VB Blog

First sponsors of VB2017 announced

Posted by Martijn Grooten on Mar 6, 2017

We are excited to announce the first five sponsors of VB2017, companies based in Europe, Asia and North America.

Posted by Martijn Grooten on Feb 27, 2017

A recent paper showed that many HTTPS-intercepting security solutions have implemented TLS rather poorly. Does that mean we should avoid such solutions altogether?

Posted by Martijn Grooten on Feb 23, 2017

Researchers from Google and CWI Amsterdam have created the first known collision of the SHA-1 hashing algorithm, making a very strong case to ditch it.

Posted by Helen Martin on Feb 23, 2017

VB was saddened to learn this week of the passing of one of the pioneers of the AV industry, Ross Greenberg. This Throwback Thursday we look back at an interview with Ross in November 1995.

Posted by Martijn Grooten on Feb 20, 2017

Have you analysed a new online threat? Do you know a new way to defend against such threats? Then submit an abstract in the CFP for VB2017!

Posted by Martijn Grooten on Feb 17, 2017

APT reports are great for gaining an understanding of how advanced attack groups operate - however, they can also provide free QA for the threat actors. Today, we publish a VB2016 paper by Gadi Evron (Cymmetria) and Inbar Raz (Perimeter X), who discuss what they think is wrong with many APT reports and what can be done to improve them.

Posted by Martijn Grooten on Feb 14, 2017

Industry veteran Mikko Hyppönen recently urged would-be security researchers to ditch their favourite pop music and listen to security podcasts on their commute to work instead. Virus Bulletin Editor Martijn Grooten shares his favourite security podcasts.

Posted by Martijn Grooten on Feb 10, 2017

In a presentation at VB2016, Patrick Wardle, Director of Research at Synack, discussed the possibilities of Mac malware recording the user via the webcam. Today, we publish the video of Patrick's presentation.

Posted by Martijn Grooten on Feb 9, 2017

Virus Bulletin Editor Martijn Grooten calls for the security community not to forget those most vulnerable in the digital world, including political activists living under oppressive regimes, and victims of abuse.

Posted by Helen Martin on Feb 9, 2017

In early 1991, the world was a troubled place and conflict and violence were being reported globally on a daily basis. With this as a backdrop, the world of "indiscriminate" computer viruses which "victimise in a random and unpredictable manner" seemed relatively trivial to then Editor of VB, Edward Wilding.

Previous1...3738394041...215Next

Search blog

VB2014 preview: Labelling spam through the analysis of protocol patterns

Andrei Husanu and Alexandru Trifan look at what TCP packet sizes can teach us.
Andrei Husanu and Alexandru Trifan look at what TCP packet sizes can teach us.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we will look at… https://www.virusbulletin.com/blog/2014/08/preview-labelling-spam-through-analysis-protocol-patterns/

VB2014 preview: Optimized mal-ops. Hack the ad network like a boss

Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits.
Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits.In the weeks running up to VB2014 (the 24th Virus Bulletin International… https://www.virusbulletin.com/blog/2014/08/preview-optimized-mal-ops-hack-ad-network-boss/

Guest blog: Cyber insurance, is it for you?

Sorin Mustaca looks at how companies trading online can insure the risks they run.
Sorin Mustaca looks at how companies trading online can insure the risks they run.Throughout its 25 year history, Virus Bulletin has regularly published technical analyses of the… https://www.virusbulletin.com/blog/2014/08/guest-blog-cyber-insurance-it-you/

Google to take tough stance on homoglyph attacks

Good idea, but unlikely to have a huge impact.
Good idea, but unlikely to have a huge impact. Ever since internationalized domain names (IDNs) were introduced in the last decade, allowing people to use non-ASCII characters in… https://www.virusbulletin.com/blog/2014/08/google-take-tough-stance-homoglyph-attacks/

VB2014 preview: P0wned by a barcode

Fabio Assolini to speak about malware targeting boletos.
Fabio Assolini to speak about malware targeting boletos.In the weeks running up to VB2014, we will look at some of the research that will be presented at the conference. In the… https://www.virusbulletin.com/blog/2014/08/preview-p0wned-barcode/

Paper: Inside the iOS/AdThief malware

75,000 jailbroken iOS devices infected with malware that steals ad revenues.
75,000 jailbroken iOS devices infected with malware that steals ad revenues. Believing that the device or operating system you use reduces your chance of being affected by malware… https://www.virusbulletin.com/blog/2014/08/paper-inside-ios-adthief-malware/

