October 25th, 2006, 12:36 AM
I just wanted to share this with everyone... I completed a review this morning on our corporate blog and it's a product/service that I think many of the members here will be interested in if they haven't seen it already..
To read the rest visit the blog posting
Lately, I've been more and more interested in malware analysis... I've been gathering viruses I receive and watching how they operate inside VMs. Due to this interest I've added more blogs to my seemingly never-ending list of RSS Feeds... Today a very interesting one came across the wire. Sunbelt Software had a blog posting announcing the official launch of CWSandbox. I must say, the software looks pretty damn cool.
Essentially the malware that you submit is executed in what I'm guessing is a VM environment. The software operates by injecting itself in a manner similar to how malware injects itself and has multiple means of protecting against detection by the malware. CWSandbox then monitors the file system, registry and other applications along with network activity and extracts important data (FTP or IRC login data).
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".