VB Blog

VB2017 paper: Nine circles of Cerber

Posted by   Martijn Grooten on   Dec 15, 2017

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more  

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Posted by   Martijn Grooten on   Dec 14, 2017

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more  

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Posted by   Martijn Grooten on   Dec 14, 2017

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more  

Security Planner gives security advice based on your threat model

Posted by   Martijn Grooten on   Dec 13, 2017

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more  

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Posted by   Martijn Grooten on   Dec 11, 2017

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more  

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Posted by   Martijn Grooten on   Dec 7, 2017

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more  

VB2017 paper: Peering into spam botnets

Posted by   Martijn Grooten on   Dec 1, 2017

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more  

Throwback Thursday: Anti-malware testing undercover

Posted by   Martijn Grooten on   Nov 30, 2017

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more  

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Posted by   Martijn Grooten on   Nov 30, 2017

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more  

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more  
Previous1...2627282930...215Next

Search blog

New paper: Behind the scenes of GandCrab's operation

The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab Security…
  For more details of GandCrab, also see the VB2019 paper and presentation by McAfee researchers John Fokker and Alexandre Mundo, who looked both at the malware code and its… https://www.virusbulletin.com/blog/2020/01/new-paper-behind-scenes-gandcrabs-operation/

VB2019 paper: King of the hill: nation-state counterintelligence for victim deconfliction

At VB2019 Juan Andres Guerrero-Saade looked at nation-state actors using threat intelligence for victim deconfliction. Today we publish both his paper and the recording of his presentation.
King of the hill: nation-state counterintelligence for victim deconfliction Read the paper (HTML) Download the paper (PDF)   Past Virus Bulletin conference papers… https://www.virusbulletin.com/blog/2020/01/vb2019-paper-king-hill-nation-state-counterintelligence-victim-deconfliction/

The VB2020 call for papers - how it works

With the VB2020 Call for Papers now open, we explain how the selection procedure works, which may help you during your abstract submission.
We recently opened the call for papers for VB2020, which is to take place 30 September to 2 October in Dublin, Ireland. The deadline for the call for papers is Sunday 15 March.… https://www.virusbulletin.com/blog/2020/01/vb2020-call-papers/

VB2019 presentation: Targeted attacks through ISPs

In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today we rel…
In 2019 we saw an increase in the number of targeted malware infections spread via ISPs and service providers. Some notable cases included the installation of digital certificates… https://www.virusbulletin.com/blog/2020/01/vb2019-presentation-targeted-attacks-through-isps/

VB2019 presentation: A deep dive into iPhone exploit chains

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recor…
One of the biggest security stories of 2019 was the use of advanced iOS and Android exploit chains against China’s Uighur minority, first uncovered by Google’s Project Zero with… https://www.virusbulletin.com/blog/2020/01/vb2019-presentation-deep-dive-iphone-exploit-chains/

Latest VBWeb report describes current state of the web-based threat landscape

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.
VBWeb Comparative Review - Winter 2020 Read the report (HTML) Download the report (PDF)   If you are interested in having your product tested either publicly or privately, or… https://www.virusbulletin.com/blog/2020/01/latest-vbweb-report-describes-current-state-web-based-threat-landscape/

VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of…
Catch me if you can: detection of injection exploitation by validating query and API integrity Read the paper (HTML) Download the paper (PDF)       Any web app that… https://www.virusbulletin.com/blog/2020/01/vb2019-paper-catch-me-if-you-can-detection-injection-exploitation-validating-query-and-api-integrity/

2020

https://www.virusbulletin.com/blog/2020/

January

https://www.virusbulletin.com/blog/2020/01/

Virus Bulletin says a fond farewell and thank you to Martijn Grooten

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.
Thirteen years ago, VB was searching for a web developer to join the very small team based in Oxfordshire, UK. A CV came in from one Martijn Grooten, a former Ph.D. student in… https://www.virusbulletin.com/blog/2019/12/virus-bulletin-says-fond-farewell-and-thank-you-martijn-grooten/

VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.
Over the years, many ‘potentially unwanted applications’ have plagued macOS in the same way they have plagued other platforms. Though anti-virus isn’t ubiquitous on Macs,… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-never-had-stierlitz-been-so-close-failure-or-what-soviet-super-spy-doing-popular-bundleware-mac/

Parting thoughts 5: bringing the good news

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.
At the end of this month, I will step down as Editor of Virus Bulletin. Before doing so, I have been sharing some 'parting thoughts' in five blog posts, based on my experience… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-5-bringing-good-news/

Parting thoughts 4: the big picture

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-4-big-picture/

VB2019 paper: Exploring the Chinese DDoS landscape

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.
Exploring the Chinese DDoS landscape Read the paper (HTML) Download the paper (PDF)       China has long been a hotbed of DDoS activities, with several groups… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-exploring-chinese-ddos-landscape/

Parting thoughts 3: taking security seriously

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-3-taking-security-seriously/

VB2019 paper: Absolutely routed!! Why routers are the new bullseye in cyber attacks

Today we publish the VB2019 paper by Anurag Shandilya (K7 Computing) who looked at recent malware attacks against routers, as well as the video of his presentation in London.
Given their prominent position on home and corporate networks and their often poor standard of security, one might be forgiven for being surprised that massive attacks against… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-absolutely-routed-why-routers-are-new-bullseye-cyber-attacks/

Parting thoughts 2: the need for education in security

In the second of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes cybersecurity professionals need to educate themselves on the complexities of the real-world situations in which security is applied.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-2-need-education-security/

Parting thoughts 1: cybersecurity as a social science

In the first of a five-part series of blog post, departing VB Editor Martijn Grooten explains why he believes cybersecurity isn't as much as technical field as we like to believe.
At the end of this month, I will step down as Editor of Virus Bulletin. This week, I will share some 'parting thoughts' in five blog posts, based on my experience working in the… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-1-cybersecurity-social-science/

VB2020 call for papers - now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2020 is now open and we want to hear from you!
In the October 1990 edition of Virus Bulletin (pdf), then a printed monthly magazine sent to subscribers around the world by post, the very first Virus Bulletin conference was… https://www.virusbulletin.com/blog/2019/12/vb2020-call-papers-now-open/

VB2019 paper: Operation Soft Cell - a worldwide campaign against telecommunication providers

Today we publish the VB2019 paper by Cybereason researchers Mor Levi, Amit Serper and Assaf Dahan on Operation Soft Cell, a targeted attack against telecom providers around the world.
Operation Soft Cell - a worldwide campaign against telecommunication providers Read the paper (HTML) Download the paper (PDF)   In June this year, Cybereason published a blog… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-operation-soft-cell-worldwide-campaign-against-telecommunication-providers/

« Previous 1234567...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.