VB Blog

VB2021 localhost call for papers: a great opportunity

Posted by Virus Bulletin on Mar 17, 2021

VB2021 localhost presents an exciting opportunity to share your research with an even wider cross section of the IT security community around the world than usual, without having to take time out of your work schedule (or budget) to travel.

Posted by Virus Bulletin on Mar 2, 2021

In a follow-up to an article published last week, Kurt Natvig takes us through the analysis of a new malicious sample using the .xlsb file format.

Posted by Virus Bulletin on Feb 23, 2021

In a new article, researcher Kurt Natvig takes a close look at XF 4.0 malware.

Posted by Virus Bulletin on Jan 29, 2021

At VB2019, CSIS researcher Benoît Ancel spoke about a quiet banking trojan actor that has been targeting German users since at least 2014.

Posted by Virus Bulletin on Jan 19, 2021

The call for papers for VB2021 is now open and we want to hear from you - we're planning for flexible presentation formats, so everyone is encouraged to submit, regardless of whether or not you know at this stage whether you'll be able to travel to Prague!

Posted by Virus Bulletin on Jan 11, 2021

We were very sorry to learn of the passing of researcher Yonathan Klijnsma last week. Here, former VB Editor Martijn Grooten shares his memories of a talented researcher and a very kind person: this month, infosec lost a really good one.

Posted by Virus Bulletin on Jan 8, 2021

VB has made all VB2020 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Posted by Virus Bulletin on Dec 8, 2020

At VB2020 localhost, threat intelligence consultant Jamie Collier used the analytical technique of backcasting to look at the rise and fall of the cyber threat intelligence industry.

Posted by Virus Bulletin on Dec 4, 2020

At VB2020 localhost, Carbon Black's Scott Knight presented an approach he and his colleagues have taken to more realistically simulate malware attacks.

Posted by Virus Bulletin on Dec 2, 2020

At VB2020, researcher Paul Litvak revealed how he put together a comprehensive map of threat actor use of open-source offensive security tools.

Previous1234567...215Next

Search blog

Botnet rented for online extortion

Man who threatened World Cup bookmakers with DDoS attack convicted.
Man who threatened World Cup bookmakers with DDoS attack convicted. A German man who hired a botnet and used it to threaten bookmakers with DDoS attacks during the 2010 FIFA World… https://www.virusbulletin.com/blog/2011/06/botnet-rented-online-extortion/

Zeus source code leaked

Banking trojan among the most advanced of its kind.
Banking trojan among the most advanced of its kind. Researchers at Danish security firm CSIS have discovered that the full source code of the Zeus crime kit has been leaked to… https://www.virusbulletin.com/blog/2011/05/zeus-source-code-leaked/

Smile, you're on a botnet!

Multi-platform Java botnet allows for remote control of webcam and microphone.
Multi-platform Java botnet allows for remote control of webcam and microphone. Researchers have discovered a multi-platform botnet running on the Java Runtime Environment (JRE)… https://www.virusbulletin.com/blog/2011/05/smile-you-re-botnet/

Department of Justice shuts down Coreflood botnet

'Stop' command sent from replaced command and control servers.
'Stop' command sent from replaced command and control servers. Earlier this week the US Department of Justice (DoJ) obtained an unprecedented temporary restraining order (TRO) that… https://www.virusbulletin.com/blog/2011/04/department-justice-shuts-down-coreflood-botnet/

Cutwail botnet sent 1.7 trillion spam messages

Operators made several million through botnet.
Operators made several million through botnet. Researchers from The Last Line of Defense and universities in Bochum and Santa Barbara have shared some insight into the workings of… https://www.virusbulletin.com/blog/2011/03/cutwail-botnet-sent-1-7-trillion-spam-messages/

Spam levels take a nose dive as Rustock apparently taken down - update

Eerie silence from Rustock botnet. Microsoft reported to have co-ordinated take down.
Eerie silence from Rustock botnet. Microsoft reported to have co-ordinated take down. Spam levels have taken a nose dive over the last 24 hours - apparently as a result of a take… https://www.virusbulletin.com/blog/2011/03/spam-levels-take-nose-dive-rustock-apparently-taken-down-update/

Cybercriminals frustrated with botnet trackers

Drastic measures discussed by users of online forum.
Drastic measures discussed by users of online forum. Russian cybercriminals are willing to go to great lengths to frustrate services that hinder botnets created with the ZeuS and… https://www.virusbulletin.com/blog/2011/03/cybercriminals-frustrated-botnet-trackers/