$83k in bitcoins 'stolen' through BGP hijack

Short-lived network changes used to make miners connect to rogue pool.
Short-lived network changes used to make miners connect to rogue pool. Researchers at Dell SecureWorks have discovered an operation that used BGP hijacking to force bitcoin miners… https://www.virusbulletin.com/blog/2014/08/83k-bitcoins-stolen-through-bgp-hijack/

Report: 15 solutions achieve VBSpam award

Despite short spike, image spam no problem for spam filters.
Despite short spike, image spam no problem for spam filters. Good news for those who need to run a spam filter (in other words: everyone who runs a mail server). For the second… https://www.virusbulletin.com/blog/2014/08/report-15-solutions-achieve-vbspam-award/

Researchers release CryptoLocker decryption tool

Tool uses private keys found in database of victims.
Tool uses private keys found in database of victims.Please note: this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active… https://www.virusbulletin.com/blog/2014/08/researchers-release-cryptolocker-decryption-tool/

Paper: IcoScript: using webmail to control malware

RAT gets instructions from Yahoo Mail address.
RAT gets instructions from Yahoo Mail address. One of the big challenges for malicious actors in operating a RAT (remote administration tool) is how to control the malware and… https://www.virusbulletin.com/blog/2014/08/paper-icoscript-using-webmail-control-malware/

August

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/08/

Paper: Learning about Bflient through sample analysis

Flexible module-handling mechanism allows malware to adjust functionalities at will.
Flexible module-handling mechanism allows malware to adjust functionalities at will. The history of the 'Bflient' worm goes back to the discovery of its first variants in June… https://www.virusbulletin.com/blog/2014/07/paper-learning-about-bflient-through-sample-analysis/

Report: VB100 comparative review on Windows 7

29 out of 35 tested products earn VB100 award.
29 out of 35 tested products earn VB100 award. The various changes at Virus Bulletin mean that things are busier than ever in our office. Still, behind the scenes we continue to… https://www.virusbulletin.com/blog/2014/07/report-comparative-review-windows-7/

Call for last-minute papers for VB2014 announced

Seven speaking slots waiting to be filled with presentations on 'hot' security topics.
Seven speaking slots waiting to be filled with presentations on 'hot' security topics. Earlier this year, we announced the programme for VB2014: three days filled with excellent… https://www.virusbulletin.com/blog/2014/07/call-last-minute-papers-announced/

Paper: Mayhem - a hidden threat for *nix web servers

New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system.
New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system. One of the main trends in malware in recent years is a… https://www.virusbulletin.com/blog/2014/07/paper-mayhem-hidden-threat-nix-web-servers/

Google's Project Zero to hunt for zero-days

Bugs to be reported to the vendor only, and to become public once patched.
Bugs to be reported to the vendor only, and to become public once patched.Google has created a new team, called Project Zero, whose task is to find vulnerabilities in any kind of… https://www.virusbulletin.com/blog/2014/07/google-s-project-zero-hunt-zero-days/

Paper: API-EPO

Raul Alvarez studies the unique EPO methodology used by the W32/Daum file infector.
Raul Alvarez studies the unique EPO methodology used by the W32/Daum file infector. A few months ago, we published an article by Fortinet's Raul Alvarez on the Expiro file… https://www.virusbulletin.com/blog/2014/07/paper-api-epo/

Paper: Not old enough to be forgotten: the new chic of Visual Basic 6

Marion Marschalek looks at two Miuref binaries: one packed with Visual Basic 6 and one with C++.
Marion Marschalek looks at two Miuref binaries: one packed with Visual Basic 6 and one with C++. Two months ago, Microsoft announced it had added 'Miuref' to its Malicious Software… https://www.virusbulletin.com/blog/2014/07/paper-not-old-enough-be-forgotten-new-chic-visual-basic-6/

Paper: VBA is not dead!

Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate.
Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate.Macro malware had long been assumed dead. After all, macros are disabled by… https://www.virusbulletin.com/blog/2014/07/paper-vba-not-dead/

'Cyber attack on hedge fund' turns out to be internal 'scenario' used by BAE Systems

Story that appeared to be taken from fiction turns out... to have been fiction.
Story that appeared to be taken from fiction turns out... to have been fiction. Two weeks after BAE Systems reported its technicians had thwarted an attack against hedge fund… https://www.virusbulletin.com/blog/2014/07/cyber-attack-hedge-fund-turns-out-be-internal-scenario-used-bae-systems/

« Previous 1...3839404142...120 Next »