VB Blog

Registration for VB2018 now open!

Posted by Martijn Grooten on May 8, 2018

Registration for VB2018, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.

Posted by Martijn Grooten on May 1, 2018

In April, VB's Martijn Grooten attended the RSA Expo in San Francisco. He shares his views on the expo and the industry.

Posted by Martijn Grooten on Apr 30, 2018

There are a number of security solutions on the market that are designed to increase the default protection provided by Office 365. One such product is the newly launched Kaspersky Security for Microsoft Office 365. Virus Bulletin was commissioned to measure the effectiveness of the Kaspersky product compared to the Office 365 baseline protection.

Posted by Martijn Grooten on Apr 27, 2018

The GravityRAT malware, discovered by Cisco Talos researchers, gives some interesting insight into modern malware development.

Posted by Martijn Grooten on Apr 25, 2018

A BGP hijack was used to take over some of Amazon's DNS infrastructure, which was then used to serve a phishing site to users of the MyEtherWallet service.

Posted by Martijn Grooten on Apr 24, 2018

Various security companies are offering security-focused routers. This is a good trend and may help mitigate a lot of the issues that come with the IoT.

Posted by Virus Bulletin on Apr 23, 2018

Most of the switch from IPv4 to IPv6 will happen seamlessly. But we cannot assume it won't introduce new security issues.

Posted by Martijn Grooten on Apr 19, 2018

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn downloads the Tesla information-stealing trojan.

Posted by Martijn Grooten on Apr 18, 2018

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a workshop on Android reverse engineering at VB2018 in Montreal this October. Last year, Axelle presented a paper at VB2017 on some of the less common tools that can be used to reverse engineer Android malware. Today, we publish both the paper and the recording of Axelle's presentation.

Posted by Martijn Grooten on Apr 16, 2018

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.

Previous1...2122232425...215Next

Search blog

Botnet rented for online extortion

Man who threatened World Cup bookmakers with DDoS attack convicted.
Man who threatened World Cup bookmakers with DDoS attack convicted. A German man who hired a botnet and used it to threaten bookmakers with DDoS attacks during the 2010 FIFA World… https://www.virusbulletin.com/blog/2011/06/botnet-rented-online-extortion/

Zeus source code leaked

Banking trojan among the most advanced of its kind.
Banking trojan among the most advanced of its kind. Researchers at Danish security firm CSIS have discovered that the full source code of the Zeus crime kit has been leaked to… https://www.virusbulletin.com/blog/2011/05/zeus-source-code-leaked/

Smile, you're on a botnet!

Multi-platform Java botnet allows for remote control of webcam and microphone.
Multi-platform Java botnet allows for remote control of webcam and microphone. Researchers have discovered a multi-platform botnet running on the Java Runtime Environment (JRE)… https://www.virusbulletin.com/blog/2011/05/smile-you-re-botnet/

Department of Justice shuts down Coreflood botnet

'Stop' command sent from replaced command and control servers.
'Stop' command sent from replaced command and control servers. Earlier this week the US Department of Justice (DoJ) obtained an unprecedented temporary restraining order (TRO) that… https://www.virusbulletin.com/blog/2011/04/department-justice-shuts-down-coreflood-botnet/

Cutwail botnet sent 1.7 trillion spam messages

Operators made several million through botnet.
Operators made several million through botnet. Researchers from The Last Line of Defense and universities in Bochum and Santa Barbara have shared some insight into the workings of… https://www.virusbulletin.com/blog/2011/03/cutwail-botnet-sent-1-7-trillion-spam-messages/

Spam levels take a nose dive as Rustock apparently taken down - update

Eerie silence from Rustock botnet. Microsoft reported to have co-ordinated take down.
Eerie silence from Rustock botnet. Microsoft reported to have co-ordinated take down. Spam levels have taken a nose dive over the last 24 hours - apparently as a result of a take… https://www.virusbulletin.com/blog/2011/03/spam-levels-take-nose-dive-rustock-apparently-taken-down-update/

Cybercriminals frustrated with botnet trackers

Drastic measures discussed by users of online forum.
Drastic measures discussed by users of online forum. Russian cybercriminals are willing to go to great lengths to frustrate services that hinder botnets created with the ZeuS and… https://www.virusbulletin.com/blog/2011/03/cybercriminals-frustrated-botnet-trackers/

