VB Blog

VB2019 preview: A study of Machete cyber espionage operations in Latin America

Posted by   Martijn Grooten on   Aug 22, 2019

Researchers from the Czech Technical University in Prague will present a very comprehensive overview of the Machete APT group.

Read more  

AfricaHackon 2019: a great event and a reminder that security is global

Posted by   Martijn Grooten on   Aug 19, 2019

Last week, VB Editor Martijn Grooten travelled to the Kenyan capital Nairobi to speak at the 6th edition of the AfricaHackon event.

Read more  

Virus Bulletin researcher discovers new Lord exploit kit

Posted by   Martijn Grooten on   Aug 5, 2019

Still in-development kit thus far only targets Flash Player vulnerabilities

Read more  

VB2019 call for last-minute papers opened

Posted by   Martijn Grooten on   Jul 29, 2019

The call for last-minute papers for VB2019 is now open. Submit before 1 September to have your abstract considered for one of the nine slots reserved for 'hot' research.

Read more  

Nominations opened for sixth Péter Szőr Award

Posted by   Martijn Grooten on   Jul 4, 2019

Virus Bulletin is seeking nominations for the sixth annual Péter Szőr Award.

Read more  

Haroon Meer and Adrian Sanabria to deliver VB2019 closing keynote

Posted by   Martijn Grooten on   Jun 25, 2019

New additions to the VB2019 conference programme include a closing keynote address from Thinkst duo Haroon Meer and Adrian Sanabria and a talk on attacks against payment systems.

Read more  

Free VB2019 tickets for students

Posted by   Martijn Grooten on   Jun 21, 2019

Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we are able to offer 20 free tickets to students who want to attend VB2019.

Read more  

VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

Posted by   Martijn Grooten on   Jun 4, 2019

The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups seen in recent years. At VB2018 ESET researchers Peter Kálnai and Michal Poslušný presented a paper looking at the group's various campaigns. Today, we publish their paper and the recording of their presentation.

Read more  

Book your VB2019 ticket now for a chance to win a ticket for BSides London

Posted by   Virus Bulletin on   May 29, 2019

Virus Bulletin is proud to sponsor this year's BSides London conference, which will take place next week, and we have a number of tickets to give away.

Read more  

First 11 partners of VB2019 announced

Posted by   Virus Bulletin on   May 15, 2019

We are excited to announce the first 11 companies to partner with VB2019, whose support will help ensure a great event.

Read more  
Previous1...1011121314...215Next

Search blog

VB2018 paper: Little Brother is watching – we know all your secrets!

At VB2018 in Montreal, researchers from Fraunhofer SIT looked at privacy vulnerabilities in legitimate Android family-tracking apps that leaked location data. Today, we publish both their paper and the video of their presentation.
The use of mobile spyware to spy on (ex-)partners is an underreported problem, despite the prevalence of such apps and their use in cases of domestic violence. At VB2017 in… https://www.virusbulletin.com/blog/2019/02/vb2018-paper-little-brother-watching-we-know-all-your-secrets/

VB2018 paper: From Hacking Team to hacked team to…?

Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.
It is good practice not to mock or laugh at hacking victims. But when the victim is a company that itself is in the business of hacking and has a habit of selling its products and… https://www.virusbulletin.com/blog/2019/01/vb2018-paper-hacking-team-hacked-team/

VB2018 presentation: The wolf in sheep's clothing - undressed

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst ki…
In recent years, we have seen a trend of commercial spyware being sold to governments. This is a very controversial subject, not least because of the frequent use of this spyware… https://www.virusbulletin.com/blog/2018/10/wolf-sheeps-clothing-undressed/

VB2018 preview: commercial spyware and its use by governments

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.
Yesterday, a new report by Citizen Lab looked at NSO Group's Pegasus spyware and its global use. The report is worth a read, for the political implications of the findings, for… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-commercial-spyware-and-its-use-governments/

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.
A new research paper by digital rights organization Access Now looks at how FinFisher has been used against people interested in anti-government protests in Turkey. Through… https://www.virusbulletin.com/blog/2018/05/turkish-twitter-users-targeted-mobile-finfisher-spyware/

VB2017 video: FinFisher: New techniques and infection vectors revealed

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.
Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper) has done a good job of staying under the radar. Recently, however, it… https://www.virusbulletin.com/blog/2017/11/vb2017-video-finfisher-new-techniques-and-infection-vectors-revealed/

Hot FinSpy research completes VB2017 programme

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days (CVE-2017-0199 and… https://www.virusbulletin.com/blog/2017/09/hot-finspy-research-makes-vb2017-programme-complete/

