VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Posted by Martijn Grooten on Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Previous1...2728293031...215Next

Search blog

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.
First discovered at the beginning of the year, the Spora ransomware has become one of of the most prominent ransomware families of 2017, especially in Russia, a region it appears… https://www.virusbulletin.com/blog/2017/12/vb2017-video-spora-saga-continues-k-how-ruin-your-research-week/

Stuxnet infected Natanz plant via carefully selected targets rather than escape from it

Five initial victims of infamous worm named.
Five initial victims of infamous worm named. Today, as Wired journalist Kim Zetter publishes her book Countdown to Zero Day on Stuxnet, researchers from Kaspersky and Symantec… https://www.virusbulletin.com/blog/2014/11/stuxnet-infected-natanz-plant-carefully-selected-targets-rather-escape-it/

Paper: Learning about Bflient through sample analysis

Flexible module-handling mechanism allows malware to adjust functionalities at will.
Flexible module-handling mechanism allows malware to adjust functionalities at will. The history of the 'Bflient' worm goes back to the discovery of its first variants in June… https://www.virusbulletin.com/blog/2014/07/paper-learning-about-bflient-through-sample-analysis/

Flame worm one of the most complex threats ever discovered

Malware possibly used for cyber-espionage.
Malware possibly used for cyber-espionage. The jury is out on whether 'Flame' (also known as 'Flamer' or 'Skywiper') is 'the most lethal cyberweapon to date' as some have claimed,… https://www.virusbulletin.com/blog/2012/05/flame-worm-one-most-complex-threats-ever-discovered/

Contract spam serving malware

Recipients made to believe they have been sent emails accidentally.
Recipients made to believe they have been sent emails accidentally. In a new campaign, spammers are sending out emails that have appear to have contracts attached to them, but… https://www.virusbulletin.com/blog/2010/05/contract-spam-serving-malware/

Worm targets MS08-067 vulnerability

Exploit attack patches flaw once system penetrated.
Exploit attack patches flaw once system penetrated. A worm has been seen taking advantage of the vulnerability in Microsoft's Windows Server Service, patched out-of-cycle last… https://www.virusbulletin.com/blog/2008/12/worm-targets-ms08-067-vulnerability/

Microsoft issues emergency patch

Out-of-cycle update fixes serious, wormable flaw.
Out-of-cycle update fixes serious, wormable flaw.Microsoft has issued an emergency update to cover a serious vulnerability in the Windows Server service, breaking its usual monthly… https://www.virusbulletin.com/blog/2008/10/microsoft-issues-emergency-patch/

Trojan-to-worm automation tool spotted

GUI gizmo adds extra spreading menace to any malware.
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to… https://www.virusbulletin.com/blog/2008/06/trojan-worm-automation-tool-spotted/

Google Groups and Blogspot used to serve malware

Company finds own IP address to be serving most malware.
Company finds own IP address to be serving most malware.Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports. On the… https://www.virusbulletin.com/blog/2008/04/google-groups-and-blogspot-used-serve-malware/

April Storm

April Fools' Day emails contain new variant of infamous worm.
April Fools' Day emails contain new variant of infamous worm. Security researchers report a new wave of spam emails being sent out. The emails, which use subject lines such as… https://www.virusbulletin.com/blog/2008/04/april-storm/

Microsoft research revives 'friendly worm' ideas

Malware techniques proposed as update-spreading method.
Malware techniques proposed as update-spreading method. A group of Microsoft researchers have put forward proposals to use worm techniques to spread patches and updates across… https://www.virusbulletin.com/blog/2008/02/microsoft-research-revives-friendly-worm-ideas/

First virus-writing arrests in Japan

Winny worm authors brought to book - for copyright violation.
Winny worm authors brought to book - for copyright violation. Japan has seen its first ever arrests of virus writers, with three men taken into custody in Kyoto last week and… https://www.virusbulletin.com/blog/2008/01/first-virus-writing-arrests-japan/

Polyglot worm spreads through MSN

Worm changes language to target wide audience.
Worm changes language to target wide audience. A new worm has been discovered that spreads through MSN Messenger. Once active, the worm opens random TCP ports to connect to an IRC… https://www.virusbulletin.com/blog/2008/01/polyglot-worm-spreads-through-msn/

Symbian worm sighted in the wild

Malware pretends to be media or image file.
Malware pretends to be media or image file. A new worm has been sighted in the wild that operates on the Symbian operating system, which is used on many mobile phones. The worm,… https://www.virusbulletin.com/blog/2008/01/symbian-worm-sighted-wild/

Batch of Dutch MP3 players ships with malware

Worm included as unwanted extra for music lovers.
Worm included as unwanted extra for music lovers. A shipment of MP3 players sold in recent months by Dutch firm Victory has been found to be infected with the Fujacks worm, which… https://www.virusbulletin.com/blog/2008/01/batch-dutch-mp3-players-ships-malware/

Fujacks/Panda virus authors sentenced, offered job

Fujacks author put away for four years.
Fujacks author put away for four years. Four men who were charged last month with writing, selling and spreading the W32/Fujacks virus and worm (a.k.a. the 'Panda burning… https://www.virusbulletin.com/blog/2007/09/fujacks-panda-virus-authors-sentenced-offered-job/

New worm spreading via Skype

Multilingual malware posing as porn in chat messages.
Multilingual malware posing as porn in chat messages. VoIP and chat system Skype has been targeted by another worm, sending chat messages to harvested contacts posing as links to… https://www.virusbulletin.com/blog/2007/09/new-worm-spreading-skype/

Four charged with writing Fujacks

Malware authors and sellers appear in Chinese court.
Malware authors and sellers appear in Chinese court. Four men have appeared in a public court in Hubei Province, China, charged with writing, selling and spreading the W32/Fujacks… https://www.virusbulletin.com/blog/2007/08/four-charged-writing-fujacks/

AVK tops latest AV-Test charts

Top four beat 99% in large collection scan.
Top four beat 99% in large collection scan. Testers at AV-Test.org have run 29 products over a massive collection of malware samples, with detection rates measured against 874,822… https://www.virusbulletin.com/blog/2007/08/avk-tops-latest-av-test-charts/

Worm trashes music files

MP3s targeted for destruction.
MP3s targeted for destruction. A new worm has been spotted attempting to delete .mp3 music files from infected systems and attached devices. Once a machine is compromised, the… https://www.virusbulletin.com/blog/2007/08/worm-trashes-music-files/

« Previous 12 Next »