ENISA calls for revised botnet measurements

EU agency says current measures of botnet threat are misleading.
EU agency says current measures of botnet threat are misleading. European cyber security agency, ENISA (the European Network and Information Security Agency) has called for a… https://www.virusbulletin.com/blog/2011/03/enisa-calls-revised-botnet-measurements/

New peer-to-peer botnet discovered

New botnet shares fast flux DNS and other similarities with Storm and Waledac.
New botnet shares fast flux DNS and other similarities with Storm and Waledac. In the last few days of 2010, security researchers discovered a new botnet that shares many… https://www.virusbulletin.com/blog/2011/01/new-peer-peer-botnet-discovered/

41% of spam sent via Rustock botnet

Botnet spam back after short summer break.
Botnet spam back after short summer break. In its latest intelligence report, security firm MessageLabs reports that 41% of all spam is being sent through the Rustock botnet, an… https://www.virusbulletin.com/blog/2010/08/41-spam-sent-rustock-botnet/

Mariposa bot herders apply for job with security firm

Applicants weren't successful, but may not see prison either.
Applicants weren't successful, but may not see prison either.Panda Labs' Luis Corrons believed he was the victim if a practical joke when two people who had been involved in the… https://www.virusbulletin.com/blog/2010/05/mariposa-bot-herders-apply-job-security-firm/

Botnet taken down as ringleaders are arrested

'Mariposa' included almost 13 million zombies.
'Mariposa' included almost 13 million zombies. Spanish authorities have managed to take down the Mariposa botnet - one of the largest of its kind which is believed to have infected… https://www.virusbulletin.com/blog/2010/03/botnet-taken-down-ringleaders-are-arrested/

Botnets becoming more robust

Zeus botnet used Amazon's in-the-cloud service to control bots.
Zeus botnet used Amazon's in-the-cloud service to control bots. New reports by MessageLabs and McAfee show that botherders have learned a lesson following the take-down of McColo… https://www.virusbulletin.com/blog/2009/12/botnets-becoming-more-robust/

Take-down of rogue ISP sees temporary drop in spam levels

Spam levels back to normal within a few days.
Spam levels back to normal within a few days. The take-down of the rogue ISP Real Host on 1 August saw spam levels temporarily drop by more than a third, Messagelabs claims in its… https://www.virusbulletin.com/blog/2009/08/take-down-rogue-isp-sees-temporary-drop-spam-levels/

McColo shutdown not felt the same by all recipients

Mailbox-level reduction may depend on spam detection methods.
Mailbox-level reduction may depend on spam detection methods. When the rogue provider McColo was taken offline in November 2008, depriving many botnets of their command and control… https://www.virusbulletin.com/blog/2009/07/mccolo-shutdown-not-felt-same-all-recipients/

Yxe trojan infecting mobile phones

Symbian software-signing slipup certifies SMS spambot.
Symbian software-signing slipup certifies SMS spambot. A new trojan, the first of its kind, is affecting users of the Symbian mobile operating system by spreading itself via text… https://www.virusbulletin.com/blog/2009/07/yxe-trojan-infecting-mobile-phones/

Five botnets responsible for 75% of spam sent

Each infected machine sends spam at rate of almost two messages per second.
Each infected machine sends spam at rate of almost two messages per second.Spam levels have increased 60% since the beginning of this year, according to security company Marshal8e6… https://www.virusbulletin.com/blog/2009/07/five-botnets-responsible-75-spam-sent/

Korea DDoS surge mired in hype and confusion

Rows rumble on over sources and targets of botnet attacks.
Rows rumble on over sources and targets of botnet attacks. Last week's gush of denial-of-service attacks has sparked considerable excitement and argument, with rumours of possible… https://www.virusbulletin.com/blog/2009/07/korea-ddos-surge-mired-hype-and-confusion/

BBC botnet hijack proves controversial

Legal issues raised by broadcaster's demo of spamming, DDoS, cleanup attempt.
Legal issues raised by broadcaster's demo of spamming, DDoS, cleanup attempt. A BBC report into the dangers of botnets has got the corporation into hot water, after reporters took… https://www.virusbulletin.com/blog/2009/03/bbc-botnet-hijack-proves-controversial/

MS forms anti-Conficker alliance

Industry group to combine efforts, reward offered.
Industry group to combine efforts, reward offered.Microsoft has announced a collaborative effort to combat the Conficker (aka Downadup) botnet, the widespread infection making… https://www.virusbulletin.com/blog/2009/02/ms-forms-anti-conficker-alliance/

« Previous 12345 Next »