VB Blog

VB2018 preview: hacking cars

Posted by   Martijn Grooten on   Sep 21, 2018

In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners and manufacturers. On today's blog we preview two VB2018 papers, by Inbar Raz and Spencer Hsieh, that look at the subject of hacking cars.

Read more  

Where are all the ‘A’s in APT?

Posted by   Virus Bulletin on   Sep 20, 2018

In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.

Read more  

VB2018 preview: commercial spyware and its use by governments

Posted by   Martijn Grooten on   Sep 19, 2018

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.

Read more  

VB2018 preview: Wipers in the wild

Posted by   Martijn Grooten on   Sep 18, 2018

Today we preview the VB2018 paper by Saher Naumaan (BAE Systems Applied Intelligence) on the use of wipers in APT attacks.

Read more  

VB2018 preview: IoT botnets

Posted by   Martijn Grooten on   Sep 17, 2018

The VB2018 programme is packed with a wide range of security topics featuring speakers from all around the world. Today we preview two of them: one by Qihoo 360 researchers on tracking variants of Mirai and one by researchers from Bitdefender on the peer-to-peer Hide'n'Seek botnet.

Read more  

VB2018: last-minute talks announced

Posted by   Martijn Grooten on   Sep 10, 2018

We are excited to announce the final additions to the VB2018 programme in the form of 10 'last-minute' papers covering up-to-the-minute research and hot topics and two more invited talks.

Read more  

VB2018 preview: Since the hacking of Sony Pictures

Posted by   Martijn Grooten on   Sep 7, 2018

At VB2018, AhnLab researcher Minseok Cha will look at activities of the Lazarus Group on the Korean peninsula going back as early as April 2011.

Read more  

Book review: Click Here to Kill Everybody

Posted by   Virus Bulletin on   Sep 6, 2018

Paul Baccas reviews Bruce Schneier's latest thought-provoking book, 'Click Here to Kill Everybody'.

Read more  

Spam is mostly noise and that makes measuring it very difficult

Posted by   Martijn Grooten on   Sep 3, 2018

A brief analysis by Recorded Future suggests that the volume of spam and new domain registrations hasn't increased since the GDPR came into effect.

Read more  

Virus Bulletin announces programme of the first International Threat Intelligence Summit

Posted by   Martijn Grooten on   Aug 29, 2018

VB is thrilled to announce the programme of the first International Threat Intelligence Summit that will form an integral part of the VB2018 conference programme.

Read more  
Previous1...1718192021...215Next

Search blog

VB2018 paper: Little Brother is watching – we know all your secrets!

At VB2018 in Montreal, researchers from Fraunhofer SIT looked at privacy vulnerabilities in legitimate Android family-tracking apps that leaked location data. Today, we publish both their paper and the video of their presentation.
The use of mobile spyware to spy on (ex-)partners is an underreported problem, despite the prevalence of such apps and their use in cases of domestic violence. At VB2017 in… https://www.virusbulletin.com/blog/2019/02/vb2018-paper-little-brother-watching-we-know-all-your-secrets/

VB2018 paper: From Hacking Team to hacked team to…?

Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.
It is good practice not to mock or laugh at hacking victims. But when the victim is a company that itself is in the business of hacking and has a habit of selling its products and… https://www.virusbulletin.com/blog/2019/01/vb2018-paper-hacking-team-hacked-team/

VB2018 presentation: The wolf in sheep's clothing - undressed

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst ki…
In recent years, we have seen a trend of commercial spyware being sold to governments. This is a very controversial subject, not least because of the frequent use of this spyware… https://www.virusbulletin.com/blog/2018/10/wolf-sheeps-clothing-undressed/

VB2018 preview: commercial spyware and its use by governments

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.
Yesterday, a new report by Citizen Lab looked at NSO Group's Pegasus spyware and its global use. The report is worth a read, for the political implications of the findings, for… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-commercial-spyware-and-its-use-governments/

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.
A new research paper by digital rights organization Access Now looks at how FinFisher has been used against people interested in anti-government protests in Turkey. Through… https://www.virusbulletin.com/blog/2018/05/turkish-twitter-users-targeted-mobile-finfisher-spyware/

VB2017 video: FinFisher: New techniques and infection vectors revealed

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.
Over the last few years, the infamous FinFisher government spyware (already the subject of a VB2013 paper) has done a good job of staying under the radar. Recently, however, it… https://www.virusbulletin.com/blog/2017/11/vb2017-video-finfisher-new-techniques-and-infection-vectors-revealed/

