VB Blog

VB2018 paper: Little Brother is watching – we know all your secrets!

Posted by   Martijn Grooten on   Feb 1, 2019

At VB2018 in Montreal, researchers from Fraunhofer SIT looked at privacy vulnerabilities in legitimate Android family-tracking apps that leaked location data. Today, we publish both their paper and the video of their presentation.

Read more  

Threat intelligence teams should consider recruiting journalists

Posted by   Martijn Grooten on   Jan 29, 2019

Threat intelligence teams would do well to recruit journalists, whose experience is crucial in today's threat landscape.

Read more  

From HSBC to product descriptions: the malicious emails bypassing your filters

Posted by   Martijn Grooten on   Jan 28, 2019

Using data from our VBSpam lab, we looked at the malicious emails that have been missed recently by a large number of email security products.

Read more  

VB2018 paper: Inside Formbook infostealer

Posted by   Martijn Grooten on   Jan 25, 2019

The Formbook information-stealing trojan may not be APT-grade malware, but its continuing spread means it can still be effective. At VB2018 in Montreal, Gabriela Nicolao, a researcher from Deloitte in Argentina, presented a short paper in which she looked at Formbook's background and history and analysed a sample of the malware. Today, we publish Gabriela's paper.

Read more  

The VB2019 CFP - how the selection procedure works

Posted by   Martijn Grooten on   Jan 24, 2019

With the VB2019 Call for Papers having opened last week, we explain how the selection procedure works, which may help you during your abstract submission.

Read more  

VB2018 paper: From Hacking Team to hacked team to…?

Posted by   Martijn Grooten on   Jan 18, 2019

Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.

Read more  

The spam that is hardest to block is often the most damaging

Posted by   Martijn Grooten on   Jan 17, 2019

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Worryingly, it is often the emails with a malicious attachment or a phishing link that are most likely to be missed.

Read more  

Throwback Thursday: We're all doomed

Posted by   Helen Martin on   Jan 17, 2019

Mydoom turns 15 this month, and is still being seen in email attachments. This Throwback Thursday we look back to March 2004, when Gabor Szappanos tracked the rise of W32/Mydoom.

Read more  

VB2019 call for papers - now open!

Posted by   Martijn Grooten on   Jan 15, 2019

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2019 is now open and we want to hear from you!

Read more  

VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis library

Posted by   Martijn Grooten on   Jan 14, 2019

Today, we publish a VB2018 paper by Google researcher Maddie Stone in which she looks at one of the most interesting anti-analysis native libraries in the Android ecosystem. We also release the recording of Maddie's presentation.

Read more  
Previous1...1314151617...215Next

Search blog

Latest Virus Bulletin report shows the difference web security products make

The latest Virus Bulletin web security report sees Kaspersky, Trustwave and Fortinet all achieve VBWeb certification, but also see some products struggle with the new Fallout exploit kit.
Extremely targeted attacks aside, when a user gets infected through the web, it means something has happened that should not have. Either the user clicked on a link they shouldn't… https://www.virusbulletin.com/blog/2018/11/latest-virus-bulletin-report-shows-difference-web-security-products-make/

Subscribe to the relaunched Virus Bulletin eNews newsletter

Subscribe to the re-launched Virus Bulletin eNews Newsletter to receive regular updates on the latest threat intelligence sources directly in your inbox.
Today, we relaunched the Virus Bulletin eNews newsletter. The newsletter provides weekly updates of what is happening both at Virus Bulletin and in the wider security… https://www.virusbulletin.com/blog/2018/11/subscribe-relaunched-virus-bulletin-enews-newsletter/

VB2018 paper: Since the hacking of Sony Pictures

The Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Today we publish the VB2018 paper by AhnLab researcher Minseok (Jacky) Ch…
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-hacking-sony-pictures/

VB2018 video: Shedding skin - Turla's fresh faces

Today, we have published the video of a VB2018 presentation by Kaspersky Lab researchers Kurt Baumgartner and Mike Scott, who looked at the latest activity of the Turla group.
"Capable, well-resourced, and they go back decades." The Turla threat group doesn't make the news as much as some other Russian-speaking APT groups, but it is one of the most… https://www.virusbulletin.com/blog/2018/11/vb2018-video-shedding-skin-turlas-fresh-faces/

VB2018 video: Triada: the past, the present and the (hopefully not existing) future

Today we publish the video of the VB2018 presentation by Google researcher Lukasz Siewierski on the Triada Android malware and Google's work with OEMs to remove it from infected devices.
From NotPetya to Shadowpad, supply chain attacks have become a serious and hard-to-fight security problem. One prominent type of supply chain attack involves the pre-installation… https://www.virusbulletin.com/blog/2018/11/vb2018-video-triada-past-present-and-hopefully-not-existing-future/

VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels

Today, we publish the VB2018 paper by Masarah Paquet-Clouston (GoSecure) who looked at the supply chain behind social media fraud.
On the day of the 2018 US mid-term elections, there will be few who are not aware of the activity of botnets on social media and how these, allegedly, have tried to influence… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-uncovering-wholesale-industry-social-media-fraud-botnet-bulk-reseller-panels/

November

https://www.virusbulletin.com/blog/2018/11/

VB2018 paper: Now you see it, now you don't: wipers in the wild

Today, we publish the VB2018 paper from Saher Naumaan (BAE Systems) who looks at malware variants that contain a wiper functionality. We also publish the recording of her presentation.
Early computer viruses were often destructive in nature, but once criminals learned about the money they could make from malware, they realised that destructiveness hurt their… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-now-you-see-it-now-you-dont-wipers-wild/

Emotet trojan starts stealing full emails from infected machines

The infamous Emotet trojan has added the capability to steal full email bodies from infected machines, opening the possibilities for more targeted spam and phishing campaigns.
Researchers at Kryptos Logic have discovered that the Emotet banking trojan is exfiltrating entire email bodies as opposed to merely email addresses. Emotet was first discovered… https://www.virusbulletin.com/blog/2018/10/emotet-trojan-starts-stealing-full-emails-infected-machines/

VB2018 paper: Who wasn’t responsible for Olympic Destroyer?

Cisco Talos researchers Paul Rascagnères and Warren Mercer were among the first to write about the Olympic Destroyer, the malware that targeted the 2018 PyeongChang Winter Olympic Games. Today, we publish the paper they presented at VB2018 about the malwa…
It may be hard to believe, but it was only eight months ago that the 2018 PyeongChang Winter Olympic Games were targeted by malware named Olympic Destroyer. Though not the first… https://www.virusbulletin.com/blog/2018/10/who-wasnt-responsible-olympic-destroyer/

VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

Today, we publish the VB2018 paper by Malwarebytes researcher Jérôme Segura, in which he details the shift from exploit kits to drive-by mining. We also publish the video of his VB2018 presentation.
When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-drive-download-drive-mining-understanding-new-paradigm/

VB2018 presentation: The wolf in sheep's clothing - undressed

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst ki…
In recent years, we have seen a trend of commercial spyware being sold to governments. This is a very controversial subject, not least because of the frequent use of this spyware… https://www.virusbulletin.com/blog/2018/10/wolf-sheeps-clothing-undressed/

VB2018 paper: The dark side of WebAssembly

Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.
With this year's very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-dark-side-webassembly/

The Virus Bulletin conference returns home: VB2019 to take place in London

In 2019, the Virus Bulletin conference is set to return home, with VB2019 taking place in London, UK.
In July 1989, the first ever Virus Bulletin magazine was published from its home in Oxfordshire, UK – a monthly publication focusing on the emerging threat of computer viruses.… https://www.virusbulletin.com/blog/2018/10/virus-bulletin-conference-returns-home-vb2019-take-place-london/

Guest blog: The case for increasing transparency in cybersecurity

In a guest blog post, Kaspersky Lab's Anton Shingarev considers the case for increasing transparency in cybersecurity.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Anton Shingarev, Vice President, Public Affairs, considers the case for increasing transparency in cybersecurity.… https://www.virusbulletin.com/blog/2018/10/guest-blog-case-increasing-transparency-cybersecurity/

October

https://www.virusbulletin.com/blog/2018/10/

VB2018 preview: Workshops

Workshops make their VB Conference debut during VB2018, giving delegates the opportunity to learn the basics of kernel-level malware analysis, Android reverse-engineering and artificial intelligence.
The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-workshops/

New article: Through the looking glass: webcam interception and protection in kernel mode

Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software Company, who dive into the video capturing internals on Windows, and explain how this can be used by a malicious actor to steal images recorded by a compu…
Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software, one of the partners of VB2018. In the article, Ronen and Michael dive into… https://www.virusbulletin.com/blog/2018/09/new-article-through-looking-glass-webcam-intercepton-and-protection-kernel-mode/

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cl…
Whether they're used to send spam, to perform DDoS attacks, or as a proxy network for other kinds of nefarious activities, botnets remain a prominent tool for cybercriminals, and… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-botnet-landscape-live-threats-and-steps-mitigation-small-talk/

VB2018 Threat Intelligence Summit: survey on threat intel usage

Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018 next week. In a bid to help collect as much current data as possible, we'd like to ask anyone generating or consuming threat intelligence to fill in a very …
Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018, which is to take place next week in Montreal, Canada. The Summit is open to… https://www.virusbulletin.com/blog/2018/09/vb2018-threat-intelligence-summit-survey-threat-intel-usage/

« Previous 1...910111213...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.