ENISA calls for revised botnet measurements

EU agency says current measures of botnet threat are misleading.
EU agency says current measures of botnet threat are misleading. European cyber security agency, ENISA (the European Network and Information Security Agency) has called for a… https://www.virusbulletin.com/blog/2011/03/enisa-calls-revised-botnet-measurements/

New peer-to-peer botnet discovered

New botnet shares fast flux DNS and other similarities with Storm and Waledac.
New botnet shares fast flux DNS and other similarities with Storm and Waledac. In the last few days of 2010, security researchers discovered a new botnet that shares many… https://www.virusbulletin.com/blog/2011/01/new-peer-peer-botnet-discovered/

41% of spam sent via Rustock botnet

Botnet spam back after short summer break.
Botnet spam back after short summer break. In its latest intelligence report, security firm MessageLabs reports that 41% of all spam is being sent through the Rustock botnet, an… https://www.virusbulletin.com/blog/2010/08/41-spam-sent-rustock-botnet/

Mariposa bot herders apply for job with security firm

Applicants weren't successful, but may not see prison either.
Applicants weren't successful, but may not see prison either.Panda Labs' Luis Corrons believed he was the victim if a practical joke when two people who had been involved in the… https://www.virusbulletin.com/blog/2010/05/mariposa-bot-herders-apply-job-security-firm/

Botnet taken down as ringleaders are arrested

'Mariposa' included almost 13 million zombies.
'Mariposa' included almost 13 million zombies. Spanish authorities have managed to take down the Mariposa botnet - one of the largest of its kind which is believed to have infected… https://www.virusbulletin.com/blog/2010/03/botnet-taken-down-ringleaders-are-arrested/

Botnets becoming more robust

Zeus botnet used Amazon's in-the-cloud service to control bots.
Zeus botnet used Amazon's in-the-cloud service to control bots. New reports by MessageLabs and McAfee show that botherders have learned a lesson following the take-down of McColo… https://www.virusbulletin.com/blog/2009/12/botnets-becoming-more-robust/

Take-down of rogue ISP sees temporary drop in spam levels

Spam levels back to normal within a few days.
Spam levels back to normal within a few days. The take-down of the rogue ISP Real Host on 1 August saw spam levels temporarily drop by more than a third, Messagelabs claims in its… https://www.virusbulletin.com/blog/2009/08/take-down-rogue-isp-sees-temporary-drop-spam-levels/

Yxe trojan infecting mobile phones

Symbian software-signing slipup certifies SMS spambot.
Symbian software-signing slipup certifies SMS spambot. A new trojan, the first of its kind, is affecting users of the Symbian mobile operating system by spreading itself via text… https://www.virusbulletin.com/blog/2009/07/yxe-trojan-infecting-mobile-phones/

McColo shutdown not felt the same by all recipients

Mailbox-level reduction may depend on spam detection methods.
Mailbox-level reduction may depend on spam detection methods. When the rogue provider McColo was taken offline in November 2008, depriving many botnets of their command and control… https://www.virusbulletin.com/blog/2009/07/mccolo-shutdown-not-felt-same-all-recipients/

Five botnets responsible for 75% of spam sent

Each infected machine sends spam at rate of almost two messages per second.
Each infected machine sends spam at rate of almost two messages per second.Spam levels have increased 60% since the beginning of this year, according to security company Marshal8e6… https://www.virusbulletin.com/blog/2009/07/five-botnets-responsible-75-spam-sent/

Korea DDoS surge mired in hype and confusion

Rows rumble on over sources and targets of botnet attacks.
Rows rumble on over sources and targets of botnet attacks. Last week's gush of denial-of-service attacks has sparked considerable excitement and argument, with rumours of possible… https://www.virusbulletin.com/blog/2009/07/korea-ddos-surge-mired-hype-and-confusion/

BBC botnet hijack proves controversial

Legal issues raised by broadcaster's demo of spamming, DDoS, cleanup attempt.
Legal issues raised by broadcaster's demo of spamming, DDoS, cleanup attempt. A BBC report into the dangers of botnets has got the corporation into hot water, after reporters took… https://www.virusbulletin.com/blog/2009/03/bbc-botnet-hijack-proves-controversial/

MS forms anti-Conficker alliance

Industry group to combine efforts, reward offered.
Industry group to combine efforts, reward offered.Microsoft has announced a collaborative effort to combat the Conficker (aka Downadup) botnet, the widespread infection making… https://www.virusbulletin.com/blog/2009/02/ms-forms-anti-conficker-alliance/

« Previous 12345 Next »