Hot FinSpy research completes VB2017 programme

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days (CVE-2017-0199 and… https://www.virusbulletin.com/blog/2017/09/hot-finspy-research-makes-vb2017-programme-complete/

Consumer spyware: a serious threat with a different threat model

Consumer spyware is a growing issue and one that can have serious consequences: its use is increasingly common in domestic violence. But do our threat models consider the attacker with physical access to, and inside knowledge of the victim?
We all know the risks of having a device infected with malware: an anonymous adversary far away can encrypt your files and hold them to ransom; they can steal your personal data… https://www.virusbulletin.com/blog/2017/04/consumer-spyware-serious-threat-different-threat-model/

Those doing bad things deserve privacy too

Hacking Team leakers should have taken a leaf out of Snowden's book.
Hacking Team leakers should have taken a leaf out of Snowden's book. I can understand, at least in principle, that targeted malware could be used by law enforcement agencies for… https://www.virusbulletin.com/blog/2015/07/those-doing-bad-things-deserve-privacy-too/

Little sympathy for breached Hacking Team

Lists of customers, source code and zero-day vulnerabilities made public.
Lists of customers, source code and zero-day vulnerabilities made public. The biggest security story of this week, and probably one of the biggest of the year, is the hack of… https://www.virusbulletin.com/blog/2015/07/little-sympathy-breached-hacking-team/

Detekt tool searches PCs for traces of surveillance spyware

Second opinion essential in circumstances under which likely victims operate.
Second opinion essential in circumstances under which likely victims operate. Last week, the release of the free 'Detekt' tool was announced. Developed by Claudio Guarnieri and… https://www.virusbulletin.com/blog/2014/11/detekt-tool-searches-pcs-traces-surveillance-spyware/

Cheap Android phone comes shipped with spyware

Trojan masquerades as Google Play app; cannot be removed.
Trojan masquerades as Google Play app; cannot be removed. Researchers at German security firm G Data have discovered Android smartphones that come shipped with spyware. The phone… https://www.virusbulletin.com/blog/2014/06/cheap-android-phone-comes-shipped-spyware/

Opposition activists in Asia and Africa targeted by spyware developed by Western companies

Mozilla angry about use of its brand and logo.
Mozilla angry about use of its brand and logo. A new report has been released on the commercialization of digital spying, which thoroughly analyses a number of pieces of spyware… https://www.virusbulletin.com/blog/2013/05/opposition-activists-asia-and-africa-targeted-spyware-developed-western-companies/

UK to adopt Euro police hacking scheme

Remote search and cyber patrol plans approved.
Remote search and cyber patrol plans approved. The UK Home Office has signed up to a European initiative, proposed in November, to grant police forces greater powers to hack into… https://www.virusbulletin.com/blog/2009/01/uk-adopt-euro-police-hacking-scheme/

Spyware gang sneaks millions from SA government

32 arrested but South Africa theft scam thought to be ongoing.
32 arrested but South Africa theft scam thought to be ongoing. An orchestrated series of spyware infiltrations has netted scammers over £12.8 million ($24.7 million) from the South… https://www.virusbulletin.com/blog/2008/06/spyware-gang-sneaks-millions-sa-government/

Complex attack targets Better Business Bureau

Sophisticated scam uses personalised mails, real site redirects.
Sophisticated scam uses personalised mails, real site redirects. A highly sophisticated email phishing scam is using a redirection flaw in the website of the Better Business Bureau… https://www.virusbulletin.com/blog/2008/02/complex-attack-targets-better-business-bureau/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Zero-day exploit for Japanese word processor Ichitaro

Trend Micro notes increase in regionally targeted attacks as trojan becomes latest to exploit a Ichitaro flaw.
Trend Micro notes increase in regionally targeted attacks as trojan becomes latest to exploit a Ichitaro flaw. A trojan has been found to be exploiting a buffer overflow… https://www.virusbulletin.com/blog/2007/12/zero-day-exploit-japanese-word-processor-ichitaro/

FTC demands more power against spyware

Prosecutions and fines needed to deter badware makers.
Prosecutions and fines needed to deter badware makers. Representatives of the US Federal Trade Commission (FTC), the consumer protection body which has seen some success in the… https://www.virusbulletin.com/blog/2007/10/ftc-demands-more-power-against-spyware/

Spyware maker Direct Revenue closes doors

Notorious company forced out of business by legal actions.
Notorious company forced out of business by legal actions. After numerous lawsuits and fines, adware and spyware maker Direct Revenue is no more. The firm behind a swathe of… https://www.virusbulletin.com/blog/2007/10/spyware-maker-direct-revenue-closes-doors/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.