News

Call for Papers: VB2016 Denver

VB seeks submissions for the 26th Virus Bulletin Conference.

22 December 2015

VB2015 video: Making a dent in Russian mobile banking phishing

Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks.

16 December 2015

Conference review: Botconf 2015

Third botnet fighting conference another big success.

15 December 2015

High spam catch rates continue in latest spam filter test

US presidential candidates regularly see their emails blocked by spam filters.

14 December 2015

Throwback Thursday: A View from the Lab

This Throwback Thursday, VB heads back to 1997 with 'A View from the Lab'.

03 December 2015

Paper: Optimizing ssDeep for use at scale

Brian Wallace presents tool to optimize ssDeep comparisons.

27 November 2015

Throwback Thursday: Legal attempts to reduce spam. A UK perspective

This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'.

19 November 2015

Paper: 3ROS exploit framework kit — one more for the infection road

Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit.

13 November 2015

Throwback Thursday: What DDoS it all Mean?

This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace.

12 November 2015

The Internet of Bad Things, Observed

In his VB2015 keynote address, Ross Anderson described attacks against EMV cards.

10 November 2015

Throwback Thursday: Inside Sony's rootkit

This Throwback Thursday, we turn the clock back ten years, when the discovery of a rootkit ignited a firestorm of criticism for Sony.

05 November 2015

Full house in VB's latest spam filter test

All participating full solutions earn VBSpam certification, while little delay is observed in spam filters.

05 November 2015

Paper: Shifu — the rise of a self-destructive banking trojan

Thorough analysis of this new kid on the malware block.

03 November 2015

Hack.lu 2015

Great research presented in a stimulating environment.

02 November 2015

Throwback Thursday: Memetic Mass Mailers: Time to Classify Hoaxes as Malware?

This Throwback Thursday, we turn the clock back to July 2002, when virus hoaxes were wreaking havoc in homes and organizations worldwide.

29 October 2015

Throwback Thursday: The real virus problem

This Throwback Thursday, we turn the clock back to February 2004 when, in order to get a gauge of the "real" virus problem, Jim Bates presented the findings of a survey of UK computer programmers.

15 October 2015

Paper: MWI-5: Operation HawkEye

Gabor Szappanos looks at how macro malware campaigns spread a commercial keylogger to harvest banking details.

14 October 2015

Throwback Thursday: Misguided or malevolent? New trends in virus writing

This Throwback Thursday, we turn the clock back to February 2004 when Stuart Taylor wondered whether there was truly a criminal element entering virus writing.

08 October 2015

VB2015 'Steganoprague' competition

Use your steganography-detection skills and win a pile of books.

30 September 2015

Throwback Thursday: The First International Virus Bulletin Conference

This Throwback Thursday, we turn the clock back to October 1991 to take a look back at the first ever VB Conference: VB'91 in Jersey.

24 September 2015

Researchers seek ransomware samples for their generic solution

VB2015 presentation to include demonstration of technique against recent samples.

18 June 2015

Throwback Thursday: Virus Writer and Distributors 'Attributable Viruses'

This Throwback Thursday, we turn the clock back to July 1990, when VB looked at virus origins and some of the rare cases of attributable viruses.

17 September 2015

VB2015 last-minute papers announced

Ten talks covering hot research added to the VB2015 programme.

15 September 2015

Paper: Custom packer defeats multiple automation systems

Combination of anti-automation, anti-VM and anti-reverse engineering to make researchers' lives harder.

04 September 2015

Throwback Thursday: Computer Viruses: Electronically Transmitted Disease?

This Throwback Thursday, we turn the clock back to March 2003, when VB reported on a piece of research investigating the psychological toll inflicted by computer viruses.

03 September 2015

VB2015: some important information

Last-minute papers, steganography competition and foosball tournament.

28 August 2015

Throwback Thursday: Safe Hex in the 21st Century

This Throwback Thursday, we turn the clock back to July 2000, when we were already being warned that virus scanners were no longer enough.

27 August 2015

Paper: Not a GAMe maKER

Raul Alvarez performs low-level analysis of information-stealing trojan.

26 August 2015

VB2015 preview: advanced persistent threats

Several conference papers to deal with targeted attacks.

25 August 2015

Throwback Thursday: The Virus Analyst Headache

This Throwback Thursday, we turn the clock back to April 1999, when the average virus analyst had to manually process around ten or more viruses per day, and the growing complexity and volume of viruses was proving a headache.

20 August 2015

Back to the future: anti-virus engines and sandboxes

Szilard Stange makes the case for multi-engine malware scanning.

19 August 2015

Catch rates bounce back in latest spam filter test

Products defy prediction of tougher circumstances.

