's Pacifica virtualization implementation. The idea is that the target OS, or software running on it, would not be able to detect the rootkit, because the OS would be running virtualized on top of the rootkit. The prototype is supposed to be demonstrated at the Syscan conference and the Black Hat Briefings over the next month."

lancejjj writes "Remember how the VA was pinning the theft of 26.5 million veterans' personal records on a hard working-but-renegade employee whose laptop was stolen? Surprise! It turns out that the employee had written permission to bring the sensitive data home. Fortunately, the laptop has been recovered. It is still unclear how the laptop was recovered, or if any of the veterans' personal data was leaked."

conq writes "BusinessWeek has a piece on Intel's newest chip, the Xeon 5100, which many consider might be the chip that will llow them to stop losing ground to AMD. From the article: 'During the presentation, Intel ran the now-standard comparison test against AMD's highest performing chip, handily beating the system in a speed test. And in a jab at AMD execs, who handed kill-o-watt meters to analysts at the outfit's recent technology day, Intel execs used the same device to measure the new Xeon 5100 system's performance — gauged to be 7 watts better than that of the AMD-based system.'"

An anonymous reader writes "The recently released Google Web Toolkit (GWT) is a comprehensive set of APIs and tools that lets you create dynamic Web applications almost entirely in Java code. However, GWT is something of an all-or-nothing approach, targeted at a relatively small niche in Web application development market. This article shows you what GWT can do and will help you decide if it's the best tool to use for your web development."

KrayzieKyd writes "God Bless Mozilla. Firefox has just notified me that Firefox version 1.5.0.4 has just been released with release notes and according to Mozilla's website, the same has been released for Thunderbird with its own release notes."

prostoalex writes "Yahoo! launched Yahoo! Video last night, allowing users to upload, share and tag their videos. For Windows users the player uses the standard Yahoo! Player, while Mac and Linux users get video encoded in Flash. Yahoo! joins a highly competitive field of video services currently led by MSN Video, YouTube and Google Video. The Associated Press reports on the Yahoo! Video launch as well."