Hello participants of Mailing List. As I've announced in the list in May, I've released my article "Bypassing Web Antiviruses" in the magazine Web App Pentesting 05/2012 (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-May/008378.html). Concerning this article, then recently I've published it at my site (http://websecurity.com.ua/articles/bypassing-of-web-antiviruses/). So everyone who is interested can read it. This article combines information from my 2010's article "Bypass of systems for searching viruses at web sites" (published in the list) and from my 2011's article "Effective use of cloaking against web antiviruses". In short, in the first article I told about the cloaking - how malware can hide from web antiviruses (and stated that my system Web VDS, which I've made in 2008, had protection from cloaking). And in the second article I told more about the cloaking - the way how web antiviruses became fighting with it and other ways of bypassing them with cloaking. I've described the case, when in the end of August 2011 I've found Google's bot, who changed its UA. But due to other mistakes, it couldn't hide well, so it was possible for malware to use cloaking for hiding from the bot. So it's needed to fight with cloaking more effectively. P.S. Also in May I've wrote to the list about case of how IBM handle information about vulnerabilities in their software. And soon I'll present the results summary of my two months conversation with IBM PSIRT and other employees of this company. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua