VB Blog

VB2017 paper: Nine circles of Cerber

Posted by   Martijn Grooten on   Dec 15, 2017

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more  

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Posted by   Martijn Grooten on   Dec 14, 2017

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more  

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Posted by   Martijn Grooten on   Dec 14, 2017

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more  

Security Planner gives security advice based on your threat model

Posted by   Martijn Grooten on   Dec 13, 2017

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more  

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Posted by   Martijn Grooten on   Dec 11, 2017

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more  

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Posted by   Martijn Grooten on   Dec 7, 2017

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more  

VB2017 paper: Peering into spam botnets

Posted by   Martijn Grooten on   Dec 1, 2017

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more  

Throwback Thursday: Anti-malware testing undercover

Posted by   Martijn Grooten on   Nov 30, 2017

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more  

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Posted by   Martijn Grooten on   Nov 30, 2017

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more  

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more  
Previous1...2627282930...215Next

Search blog

Latest VBWeb report describes current state of the web-based threat landscape

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.
VBWeb Comparative Review - Winter 2020 Read the report (HTML) Download the report (PDF)   If you are interested in having your product tested either publicly or privately, or… https://www.virusbulletin.com/blog/2020/01/latest-vbweb-report-describes-current-state-web-based-threat-landscape/

Virus Bulletin says a fond farewell and thank you to Martijn Grooten

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.
Thirteen years ago, VB was searching for a web developer to join the very small team based in Oxfordshire, UK. A CV came in from one Martijn Grooten, a former Ph.D. student in… https://www.virusbulletin.com/blog/2019/12/virus-bulletin-says-fond-farewell-and-thank-you-martijn-grooten/

Job vacancy at VB: Security Evangelist

Virus Bulletin is recruiting for a person to be the public face of the company
Virus Bulletin is a small company with a largely remote team based all over Europe that is placed at the heart of the IT security industry. Through its product testing, annual… https://www.virusbulletin.com/blog/2019/11/job-vacancy-vb-security-evangelist/

VB tests the web security products that play an important role in fending off web-based threats

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.
The web continues to be a major infection vector for individuals and organisations alike. Though the number of drive-by download attacks (often through exploit kits) is down from… https://www.virusbulletin.com/blog/2019/10/vb-tests-web-security-products-play-important-role-fending-web-based-threats/

Virus Bulletin researcher discovers new Lord exploit kit

Still in-development kit thus far only targets Flash Player vulnerabilities
The number of active exploit kits is very small: the recently published summer 2019 edition of Malwarebytes' quarterly round-up lists the seven then known active exploit kits. To… https://www.virusbulletin.com/blog/2019/08/virus-bulletin-researcher-discovers-new-lord-exploit-kit/

Subscribe to the relaunched Virus Bulletin eNews newsletter

Subscribe to the re-launched Virus Bulletin eNews Newsletter to receive regular updates on the latest threat intelligence sources directly in your inbox.
Today, we relaunched the Virus Bulletin eNews newsletter. The newsletter provides weekly updates of what is happening both at Virus Bulletin and in the wider security… https://www.virusbulletin.com/blog/2018/11/subscribe-relaunched-virus-bulletin-enews-newsletter/

VB2017 paper: The life story of an IPT - Inept Persistent Threat actor

At VB2017 in Madrid, Polish security researcher and journalist Adam Haertlé presented a paper about a very inept persistent threat. Today, we publish both the paper and the recording of Adam's presentation.
Last Wednesday, Belgium-based Polish hacker Thomasz T. was arrested during a visit to his home country. Thomasz is believed to be the author of the Polski, Vortex, and Flotera… https://www.virusbulletin.com/blog/2018/03/vb2017-paper-life-story-ipt-inept-persistent-threat-actor/

Throwback Thursday: CARO: A personal view

This week sees the 11th International CARO Workshop taking place in Krakow, Poland – a prestigious annual meeting of anti-malware and security experts. As a founding member of CARO, Fridrik Skulason was well placed, in August 1994, to shed some light on t…
This week sees the 11th International CARO Workshop taking place in Krakow, Poland – a prestigious annual meeting of anti-malware and security experts which, this year, is themed… https://www.virusbulletin.com/blog/2017/may/throwback-thursday-caro-personal-view/

Throwback Thursday: Tools of the DDoS Trade

As DDoS attacks become costlier to fix and continue to increase in both number and diversity, we turn back the clock to 2000, when Aleksander Czarnowski took a look at the DDoS tools of the day.
According to a recent report by analytics firm Neustar (summarized in a Threatpost blog post here), DDoS attacks are on the increase, are taking longer to detect, and are costing… https://www.virusbulletin.com/blog/2017/may/throwback-thursday-tools-ddos-trade/

Virus Bulletin says a fond farewell to John Hawes

As VB's COO John Hawes moves on to new challenges, the team wish him a fond farewell and good luck in his future endeavours.
Ten years ago, when I joined the very small Virus Bulletin team, the risk of computer viruses accidentally spreading to millions of PCs was still considered very real. Hence my… https://www.virusbulletin.com/blog/2017/03/virus-bulletin-says-fond-farewell-john-hawes/

Throwback Thursday: Once a researcher...

VB was saddened to learn this week of the passing of one of the pioneers of the AV industry, Ross Greenberg. This Throwback Thursday we look back at an interview with Ross in November 1995.
VB was saddened to learn this week of the passing of one of the pioneers of the AV industry, Ross M. Greenberg.   Ross Greenberg, author of Flushot, Virex PC, and… https://www.virusbulletin.com/blog/2017/02/throwback-thursday-once-researcher/

Throwback Thursday: A troubled world

In early 1991, the world was a troubled place and conflict and violence were being reported globally on a daily basis. With this as a backdrop, the world of "indiscriminate" computer viruses which "victimise in a random and unpredictable manner" seemed re…
In early 1991, the world was a troubled place – President George H. W. Bush had just announced the start of military Operation Desert Storm and conflict and violence were being… https://www.virusbulletin.com/blog/2017/02/throwback-thursday-troubled-world/

Virus Bulletin's job site for recruiters and job seekers

Virus Bulletin has relaunched its security job vacancy service and added a new section, in which job seekers can advertise their skills and experience.
Security is doing well. Not necessarily the security of your personal devices, corporate networks and critical infrastructure, but as an area to work in, IT security seems to be a… https://www.virusbulletin.com/blog/2016/05/looking-job-or-fill-vacancy-virus-bulletin-here-help/

Throwback Thursday: The Number of the Beasts

The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, recording the number of incidents of each virus reported to VB in the preceding mo…
The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, each… https://www.virusbulletin.com/blog/2016/04/throwback-thursday-number-beasts1/

Throwback Thursday: 'In the Beginning was the Word...'

Word and Excel’s internal file formats used to be something in which few were interested – until macro viruses came along and changed all that. In 1996, Andrew Krukov provided an overview of the new breed of viruses.
Microsoft has recently introduced a new feature to Office 2016: the ability to block macros,in an attempt to curb the spread of macro malware, which is once again on the rise.… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-beginning-was-word/

Virus Bulletin publishes first web filter test report

After a lot of preparation, Virus Bulletin is proud to have published the first "VBWeb" comparative web filter test report, in which products' ability to block web-based malware and drive-by downloads was tested. Fortinet's FortiGuard appliance was the fi…
Virus Bulletin has been testing security products for more than 18 years, and in recent years, we have had many requests from product developers asking us to test their web… https://www.virusbulletin.com/blog/2016/02/virus-bulletin-published-first-corporate-web-filter-test-report/

Throwback Thursday: Peter-II - Three Questions of The Sphinx

This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia.
This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia. Over recent years we have… https://www.virusbulletin.com/blog/2016/01/throwback-thursday-peter-ii-three-questions-sphinx/

Throwback Thursday: I say Virus, You say Trojan

This Throwback Thursday, VB heads back to 1998 — a time when anti-virus vendors avoided tackling non-replicating trojans, worms, jokes and corrupted files.
This Throwback Thursday, VB heads back to 1998 — a time when anti-virus vendors avoided tackling non-replicating trojans, worms, jokes and corrupted files. Today, the idea of… https://www.virusbulletin.com/blog/2016/01/throwback-thursday-i-say-virus-you-say-trojan/

Throwback Thursday: A View from the Lab

This Throwback Thursday, VB heads back to 1997 with 'A View from the Lab'.
This Throwback Thursday, VB heads back to 1997 with 'A View from the Lab'. According to its website, the AV-TEST Institute currently registers over 390,000 new malicious programs… https://www.virusbulletin.com/blog/2015/12/throwback-thursday-view-lab/

Throwback Thursday: Legal attempts to reduce spam. A UK perspective

This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'.
This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'. While, today, spam is a… https://www.virusbulletin.com/blog/2015/11/throwback-thursday-legal-attempts-reduce-spam-uk-perspective/

« Previous 1234567...10 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.