18 August 2015

Paper: Life after the apocalypse for the Middle Eastern NJRat campaign

Malware authors upped their game following 2014 disruption of No-IP.

14 August 2015

Throwback Thursday: IT Security Breaches: The 1994 NCC Survey

This Throwback Thursday, we turn the clock back to November 1994, when VB asked: what is the nature of the real virus problem, and how much does it cost?

13 August 2015

VB2015 preview: the Internet of Things

Experts to cover various aspects of IoT (in)security in a range of talks.

11 August 2015

Paper: Hype heuristics, signatures and the death of AV (again)

David Harley responds to anti-malware's many criticasters.

07 August 2015

File-stealing vulnerability found in Firefox PDF reader

Both Windows and Linux users actively being targeted.

07 August 2015

Throwback Thursday: Palm Breach

This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant.

06 August 2015

Compromised site serves Nuclear exploit kit together with fake BSOD

Support scammers not lying about a malware infection for a change.

31 July 2015

Throwback Thursday: Riotous Assembly

This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel.

30 July 2015

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.

28 July 2015

Throwback Thursday: Sizewell B: Fact or Fiction?

This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants?

23 July 2015

Call for last-minute papers for VB2015 announced

Ten speaking slots waiting to be filled with presentations on 'hot' security topics.

21 July 2015

Spam levels fall below 50% for the first time in 12 years

Decline not necessarily good news for spam filters.

20 July 2015

'NOMORE' attack makes RC4 a little weaker again

No good reason to continue using the stream cipher, yet attacks remain impractical.

20 July 2015

Throwback Thursday: What You Pay For...

This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge.

16 July 2015

Paper: Dridex in the Wild

Meng Su explains how Dridex works and how it communicates with its C&C server.

13 July 2015

Those doing bad things deserve privacy too

Hacking Team leakers should have taken a leaf out of Snowden's book.

10 July 2015

Throwback Thursday: Cabirn Fever

This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared.

09 July 2015

Little sympathy for breached Hacking Team

Lists of customers, source code and zero-day vulnerabilities made public.

08 July 2015

Throwback Thursday: The Updating Game

This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm.

02 July 2015

Nominations opened for second Péter Ször Award

'Brilliant mind and a true gentleman' commemorated through annual award for technical security research.

29 June 2015

VB2014 paper: Quantifying maliciousness in Alexa top-ranked domains

Paul Royal looks at malware served through the most popular websites.

26 June 2015

Latest spam filter test sees significant drop in catch rates

Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award.

26 June 2015

Throwback Thursday: KAOS on the Superhighway?

This Throwback Thursday, we turn the clock back to 1994, when KAOS4 was discovered on the Internet.

25 June 2015

Paper: Using .NET GUIDs to help hunt for malware

Tool to extract identifiers incorporated into VirusTotal.

24 June 2015

Steganoprague: a VB2015 competition & puzzle

Use your obfuscation and deobfuscation skills to win a prize during the VB2015 conference!

24 June 2015

NSA, GCHQ found to target anti-virus products

Agencies looked for vulnerabilities to exploit and for submitted malware samples.

23 June 2015

Paper: Beta exploit pack: one more piece of crimeware for the infection road!

Exploit kit currently being tested focuses primarily on Flash Player exploits.

19 June 2015

Throwback Thursday: Macro Viruses & The Little Virus That Could...

This Throwback Thursday, we turn the clock back to 1999, when Melissa was causing havoc across the globe and VB presented a series of articles detailing all you ever wanted to know about macro viruses but were afraid to ask.

18 June 2015

Virus Bulletin announces 'Small Talks' for VB2015

Smaller, more informal format ideal for discussion and debate.

16 June 2015

Vawtrak uses Tor2Web to connect to Tor hidden C&C servers

Option hides the servers, without having to include a Tor client in the malware.

11 June 2015

Throwback Thursday: Virus Writers

This Throwback Thursday, we bring you a series of articles from the archives that looked at virus writers, asking 'who are they?', 'why do they do it?', and other pertinent questions.

11 June 2015

Duqu 2.0 found to target security company

Advanced malware also targeted venues linked to Iranian nuclear negotiations.

10 June 2015

London calling!

Infosecurity Europe, BSides London and the Security Bloggers Meetup.

27 May 2015

Paper: On the beat

Kevin Williams looks back at UK law enforcement successes at combating cybercrime.

22 May 2015

Throwback Thursday: Research and Other Hobbies

This Throwback Thursday we reflect on the life of one of industry's greats, who sadly passed away this week: Prof. Klaus Brunnstein.

21 May 2015

Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

'Logjam' attack possibly used by the NSA to decrypt VPN traffic.

20 May 2015

Virus Bulletin announces student tickets for VB2015

87% discount for students and the option to give a lightning talk.

