VB Blog

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

Posted by   Martijn Grooten on   Nov 22, 2019

A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his presentation.

Read more  

VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth

Posted by   Martijn Grooten on   Nov 21, 2019

Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution and the affiliate scheme behind it. Today we publish both their paper and the recording of their presentation.

Read more  

VB2019 paper: Domestic Kitten: an Iranian surveillance program

Posted by   Martijn Grooten on   Nov 18, 2019

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video of their presentation.

Read more  

VB2019 video: Discretion in APT: recent APT attack on crypto exchange employees

Posted by   Martijn Grooten on   Nov 18, 2019

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

Read more  

VB2019 paper: DNS on fire

Posted by   Martijn Grooten on   Nov 7, 2019

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

Read more  

German Dridex spam campaign is unfashionably large

Posted by   Martijn Grooten on   Nov 6, 2019

VB has analysed a malicious spam campaign targeting German-speaking users with obfuscated Excel malware that would likely download Dridex but that mostly stood out through its size.

Read more  

Paper: Dexofuzzy: Android malware similarity clustering method using opcode sequence

Posted by   Martijn Grooten on   Nov 5, 2019

We publish a paper by researchers from ESTsecurity in South Korea, who describe a fuzzy hashing algorithm for clustering Android malware datasets.

Read more  

Emotet continues to bypass many email security products

Posted by   Martijn Grooten on   Nov 4, 2019

Having returned from a summer hiatus, Emotet is back targeting inboxes and, as seen in the VBSpam test lab, doing a better job than most other malicious campaigns at bypassing email security products.

Read more  

VB2019 paper: We need to talk - opening a discussion about ethics in infosec

Posted by   Martijn Grooten on   Nov 1, 2019

Those working in the field of infosec are often faced with ethical dilemmas that are impossible to avoid. Today, we publish a VB2019 paper by Kaspersky researcher Ivan Kwiatkowski looking at ethics in infosec as well as the recording of Ivan's presentation.

Read more  

Stalkerware poses particular challenges to anti-virus products

Posted by   Martijn Grooten on   Oct 31, 2019

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.

Read more  
Previous1...7891011...215Next

Search blog

Tor exit node found to turn downloaded binaries into malware

Tor provides anonymity, not security, hence using HTTPS is essential.
Tor provides anonymity, not security, hence using HTTPS is essential. A security researcher has discovered a Tor exit node that was modifying binaries downloaded through it on the… https://www.virusbulletin.com/blog/2014/10/tor-exit-node-found-turn-downloaded-binaries-malware/

VB2014 paper: Exposing Android white collar criminals

Luis Corrons dives into the world of shady Android apps.
Luis Corrons dives into the world of shady Android apps.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/10/paper-exposing-android-white-collar-criminals/

Black Hat Europe - day 2

IPv6 versus IDPS, XSS in WYSIWYG editors, and reflected file downloads.
IPv6 versus IDPS, XSS in WYSIWYG editors, and reflected file downloads. After a busy first day, I was somewhat glad that the talks on the second day of Black Hat Europe appealed… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-2/

Black Hat Europe - day 1

Programme packed with interesting talks.
Programme packed with interesting talks. Though the prestige of Black Hat Europe doesn't compare to that of its American parent conference, and the event certainly doesn't dominate… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-1/

VB2014 paper: DNSSEC - how far have we come?

Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.
Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.Over the next months, we will be sharing conference papers as well as… https://www.virusbulletin.com/blog/2014/10/paper-dnssec-how-far-have-we-come/

POODLE attack forces the Internet to move away from SSL 3.0

Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks.
Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks. After Heartbleed and Shellshock, or the SSL/TLS attacks CRIME and BEAST,… https://www.virusbulletin.com/blog/2014/10/poodle-attack-forces-internet-move-away-ssl-3-0/

Report: 15 solutions achieve VBSpam award

Surprisingly, the presence of more URLs doesn't necessarily make spam easier to block.
Surprisingly, the presence of more URLs doesn't necessarily make spam easier to block. Yet again, we have good news for those who need to run a spam filter (in other words:… https://www.virusbulletin.com/blog/2014/10/report-15-solutions-achieve-vbspam-award/

