VB Blog

A Christmas present for the security community

Posted by   Martijn Grooten on   Dec 24, 2016

As a Christmas present for the security community, we have uploaded most of the papers and videos from the VB2015 conference which took place in Prague almost 15 months ago. The Virus Bulletin crew wishes you all the best for 2017!

Read more  

Paper: Spreading techniques used by malware

Posted by   Martijn Grooten on   Dec 21, 2016

In a new paper published by Virus Bulletin, Acalvio researcher Abhishek Singh discusses some of the techniques used by malware to increase its impact by spreading further.

Read more  

VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users

Posted by   Martijn Grooten on   Dec 20, 2016

At VB2016, Kaspersky Lab researcher Kurt Baumgartner delivered a presentation on the StrongPity watering hole attacks that targeted users of encryption technologies, and which were recently featured in a report by Microsoft. Today, we share the video of Kurt's presentation.

Read more  

Conference review: Botconf 2016

Posted by   Martijn Grooten on   Dec 20, 2016

Three members of the Virus Bulletin team attended the Botconf 2016 conference in Lyon, France last month, enjoying talks on subjects that ranged from state-sponsored attacks to exploit kits, and from banking trojans to cyber insurance.

Read more  

Throwback Thursday: Adjust Your Attitude!

Posted by   Helen Martin on   Dec 15, 2016

"Most of you reading this article have the technical skill but do you have the people skills?" In 2000, James Wolfe urged security experts to sell themselves and their services.

Read more  

VB2016 paper: Modern attacks on Russian financial institutions

Posted by   Martijn Grooten on   Dec 12, 2016

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.

Read more  

More on the Moose botnet at Botconf

Posted by   Martijn Grooten on   Dec 2, 2016

At Botconf 2016 this week, GoSecure researchers Masarah Paquet-Clouston and Olivier Bilodeau presented their research on the Moose botnet - something Olivier Bilodeau previously spoke about at VB2015.

Read more  

VB2016 paper: Defeating sandbox evasion: how to increase successful emulation rate in your virtualized environment

Posted by   Martijn Grooten on   Dec 2, 2016

Today, we publish the VB2016 paper and presentation (recording) by Check Point Software researchers Alexander Chailytko and Stanislav Skuratovich, which focuses on the techniques used by malware to detect virtual environments, and provides detailed technical descriptions of what can be done to defeat them.

Read more  

VB2016 paper: Mobile applications: a backdoor into the Internet of Things?

Posted by   Martijn Grooten on   Nov 29, 2016

While the Internet of Things blossoms with newly connected objects every day, the security and privacy of these objects is often overlooked, making the IoT a major security concern. Unfortunately, reverse-engineering so-called smart devices is not an easy task. In her VB2016 paper, Axelle Apvrille presented a novel way of analysing smart devices: by looking at the accompanying mobile app. Today, we publish both Axelle’s paper and the video recording of her VB2016 presentation.

Read more  

VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks

Posted by   Martijn Grooten on   Nov 21, 2016

Today, we publish the VB2016 paper and presentation (recording) by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Brian Bartholomew, in which they look at some of the deception tactics used in targeted attacks.

Read more  
Previous1...3940414243...215Next

Search blog

VB2017 video: Consequences of bad security in health care

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB201…
"You are probably asking yourselves what a nurse is doing at a cybersecurity conference. Trust me, my colleagues are even more surprised, because they truly believe that hospitals… https://www.virusbulletin.com/blog/2017/11/vb2017-video-consequences-bad-security-health-care/

Vulnerabilities play only a tiny role in the security risks that come with mobile phones

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.
Last week saw yet another successful edition of Mobile Pwn2Own, the contest in which participants are challenged to attack fully patched mobile devices using previously unknown… https://www.virusbulletin.com/blog/2017/11/vulnerabilities-play-only-tiny-role-security-risks-come-mobile-phones/

VB2017 paper: The (testing) world turned upside down

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.
Few subjects are as hotly debated within the security community as the testing of security software. Virus Bulletin has been at the core of many of these debates, both as a… https://www.virusbulletin.com/blog/2017/11/vb2017-paper-testing-world-turned-upside-down/

VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical Trickbot in…
Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is… https://www.virusbulletin.com/blog/2017/11/vb2017-video-turning-trickbot-decoding-encrypted-command-and-control-channel/

November

https://www.virusbulletin.com/blog/2017/11/

Paper: FAME - Friendly Malware Analysis Framework

Today, we publish a short paper in which CERT Société Générale presents FAME, its open source malware analysis framework.
As someone who spends most of his time talking to people who work for security vendors, I am always impressed by the amount of security research that takes place in the real… https://www.virusbulletin.com/blog/2017/11/paper-fame-friendly-malware-analysis-framework/

Ebury and Mayhem server malware families still active

Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised (Linux) web servers are the glue in many a malware campaign. Two such networks of… https://www.virusbulletin.com/blog/2017/10/ebury-and-mayhem-server-malware-families-still-active/

VB2017 paper: Crypton - exposing malware's deepest secrets

Crypton, a tool developed by F5 Networks researchers Julia Karpin and Anna Dorfman, aims to speed up the reverse engineering process by decrypting encrypted content found in a (malicious) binary. The researchers described the tool in a paper which they pr…
Computer scientists are notorious for a specific kind of laziness: the kind of laziness that makes them work really hard in order to avoid some other, often more boring, hard… https://www.virusbulletin.com/blog/2017/10/vb2017-paper/

