VB Blog

VB2016 video: Nymaim: the Untold Story

Posted by   Martijn Grooten on   Feb 8, 2017

Until very recently, the Nymaim banking trojan was a serious problem in Poland. Today, we publish the video of the VB2016 presentation by CERT Polska researchers Jarosław Jedynak and Maciej Kotowicz, in which they analyse this malware-dropper-turned-banking-trojan.

Read more  

The Living Dead Anti-Virus

Posted by   Virus Bulletin on   Feb 2, 2017

Should users uninstall their anti-virus products, as was recently suggested by a security expert in a widely shared article? In a guest post, security consultant Hendrik Pilz explains why he doesn't think this is a good idea.

Read more  

Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189

Posted by   Martijn Grooten on   Jan 31, 2017

In a new paper published by Virus Bulletin, FireEye researchers Ankit Anubhav and Manish Sardiwal analyse the 'God Mode' vulnerability CVE-2016-0189 in Microsoft Internet Explorer.

Read more  

VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

Posted by   Martijn Grooten on   Jan 30, 2017

At VB2016, Peter Kruse gave a presentation detailing the Neverquest trojan, the alleged author of which was arrested in Spain earlier this month. Today, we publish the recording of Peter's presentation.

Read more  

VB2016 paper: Great crypto failures

Posted by   Martijn Grooten on   Jan 24, 2017

Crypto is hard, and malware authors often make mistakes. At VB2016, Check Point researchers Yaniv Balmas and Ben Herzog discussed the whys and hows of some of the crypto blunders made by malware authors. Today, we publish their paper and the recording of their presentation.

Read more  

Call for Papers: VB2017

Posted by   Martijn Grooten on   Jan 19, 2017

We have opened the Call for Papers for VB2017. We are particularly interested in receiving submissions from those working outside the security industry itself.

Read more  

Ransomware not a problem for half of businesses

Posted by   Martijn Grooten on   Jan 11, 2017

According to a report by IBM Security, 70 per cent of businesses that are the victim of a ransomware attack end up paying the ransom. However, the report also suggests that a little over half of businesses manage to avoid getting infected at all, showing they must be doing something right.

Read more  

Ransomware would be much worse if it wasn't for email security solutions

Posted by   Martijn Grooten on   Jan 5, 2017

The latest VBSpam test brings good news: at least 199 out of every 200 emails containing a malicious attachment were blocked by email security solutions. All of the full solutions tested achieved a VBSpam award, with five earning a VBSpam+ award.

Read more  

Throwback Thursday: The malware battle: reflections and forecasts

Posted by   Helen Martin on   Jan 5, 2017

"Another year has come to its end and the malware battle still rages on." In January 2004, Jamz Yaneza reflected on the year just ended and pondered what the coming year would have in store for the AV industry.

Read more  

VB2016 paper: Open Source Malware Lab

Posted by   Martijn Grooten on   Jan 4, 2017

At VB2016, ThreatConnect Director of Research Innovation Robert Simmons presented a paper on setting up an open source malware lab. Today, we share the accompanying paper and video.

Read more  
Previous1...3839404142...215Next

Search blog

Latest Virus Bulletin report shows the difference web security products make

The latest Virus Bulletin web security report sees Kaspersky, Trustwave and Fortinet all achieve VBWeb certification, but also see some products struggle with the new Fallout exploit kit.
Extremely targeted attacks aside, when a user gets infected through the web, it means something has happened that should not have. Either the user clicked on a link they shouldn't… https://www.virusbulletin.com/blog/2018/11/latest-virus-bulletin-report-shows-difference-web-security-products-make/

Subscribe to the relaunched Virus Bulletin eNews newsletter

Subscribe to the re-launched Virus Bulletin eNews Newsletter to receive regular updates on the latest threat intelligence sources directly in your inbox.
Today, we relaunched the Virus Bulletin eNews newsletter. The newsletter provides weekly updates of what is happening both at Virus Bulletin and in the wider security… https://www.virusbulletin.com/blog/2018/11/subscribe-relaunched-virus-bulletin-enews-newsletter/

VB2018 paper: Since the hacking of Sony Pictures

The Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Today we publish the VB2018 paper by AhnLab researcher Minseok (Jacky) Ch…
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-hacking-sony-pictures/

VB2018 video: Shedding skin - Turla's fresh faces

Today, we have published the video of a VB2018 presentation by Kaspersky Lab researchers Kurt Baumgartner and Mike Scott, who looked at the latest activity of the Turla group.
"Capable, well-resourced, and they go back decades." The Turla threat group doesn't make the news as much as some other Russian-speaking APT groups, but it is one of the most… https://www.virusbulletin.com/blog/2018/11/vb2018-video-shedding-skin-turlas-fresh-faces/

VB2018 video: Triada: the past, the present and the (hopefully not existing) future

Today we publish the video of the VB2018 presentation by Google researcher Lukasz Siewierski on the Triada Android malware and Google's work with OEMs to remove it from infected devices.
From NotPetya to Shadowpad, supply chain attacks have become a serious and hard-to-fight security problem. One prominent type of supply chain attack involves the pre-installation… https://www.virusbulletin.com/blog/2018/11/vb2018-video-triada-past-present-and-hopefully-not-existing-future/

VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels

Today, we publish the VB2018 paper by Masarah Paquet-Clouston (GoSecure) who looked at the supply chain behind social media fraud.
On the day of the 2018 US mid-term elections, there will be few who are not aware of the activity of botnets on social media and how these, allegedly, have tried to influence… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-uncovering-wholesale-industry-social-media-fraud-botnet-bulk-reseller-panels/

November

https://www.virusbulletin.com/blog/2018/11/

VB2018 paper: Now you see it, now you don't: wipers in the wild

Today, we publish the VB2018 paper from Saher Naumaan (BAE Systems) who looks at malware variants that contain a wiper functionality. We also publish the recording of her presentation.
Early computer viruses were often destructive in nature, but once criminals learned about the money they could make from malware, they realised that destructiveness hurt their… https://www.virusbulletin.com/blog/2018/11/vb2018-paper-now-you-see-it-now-you-dont-wipers-wild/

Emotet trojan starts stealing full emails from infected machines

The infamous Emotet trojan has added the capability to steal full email bodies from infected machines, opening the possibilities for more targeted spam and phishing campaigns.
Researchers at Kryptos Logic have discovered that the Emotet banking trojan is exfiltrating entire email bodies as opposed to merely email addresses. Emotet was first discovered… https://www.virusbulletin.com/blog/2018/10/emotet-trojan-starts-stealing-full-emails-infected-machines/

VB2018 paper: Who wasn’t responsible for Olympic Destroyer?

Cisco Talos researchers Paul Rascagnères and Warren Mercer were among the first to write about the Olympic Destroyer, the malware that targeted the 2018 PyeongChang Winter Olympic Games. Today, we publish the paper they presented at VB2018 about the malwa…
It may be hard to believe, but it was only eight months ago that the 2018 PyeongChang Winter Olympic Games were targeted by malware named Olympic Destroyer. Though not the first… https://www.virusbulletin.com/blog/2018/10/who-wasnt-responsible-olympic-destroyer/

VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

Today, we publish the VB2018 paper by Malwarebytes researcher Jérôme Segura, in which he details the shift from exploit kits to drive-by mining. We also publish the video of his VB2018 presentation.
When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-drive-download-drive-mining-understanding-new-paradigm/

VB2018 presentation: The wolf in sheep's clothing - undressed

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst ki…
In recent years, we have seen a trend of commercial spyware being sold to governments. This is a very controversial subject, not least because of the frequent use of this spyware… https://www.virusbulletin.com/blog/2018/10/wolf-sheeps-clothing-undressed/

VB2018 paper: The dark side of WebAssembly

Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.
With this year's very successful Virus Bulletin Conference (VB2018) now behind us, we plan to continue the tradition of publishing most of the papers and videos of the… https://www.virusbulletin.com/blog/2018/10/vb2018-paper-dark-side-webassembly/

The Virus Bulletin conference returns home: VB2019 to take place in London

In 2019, the Virus Bulletin conference is set to return home, with VB2019 taking place in London, UK.
In July 1989, the first ever Virus Bulletin magazine was published from its home in Oxfordshire, UK – a monthly publication focusing on the emerging threat of computer viruses.… https://www.virusbulletin.com/blog/2018/10/virus-bulletin-conference-returns-home-vb2019-take-place-london/

Guest blog: The case for increasing transparency in cybersecurity

In a guest blog post, Kaspersky Lab's Anton Shingarev considers the case for increasing transparency in cybersecurity.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Anton Shingarev, Vice President, Public Affairs, considers the case for increasing transparency in cybersecurity.… https://www.virusbulletin.com/blog/2018/10/guest-blog-case-increasing-transparency-cybersecurity/

October

https://www.virusbulletin.com/blog/2018/10/

VB2018 preview: Workshops

Workshops make their VB Conference debut during VB2018, giving delegates the opportunity to learn the basics of kernel-level malware analysis, Android reverse-engineering and artificial intelligence.
The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-workshops/

New article: Through the looking glass: webcam interception and protection in kernel mode

Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software Company, who dive into the video capturing internals on Windows, and explain how this can be used by a malicious actor to steal images recorded by a compu…
Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software, one of the partners of VB2018. In the article, Ronen and Michael dive into… https://www.virusbulletin.com/blog/2018/09/new-article-through-looking-glass-webcam-intercepton-and-protection-kernel-mode/

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cl…
Whether they're used to send spam, to perform DDoS attacks, or as a proxy network for other kinds of nefarious activities, botnets remain a prominent tool for cybercriminals, and… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-botnet-landscape-live-threats-and-steps-mitigation-small-talk/

VB2018 Threat Intelligence Summit: survey on threat intel usage

Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018 next week. In a bid to help collect as much current data as possible, we'd like to ask anyone generating or consuming threat intelligence to fill in a very …
Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018, which is to take place next week in Montreal, Canada. The Summit is open to… https://www.virusbulletin.com/blog/2018/09/vb2018-threat-intelligence-summit-survey-threat-intel-usage/

« Previous 1...910111213...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.