Windows zero-day used in targeted attacks

Vulnerability used to download BlackEnergy trojan - as discussed during VB2014.
Vulnerability used to download BlackEnergy trojan - as discussed during VB2014. Today is going to be a busy day for system administrators: they were already on high alert following… https://www.virusbulletin.com/blog/2014/10/windows-zero-day-used-targeted-attacks/

VB2014 paper: The evolution of webinjects

Jean-Ian Boutin looks at the increased commoditization of webinjects.
Jean-Ian Boutin looks at the increased commoditization of webinjects.Virus Bulletin has always been about sharing information, and the Virus Bulletin conference is an important… https://www.virusbulletin.com/blog/2014/10/paper-evolution-webinjects/

Paper: The Hulk

Raul Alvarez studies cavity file infector.
Raul Alvarez studies cavity file infector. Most file infectors increase the length of the infected file, as the malicious code is added as a new section of the host file, or to the… https://www.virusbulletin.com/blog/2014/10/paper-hulk/

Shellshock used to spread Mayhem

Malware switched to more effective Perl installer.
Malware switched to more effective Perl installer. One of the most prominent discussion topics during VB2014 was the 'Shellshock' vulnerability (CVE-2014-6271) in the popular Bash… https://www.virusbulletin.com/blog/2014/10/shellshock-used-spread-mayhem/

October

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/10/

VB2014: Slides day three

Thanks all for a fantastic conference and see you in Prague... or in Denver!
Thanks all for a fantastic conference and see you in Prague... or in Denver! Two days ago, a lively panel discussion closed what we can only describe as a fantastic conference. For… https://www.virusbulletin.com/blog/2014/09/slides-day-three/

'Windigo' research wins first annual Péter Szőr award

The first of many awards to commemorate brilliant researcher.
The first of many awards to commemorate brilliant researcher. When, in November last year, we heard of the passing of Péter Szőr, we wanted to do something to keep the memory of… https://www.virusbulletin.com/blog/2014/09/windigo-research-wins-first-annual-p-ter-sz-r-award/

VB2014: Slides day two

Another day of excellent presentations.
Another day of excellent presentations. The second day of VB2014 was just as successful as the first one, and saw 22 interesting presentations, divided over two parallel streams,… https://www.virusbulletin.com/blog/2014/09/slides-day-two/

VB2014: Slides day one

Almost £1,300 donated to WWF!
Almost £1,300 donated to WWF! The inaugural Virus Bulletin conference was held in 1991, making it one of the oldest security conferences in the world. It is also one of very few… https://www.virusbulletin.com/blog/2014/09/slides-day-one/

VB2014 previews: an overview

Fourteen blog posts look ahead at the 24th Virus Bulletin conference.
Fourteen blog posts look ahead at the 24th Virus Bulletin conference. In just a few more hours, delegates will be able to collect their VB2014 badges before the conference really… https://www.virusbulletin.com/blog/2014/09/previews-overview/

VB2014 preview: Tech Support Scams 2.0: an inside look into the evolution of the classic Microsoft tech support scam

Jérôme Segura looks at recent developments in malicious cold calls.
Jérôme Segura looks at recent developments in malicious cold calls.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of… https://www.virusbulletin.com/blog/2014/09/preview-tech-support-scams-2-0-inside-look-evolution-classic-microsoft-tech-support-scam/

VB2014 preview: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash.
Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we… https://www.virusbulletin.com/blog/2014/09/preview-ubiquitous-flash-ubiquitous-exploits-and-ubiquitous-mitigation/

VB2014: frequently asked questions

Some useful information for those attending VB2014 - or those interested in attending.
Some useful information for those attending VB2014 - or those interested in attending.I haven't registered yet, but I'd like to attend. Can I still register? Yes, you can. Use our… https://www.virusbulletin.com/blog/2014/09/frequently-asked-questions/

« Previous 1...3637383940...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.