VB Blog

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Posted by   Martijn Grooten on   Jan 7, 2019

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.

Read more  

Book Review: Cyber Wars

Posted by   Martijn Grooten on   Dec 19, 2018

VB Editor Martijn Grooten reviews Charles Arthur's Cyber Wars, which looks at seven prominent hacks and attacks, and the lessons we can learn from them.

Read more  

VB2018 paper: Office bugs on the rise

Posted by   Martijn Grooten on   Dec 14, 2018

At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.

Read more  

VB2018 video: The Big Bang Theory by APT-C-23

Posted by   Martijn Grooten on   Dec 12, 2018

Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.

Read more  

VB2019 London - join us for the most international threat intelligence conference!

Posted by   Martijn Grooten on   Dec 11, 2018

VB calls on organisations and individuals involved in threat intelligence from around the world to participate in next year's Virus Bulletin conference.

Read more  

VB2018 paper: Tracking Mirai variants

Posted by   Martijn Grooten on   Dec 7, 2018

Today, we publish the VB2018 paper by Qihoo 360 researchers Ya Liu and Hui Wang, on extracting data from variants of the Mirai botnet to classify and track variants.

Read more  

VB2018 paper: Hide'n'Seek: an adaptive peer-to-peer IoT botnet

Posted by   Martijn Grooten on   Dec 6, 2018

2018 has seen an increase in the variety of botnets living on the Internet of Things - such as Hide'N'Seek, which is notable for its use of peer-to-peer for command-and-control communication. Today, we publish the VB2018 paper by Bitdefender researchers Adrian Șendroiu and Vladimir Diaconescu, who studied the Hide'N'Seek IoT botnet. We also release the recording of their presentation.

Read more  

New paper: Botception: botnet distributes script with bot capabilities

Posted by   Martijn Grooten on   Dec 4, 2018

In a new paper, Avast researchers Jan Sirmer and Adolf Streda look at how a spam campaign sent via the Necurs botnet was delivering the Flawed Ammyy RAT. As well as publishing the paper, we have also released the video of the reseachers' VB2018 presentation on the same topic.

Read more  

VB2018 video: Behind the scenes of the SamSam investigation

Posted by   Martijn Grooten on   Nov 29, 2018

Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.

Read more  

VB2018 video: Foreverdays: tracking and mitigating threats targeting civil society orgs

Posted by   Martijn Grooten on   Nov 28, 2018

Today, we publish the video of the VB2018 presentation by CitizenLab researchers Masashi Nishihata and John Scott Railton, on threats faced by civil society.

Read more  
Previous1...1415161718...215Next

Search blog

Latest Virus Bulletin report shows the difference web security products make

The latest Virus Bulletin web security report sees Kaspersky, Trustwave and Fortinet all achieve VBWeb certification, but also see some products struggle with the new Fallout exploit kit.
Extremely targeted attacks aside, when a user gets infected through the web, it means something has happened that should not have. Either the user clicked on a link they shouldn't… https://www.virusbulletin.com/blog/2018/11/latest-virus-bulletin-report-shows-difference-web-security-products-make/

Subscribe to the relaunched Virus Bulletin eNews newsletter

Subscribe to the re-launched Virus Bulletin eNews Newsletter to receive regular updates on the latest threat intelligence sources directly in your inbox.
Today, we relaunched the Virus Bulletin eNews newsletter. The newsletter provides weekly updates of what is happening both at Virus Bulletin and in the wider security… https://www.virusbulletin.com/blog/2018/11/subscribe-relaunched-virus-bulletin-enews-newsletter/

VB2018 paper: Since the hacking of Sony Pictures

The Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Today we publish the VB2018 paper by AhnLab researcher Minseok (Jacky) Ch…
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-hacking-sony-pictures/

VB2018 video: Shedding skin - Turla's fresh faces

Today, we have published the video of a VB2018 presentation by Kaspersky Lab researchers Kurt Baumgartner and Mike Scott, who looked at the latest activity of the Turla group.
"Capable, well-resourced, and they go back decades." The Turla threat group doesn't make the news as much as some other Russian-speaking APT groups, but it is one of the most… https://www.virusbulletin.com/blog/2018/11/vb2018-video-shedding-skin-turlas-fresh-faces/

VB2018 video: Triada: the past, the present and the (hopefully not existing) future

Today we publish the video of the VB2018 presentation by Google researcher Lukasz Siewierski on the Triada Android malware and Google's work with OEMs to remove it from infected devices.
From NotPetya to Shadowpad, supply chain attacks have become a serious and hard-to-fight security problem. One prominent type of supply chain attack involves the pre-installation… https://www.virusbulletin.com/blog/2018/11/vb2018-video-triada-past-present-and-hopefully-not-existing-future/

VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels

Today, we publish the VB2018 paper by Masarah Paquet-Clouston (GoSecure) who looked at the supply chain behind social media fraud.
On the day of the 2018 US mid-term elections, there will be few who are not aware of the activity of botnets on social media and how these, allegedly, have tried to influence… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-uncovering-wholesale-industry-social-media-fraud-botnet-bulk-reseller-panels/

November

https://www.virusbulletin.com/blog/2018/11/

VB2018 paper: Now you see it, now you don't: wipers in the wild

Today, we publish the VB2018 paper from Saher Naumaan (BAE Systems) who looks at malware variants that contain a wiper functionality. We also publish the recording of her presentation.
Early computer viruses were often destructive in nature, but once criminals learned about the money they could make from malware, they realised that destructiveness hurt their… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-now-you-see-it-now-you-dont-wipers-wild/

Emotet trojan starts stealing full emails from infected machines

The infamous Emotet trojan has added the capability to steal full email bodies from infected machines, opening the possibilities for more targeted spam and phishing campaigns.
Researchers at Kryptos Logic have discovered that the Emotet banking trojan is exfiltrating entire email bodies as opposed to merely email addresses. Emotet was first discovered… https://www.virusbulletin.com/blog/2018/10/emotet-trojan-starts-stealing-full-emails-infected-machines/

VB2018 paper: Who wasn’t responsible for Olympic Destroyer?

Cisco Talos researchers Paul Rascagnères and Warren Mercer were among the first to write about the Olympic Destroyer, the malware that targeted the 2018 PyeongChang Winter Olympic Games. Today, we publish the paper they presented at VB2018 about the malwa…
It may be hard to believe, but it was only eight months ago that the 2018 PyeongChang Winter Olympic Games were targeted by malware named Olympic Destroyer. Though not the first… https://www.virusbulletin.com/blog/2018/10/who-wasnt-responsible-olympic-destroyer/

VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

Today, we publish the VB2018 paper by Malwarebytes researcher Jérôme Segura, in which he details the shift from exploit kits to drive-by mining. We also publish the video of his VB2018 presentation.
When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-drive-download-drive-mining-understanding-new-paradigm/

VB2018 presentation: The wolf in sheep's clothing - undressed

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst ki…
In recent years, we have seen a trend of commercial spyware being sold to governments. This is a very controversial subject, not least because of the frequent use of this spyware… https://www.virusbulletin.com/blog/2018/10/wolf-sheeps-clothing-undressed/

VB2018 paper: The dark side of WebAssembly

Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.
With this year's very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-dark-side-webassembly/

The Virus Bulletin conference returns home: VB2019 to take place in London

In 2019, the Virus Bulletin conference is set to return home, with VB2019 taking place in London, UK.
In July 1989, the first ever Virus Bulletin magazine was published from its home in Oxfordshire, UK – a monthly publication focusing on the emerging threat of computer viruses.… https://www.virusbulletin.com/blog/2018/10/virus-bulletin-conference-returns-home-vb2019-take-place-london/

Guest blog: The case for increasing transparency in cybersecurity

In a guest blog post, Kaspersky Lab's Anton Shingarev considers the case for increasing transparency in cybersecurity.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Anton Shingarev, Vice President, Public Affairs, considers the case for increasing transparency in cybersecurity.… https://www.virusbulletin.com/blog/2018/10/guest-blog-case-increasing-transparency-cybersecurity/

October

https://www.virusbulletin.com/blog/2018/10/

VB2018 preview: Workshops

Workshops make their VB Conference debut during VB2018, giving delegates the opportunity to learn the basics of kernel-level malware analysis, Android reverse-engineering and artificial intelligence.
The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-workshops/

New article: Through the looking glass: webcam interception and protection in kernel mode

Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software Company, who dive into the video capturing internals on Windows, and explain how this can be used by a malicious actor to steal images recorded by a compu…
Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software, one of the partners of VB2018. In the article, Ronen and Michael dive into… https://www.virusbulletin.com/blog/2018/09/new-article-through-looking-glass-webcam-intercepton-and-protection-kernel-mode/

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cl…
Whether they're used to send spam, to perform DDoS attacks, or as a proxy network for other kinds of nefarious activities, botnets remain a prominent tool for cybercriminals, and… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-botnet-landscape-live-threats-and-steps-mitigation-small-talk/

VB2018 Threat Intelligence Summit: survey on threat intel usage

Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018 next week. In a bid to help collect as much current data as possible, we'd like to ask anyone generating or consuming threat intelligence to fill in a very …
Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018, which is to take place next week in Montreal, Canada. The Summit is open to… https://www.virusbulletin.com/blog/2018/09/vb2018-threat-intelligence-summit-survey-threat-intel-usage/

« Previous 1...910111213...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.