15 May 2015

Throwback Thursday: Double Trouble / The Perfect Couple

Once again this Throwback Thursday, we bring you not one but two (related) pieces from the archives as VB heads back to the mid-90s when a new era of viruses was believed to be dawning.

14 May 2015

Book review: The Florentine Deception, by Carey Nachenberg

John Hawes reviews Carey Nachenberg's debut novel.

13 May 2015

Book review: Data and Goliath, by Bruce Schneier

Paul Baccas reviews Data and Goliath 'The Hidden Battles to Collect You Data and Control Your World', by Bruce Schneier.

11 May 2015

Throwback Thursday: When Love came to Town

Once again this Throwback Thursday, we bring you not one but two (related) pieces from the archives as VB heads back to 2000 in the week of the 15th anniversary of the LoveLetter virus.

7 May 2015

You are your own threat model

For most people, the biggest security threat is that of themselves doing something they shouldn't do.

05 May 2015

Report: six anti-virus solutions pass annual Linux test

Clean sweep of passes in VB100 test on Red Hat Enterprise Linux.

01 May 2015

Throwback Thursday: Regina v Christopher Pile: The Inside Story & Off with his Head!

This Throwback Thursday, we bring you not one but two (related) pieces from the archives as VB heads back to 1996 to look at events surrounding the issuing of the UK's first custodial sentence for writing and distributing computer viruses.

30 April 2015

POODLE is the brown M&Ms of security

Just because it won't be exploited, doesn't mean you shouldn't patch it.

30 April 2015

Report: 15 solutions achieve VBSpam award

Test process also uncovers job spam illustrative of trend.

28 April 2015

VB2015 offer for new security companies

Write an article for the Bulletin, get a half-price ticket for the conference.

23 April 2015

Throwback Thursday: Through the Administrator's Eye

This Throwback Thursday, VB heads back to 1997 with 'Through the Administrator's Eye'.

23 April 2015

Registration for VB2015 has opened

Early bird discounts available for registrations made before 30 June.

22 April 2015

Ross Anderson awarded BCS Lovelace Medal

Cambridge professor to deliver VB2015 keynote.

17 April 2015

Does it matter if my banking password is 'Prague'?

Users do choose weak passwords, but they aren't as big a problem as we think.

16 April 2015

Throwback Thursday: The Unbearable Lightness of Testing

VB gets in on the Throwback Thursday act, delving into the archives.

16 April 2015

VB2014 paper: Swipe away, we're watching you

Hong Kei Chan and Liang Huang describe the various aspects and the evolution of point-of-sale malware.

02 April 2015

Google 'suspends' CNNIC from Chrome's certificate store

Chinese certificate authority told to re-apply.

02 April 2015

Virus Bulletin announces two VB2015 keynotes

Ross Anderson and Costin Raiu to deliver keynote addresses at 25th Virus Bulletin conference.

02 April 2015

Volatile Cedar campaign - cyber espionage isn't just for large nation states

Details of malware to be discussed at VB2015.

02 April 2015

VB2015 conference programme announced

From drones to elephants: an exciting range of topics will be covered in Prague.

31 March 2015

Paper: a timeline of mobile botnets

Ruchna Nigam provides an overview of more than 60 mobile malware families.

30 March 2015

Paper: Dylib hijacking on OS X

Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks.

19 March 2015

Will DIME eventually replace email?

Protocol has all the advantages of email, yet is orders of magnitude more secure.

12 March 2015

Paper: Windows 10 patching process may leave enterprises vulnerable to zero-day attacks

Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy.

12 March 2015

The ghost of Stuxnet past

Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete.

11 March 2015

Virus Bulletin seeks hackers, network researchers for VB2015

One week left to submit an abstract for the 25th Virus Bulletin conference.

06 March 2015

Canadian firm fined $1.1m for breaching anti-spam law

First success story for long-awaited CASL.

06 March 2015

VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps

Gregory Panakkal explains that there are different ways of looking at APK files - and that sometimes that can have unintended consequences.

05 March 2015

FREAK attack takes HTTPS connections back to 1990s security

Golden keys from the (first) crypto wars have come back to haunt us.

04 March 2015

Paper: Script in a lossy stream

Dénes Óvári explains how to store code in lossily compressed JPEG data.

2 March 2015

TorrentLocker spam has DMARC enabled

Use of email authentication technique unlikely to bring any advantage.

02 March 2015

VB2014 paper: Caphaw - the advanced persistent pluginer

Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype.

27 February 2015

M3AAWG releases BCP document on dealing with child sexual abuse material

Subject may make many feel uncomfortable, but it is essential that we know how to deal with it.