Consumer spyware: a serious threat with a different threat model

Consumer spyware is a growing issue and one that can have serious consequences: its use is increasingly common in domestic violence. But do our threat models consider the attacker with physical access to, and inside knowledge of the victim?
We all know the risks of having a device infected with malware: an anonymous adversary far away can encrypt your files and hold them to ransom; they can steal your personal data… https://www.virusbulletin.com/blog/2017/04/consumer-spyware-serious-threat-different-threat-model/

Those doing bad things deserve privacy too

Hacking Team leakers should have taken a leaf out of Snowden's book.
Hacking Team leakers should have taken a leaf out of Snowden's book. I can understand, at least in principle, that targeted malware could be used by law enforcement agencies for… https://www.virusbulletin.com/blog/2015/07/those-doing-bad-things-deserve-privacy-too/

Little sympathy for breached Hacking Team

Lists of customers, source code and zero-day vulnerabilities made public.
Lists of customers, source code and zero-day vulnerabilities made public. The biggest security story of this week, and probably one of the biggest of the year, is the hack of… https://www.virusbulletin.com/blog/2015/07/little-sympathy-breached-hacking-team/

Detekt tool searches PCs for traces of surveillance spyware

Second opinion essential in circumstances under which likely victims operate.
Second opinion essential in circumstances under which likely victims operate. Last week, the release of the free 'Detekt' tool was announced. Developed by Claudio Guarnieri and… https://www.virusbulletin.com/blog/2014/11/detekt-tool-searches-pcs-traces-surveillance-spyware/

Cheap Android phone comes shipped with spyware

Trojan masquerades as Google Play app; cannot be removed.
Trojan masquerades as Google Play app; cannot be removed. Researchers at German security firm G Data have discovered Android smartphones that come shipped with spyware. The phone… https://www.virusbulletin.com/blog/2014/06/cheap-android-phone-comes-shipped-spyware/

Opposition activists in Asia and Africa targeted by spyware developed by Western companies

Mozilla angry about use of its brand and logo.
Mozilla angry about use of its brand and logo. A new report has been released on the commercialization of digital spying, which thoroughly analyses a number of pieces of spyware… https://www.virusbulletin.com/blog/2013/05/opposition-activists-asia-and-africa-targeted-spyware-developed-western-companies/

UK to adopt Euro police hacking scheme

Remote search and cyber patrol plans approved.
Remote search and cyber patrol plans approved. The UK Home Office has signed up to a European initiative, proposed in November, to grant police forces greater powers to hack into… https://www.virusbulletin.com/blog/2009/01/uk-adopt-euro-police-hacking-scheme/

Spyware gang sneaks millions from SA government

32 arrested but South Africa theft scam thought to be ongoing.
32 arrested but South Africa theft scam thought to be ongoing. An orchestrated series of spyware infiltrations has netted scammers over £12.8 million ($24.7 million) from the South… https://www.virusbulletin.com/blog/2008/06/spyware-gang-sneaks-millions-sa-government/

Complex attack targets Better Business Bureau

Sophisticated scam uses personalised mails, real site redirects.
Sophisticated scam uses personalised mails, real site redirects. A highly sophisticated email phishing scam is using a redirection flaw in the website of the Better Business Bureau… https://www.virusbulletin.com/blog/2008/02/complex-attack-targets-better-business-bureau/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Zero-day exploit for Japanese word processor Ichitaro

Trend Micro notes increase in regionally targeted attacks as trojan becomes latest to exploit a Ichitaro flaw.
Trend Micro notes increase in regionally targeted attacks as trojan becomes latest to exploit a Ichitaro flaw. A trojan has been found to be exploiting a buffer overflow… https://www.virusbulletin.com/blog/2007/12/zero-day-exploit-japanese-word-processor-ichitaro/

FTC demands more power against spyware

Prosecutions and fines needed to deter badware makers.
Prosecutions and fines needed to deter badware makers. Representatives of the US Federal Trade Commission (FTC), the consumer protection body which has seen some success in the… https://www.virusbulletin.com/blog/2007/10/ftc-demands-more-power-against-spyware/

Spyware maker Direct Revenue closes doors

Notorious company forced out of business by legal actions.
Notorious company forced out of business by legal actions. After numerous lawsuits and fines, adware and spyware maker Direct Revenue is no more. The firm behind a swathe of… https://www.virusbulletin.com/blog/2007/10/spyware-maker-direct-revenue-closes-doors/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.