VB2017 paper: The sprawling market of consumer spyware

For many people, the threat of an abusive partner or ex-partner is very real - and the market for consumer spyware worryingly large. Today, we publish the recording of a presentation on the subject of consumer spyware given at VB2017 by The Daily Beast re…
Nation states, criminals and bored teenagers are the various kinds of adversaries the security community is used to facing, and they are all well understood. There is one type of… https://www.virusbulletin.com/blog/2017/10/vb2017-paper-sprawling-market-consumer-spyware/

Gábor Szappanos wins fourth Péter Szőr Award

At the VB2017 gala dinner, the fourth Péter Szőr Award was presented to Sophos researcher Gábor Szappanos for his paper "AKBuilder – the crowdsourced exploit kit".
Every year, during the Virus Bulletin Conference gala dinner, we celebrate the life and works of Péter Szőr, the brilliant security researcher who passed away so sadly in 2013. We… https://www.virusbulletin.com/blog/2017/10/gabor-szappanos-wins-fourth-peter-szor-award/

VB2017 paper: Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

We publish the VB2017 paper and video by Kaspersky Lab researchers Juan Andres Guerrero-Saade and Costin Raiu, in which they look at fourth-party collection (spies spying on other spies' campaigns) and its implications for attribution.
Of all the possible targets for digital spies, there is one particularly attractive target that doesn't get a lot of attention: that of other espionage campaigns. Yet this kind… https://www.virusbulletin.com/blog/2017/10/vb2017-paper-walking-your-enemys-shadow-when-fourth-party-collection-becomes-attribution-hell/

Didn't come to VB2017? Tell us why!

Virus Bulletin is a company - and a conference - with a mission: to further the research in and facilitate the fight against digital threats. To help us in this mission, we want to hear from those who didn't come to Madrid. What is your impression of the …
Last week, hundreds of security researchers from around the world gathered in Madrid for VB2017, the 27th Virus Bulletin International Conference.     Every year, we… https://www.virusbulletin.com/blog/2017/10/didnt-come-vb2017-tell-us-why/

Montreal will host VB2018

Last week, we announced the full details of VB2018, which will take place 3-5 October 2018 at the Fairmont The Queen Elizabeth hotel in Montreal, Quebec, Canada.
Last week, at the end of the very successful 27th Virus Bulletin conference, we announced the location for VB2018, the 28th Virus Bulletin conference, which will take place 3 to 5… https://www.virusbulletin.com/blog/2017/10/montreal-announced-location-vb2018/

VB2017 preview: Beyond lexical and PDNS (guest blog)

In a special guest blog post, VB2017 Silver sponsor Cisco Umbrella writes about a paper that researchers Dhia Mahjoub and David Rodriguez will present at the conference this Friday.
In this special guest blog post, VB2017 Silver sponsor Cisco Umbrella writes about a paper that researchers Dhia Mahjoub and David Rodriguez will present at the conference this… https://www.virusbulletin.com/blog/2017/10/vb2017-preview-beyond-lexical-and-pdns-guest-blog/

Avast to present technical details of CCleaner hack at VB2017

The recently discovered malicious CCleaner version has become one of the biggest security stories of 2017. Two researchers from Avast, the company that had recently acquired CCleaner developer Piriform, will share the results of their investigations at VB…
The recently discovered malicious CCleaner version has become one of the biggest security stories of 2017. It is the story of a mysterious attacker who managed to put a backdoor… https://www.virusbulletin.com/blog/2017/10/avast-present-technical-details-ccleaner-hack-vb2017/

VB2017 preview: Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

We preview the VB2017 paper by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Costin Raiu on fourth-party collection and its implications for attack attribution.
"We heard you like popping boxes, so we popped your box so we can watch while you watch" Two years ago, Juan Andrés Guerrero-Saade of Kaspersky Lab's GReAT team gave a… https://www.virusbulletin.com/blog/2017/10/vb2017-preview-walking-your-enemys-shadow-when-fourth-party-collection-becomes-attribution-hell/

October

https://www.virusbulletin.com/blog/2017/10/

VB2017 preview: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

We preview Patrick Wardle's VB2017 paper, in which the Synack researcher analyses the mysterious OSX/FruitFly malware by setting up a custom C&C server.
Apart from the odd taxi driver loudly making the claim, the idea that "Macs don't get malware" has become something of the past. Nevertheless, most security researchers focus on… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-offensive-malware-analysis-dissecting-osxfruitfly-custom-cc-server/

VB2017 - information for press

More than 50 security industry experts will present conference papers to their peers at VB2017 next week, and there are several papers on the programme with a certain newsworthiness. There is still time for cybersecurity journalists to apply for a press p…
Next week, security researchers from around the world will gather in Madrid for VB2017, the 27th International Virus Bulletin Conference. More than 50 security industry experts… https://www.virusbulletin.com/blog/2017/09/vb2017-information-press/

VB2017 preview: BPH exposed - RBN never left they just adapted and evolved. Did you?

We preview the VB2017 paper by Dhia Mahjoub (OpenDNS) and Jason Passwaters (Intel471) who combine an actor-centric and a network-centric approach to analysing bulletproof hosting operations.
Running a cybercriminal enterprise isn't all that easy. Try, for instance, setting up a site hosting malware and you'll find that sooner or later the provider will suspend your… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-bph-exposed-rbn-never-left-they-just-adapted-and-evolved-did-you/

« Previous 1...1617181920...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.