27 February 2015

Hacker group takes over Lenovo's DNS

As emails were sent to wrong servers, DNSSEC might be worth looking into.

26 February 2015

Coordinated action takes down Ramnit botnet infrastructure

Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying.

26 February 2015

Almost 50% increase in reported vulnerabilities as non-Windows operating systems lead the table

Each discovered vulnerability is actually a good news story.

25 February 2015

Vawtrak trojan spread through malicious Office macros

Users easily tricked, but plenty of opportunity for the malware to be blocked.

24 February 2015

Lenovo laptops pre-installed with software that adds its own root CA certificate

Shared root certificate makes for easy man-in-the-middle attacks.

20 February 2015

Google relaxes disclosure policy following criticism

Grace period added for vulnerabilities that are about to be patched.

16 February 2015

VB2014 video: .NET malware dynamic instrumentation for automated and manual analysis

Hexiang Hu used tool to detect Bladabindi backdoor.

13 February 2015

VB2014 video: .NET malware dynamic instrumentation for automated and manual analysis

Hexiang Hu used tool to detect Bladabindi backdoor.

13 February 2015

Facebook launches platform for sharing of threat intelligence

Twitter, Yahoo! amongst early participants in 'ThreatExchange'.

12 February 2015

VirusTotal project aims to remediate false positives

Security vendors to receive alerts when legitimate files are detected as malicious.

11 February 2015

VB2014 paper: P0wned by a barcode: stealing money from offline users

Fabio Assolini explains how cybercriminals are targeting boletos.

10 February 2015

VB2014 paper: We know it before you do: predicting malicious domains

Wei Xu and his colleagues attempt to block domains before they're used for bad purposes.

05 February 2015

Adobe issues patch for yet another Flash Player zero-day

CVE-2015-0313 used in the wild as long ago as December.

05 February 2015

Praise for the unsung heroes of email

Many decent performances in VB's latest comparative spam filter test.

04 February 2015

Low VirusTotal detection rates for new malware, do they matter?

It is not as important as is often suggested — and doesn't mean the malware is allowed to execute.

03 February 2015

From roadie to security rock star: it can happen

To break into security, start by getting a job in the industry.

02 February 2015

'RansomWeb' ransomware targets companies' databases

Encryption first added as a patch, key only removed when all backups are encrypted.

02 February 2015

VB2014 paper: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Chun Feng and Elia Florio analyse two Flash Player vulnerabilities and an IE one where Flash provides a helping hand.

30 January 2015

Frequently asked questions about VB2015 conference submissions

No, it doesn't have to be about malware and no, it doesn't have to be deeply technical either!

30 January 2015

Linux systems affected by 'GHOST' vulnerability

Proof-of-concept email gives remote access to Exim mail server.

28 January 2015

VB2014 paper: Design to discover: security analytics with 3D visualization engine

Thibault Reuille and Dhia Mahjoub use DNS data to look for clusters of malicious domains.

26 January 2015

Adobe to patch Flash Player zero-day next week

Patch due next week as malvertising leads to Bedep trojan downloader.

23 January 2015

Alleged Flash Player zero-day used in Angler exploit kit

Adobe 'investigating reports'.

22 January 2015

Research paper profiles victims of targeted attacks

Large organisations working in national security and international affairs run highest risk.

21 January 2015

Paper: Nesting doll: unwrapping Vawtrak

Raul Alvarez unwraps the many layers of an increasingly prevalent banking trojan.

20 January 2015

VB2014 paper: OPSEC for security researchers

Vicente Diaz teaches researchers the basics of OPSEC.

19 January 2015

WhatsApp spam on the rise

End-to-end encryption makes spam filtering more difficult.

16 January 2015

What would Cameron's 'anti-terrorism' proposals mean for the UK?

Proposals could cause serious damage to business and the economy, and are unlikely to stop terrorism.

15 January 2015

VB2014 paper: Duping the machine - malware strategies, post sandbox detection

James Wyke looks at malware that takes extra steps to frustrate researchers.

13 January 2015

Microsoft no longer publishes advance notifications for its Patch Tuesdays

Company unhappy with Google going full disclosure on privilege escalation vulnerability.

12 January 2015

VB2014 Paper: Attack surface analysis of Tizen devices

Irfan Asrar looks at the security of the operating system used in many IoT devices.

08 January 2015

VB2014 paper: Unveiling the kernel: rootkit discovery using selective automated kernel memory differencing

Ahmed Zaki and Benjamin Humphrey describe a system they built for the automated detection of rootkit behaviour.

06 January 2015

New VB100 and VBSpam test results published

See which anti-malware and anti-spam solutions achieved certification.

06 January 2015

Virus Bulletin wishes you a great 2015

See you in Prague - and on the Internet!

05 January 2015

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.