VB Blog

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by Martijn Grooten on Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Posted by Martijn Grooten on Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Posted by Martijn Grooten on Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Posted by Martijn Grooten on Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Posted by Virus Bulletin on Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Posted by Martijn Grooten on Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Posted by Virus Bulletin on Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Posted by Virus Bulletin on Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Posted by Virus Bulletin on Sep 25, 2019

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.

Posted by Martijn Grooten on Sep 18, 2019

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.

Previous1...89101112...215Next

Search blog

The ghost of Stuxnet past

Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete.
Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete. Mention Stuxnet and you'll have many a security researcher's attention. The worm, which was… https://www.virusbulletin.com/blog/2015/03/ghost-stuxnet-past/

Microsoft no longer publishes advance notifications for its Patch Tuesdays

Company unhappy with Google going full disclosure on privilege escalation vulnerability.
Company unhappy with Google going full disclosure on privilege escalation vulnerability. Tomorrow is the second Tuesday of the month and, as most people reading this blog will… https://www.virusbulletin.com/blog/2015/01/microsoft-no-longer-publishes-advance-notifications-its-patch-tuesdays/

Microsoft to publish security bulletins in CVRF format

Standard will streamline process of reviewing patches.
Standard will streamline process of reviewing patches. Software giant Microsoft has announced that it has started to publish its monthly security bulletins in the CVRF format.… https://www.virusbulletin.com/blog/2012/05/microsoft-publish-security-bulletins-cvrf-format/

Hefty Patch Tuesday bulletin rounds off bumper year

No sign of an end to vulnerability glut.
No sign of an end to vulnerability glut.Microsoft released its monthly Patch Tuesday security bulletin yesterday, with details of a hefty 17 alerts covering 40 separate… https://www.virusbulletin.com/blog/2010/12/hefty-patch-tuesday-bulletin-rounds-bumper-year/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Giant patch release from Microsoft, Oracle

Record Patch Tuesday combines with swathe of extra fixes for corporates.
Record Patch Tuesday combines with swathe of extra fixes for corporates. It's a busy week for corporate admins as Microsoft's monthly Patch Tuesday security bulletin, containing a… https://www.virusbulletin.com/blog/2010/10/giant-patch-release-microsoft-oracle/

Extra-large crop of updates for Patch Tuesday

Fourteen security alerts from Microsoft join two from Adobe.
Fourteen security alerts from Microsoft join two from Adobe.Microsoft's monthly Patch Tuesday security bulletins came out this week, featuring a chunky 14 separate alerts with many… https://www.virusbulletin.com/blog/2010/08/extra-large-crop-updates-patch-tuesday/

Patches come thick and fast in major update spree

Monthly and out-of-band issues flood admins' to-do lists.
Monthly and out-of-band issues flood admins' to-do lists. The release of this month's Patch Tuesday security bulletins from Microsoft, with a fairly average 10 alerts covering 34… https://www.virusbulletin.com/blog/2010/06/patches-come-thick-and-fast-major-update-spree/

Patch Tuesday release includes 13 bulletins

26 vulnerabilities featured in sizeable update set.
26 vulnerabilities featured in sizeable update set. After a relatively quiet January, administrators are faced with a hefty workload this week as Microsoft's monthly Patch Tuesday… https://www.virusbulletin.com/blog/2010/02/patch-tuesday-release-includes-13-bulletins/

IE zero-day bug fixed in Patch Tuesday updates

Serious browser bug main feature of monthly alerts, Adobe Flash issue also patched.
Serious browser bug main feature of monthly alerts, Adobe Flash issue also patched.Microsoft has released the December Patch Tuesday security bulletin, with a total of six alerts.… https://www.virusbulletin.com/blog/2009/12/ie-zero-day-bug-fixed-patch-tuesday-updates/

Bumper crop of October patch releases

Busy weeks for admins as Patch Tuesday joined by Adobe fixes, and Mozilla announces plug-in checking plans.
Busy weeks for admins as Patch Tuesday joined by Adobe fixes, and Mozilla announces plug-in checking plans. This week has seen Microsoft's monthly Patch Tuesday release of security… https://www.virusbulletin.com/blog/2009/10/bumper-crop-october-patch-releases/

Patch Tuesday brings little relief from browser exploits

Six fixes issued, but new IE zero day emerges along with Firefox flaw.
Six fixes issued, but new IE zero day emerges along with Firefox flaw.Microsoft has issued its monthly 'Patch Tuesday' security update, with some serious browser flaws patched, but… https://www.virusbulletin.com/blog/2009/07/patch-tuesday-brings-little-relief-browser-exploits/

Eight fixes for April Patch Tuesday release

Five critical updates in latest monthly patch release.
Five critical updates in latest monthly patch release. The April Patch Tuesday release from Microsoft, revealed this week, contained five updates rated 'critical', as well as two… https://www.virusbulletin.com/blog/2009/04/eight-fixes-april-patch-tuesday-release/

March Patch Tuesday followed by PDF viewer patches

Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable.
Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable.Microsoft released the March security bulletin this week, with the monthly Patch Tuesday updates… https://www.virusbulletin.com/blog/2009/03/march-patch-tuesday-followed-pdf-viewer-patches/

IE fixed as usual in Patch Tuesday release

Browser should be treated as special case, say some.
Browser should be treated as special case, say some. The February 'Patch Tuesday' security bulletin from Microsoft this week contained four patches, two of them marked 'Critical',… https://www.virusbulletin.com/blog/2009/02/ie-fixed-usual-patch-tuesday-release/

MS to release out-of-band patch for critical IE vulnerability

Users advised to patch ASAP.
Users advised to patch ASAP.Microsoft is set to release an emergency out-of-band patch for the vulnerability in its Internet Explorer browser reported last week. Attacks via the… https://www.virusbulletin.com/blog/2008/12/ms-release-out-band-patch-critical-ie-vulnerability/

IE zero-day danger growing

Large numbers of users vulnerable to unpatched problem.
Large numbers of users vulnerable to unpatched problem. The as-yet unpatched vulnerability in Microsoft's Internet Explorer browser, reported last week and coinciding with the… https://www.virusbulletin.com/blog/2008/12/ie-zero-day-danger-growing/

FTC goes after scareware scammers

Courts crack down on pushers of rogue anti-malware.
Courts crack down on pushers of rogue anti-malware. The US Federal Trade Commission (FTC) has announced a successful move to persuade a US district court to shut down a major… https://www.virusbulletin.com/blog/2008/12/ftc-goes-after-scareware-scammers/

Patch Tuesday released closely followed by emergency update

Bumper crop of patches plus further fix leave known holes open.
Bumper crop of patches plus further fix leave known holes open. This month's 'Patch Tuesday' security bulletin from Microsoft contained eight separate updates, two more than… https://www.virusbulletin.com/blog/2008/12/patch-tuesday-released-closely-followed-emergency-update/

Two updates in Microsoft's November's patch release

Just two updates released by Microsoft this month: one rated critical, one important.
Just two updates released by Microsoft this month: one rated critical, one important.Microsoft has issued two updates in the November round of its monthly patch release cycle, one… https://www.virusbulletin.com/blog/2008/11/two-updates-microsoft-s-november-s-patch-release/

« Previous 12 Next »