VB Blog

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Posted by   Martijn Grooten on   Jan 7, 2019

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.

Read more  

Book Review: Cyber Wars

Posted by   Martijn Grooten on   Dec 19, 2018

VB Editor Martijn Grooten reviews Charles Arthur's Cyber Wars, which looks at seven prominent hacks and attacks, and the lessons we can learn from them.

Read more  

VB2018 paper: Office bugs on the rise

Posted by   Martijn Grooten on   Dec 14, 2018

At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.

Read more  

VB2018 video: The Big Bang Theory by APT-C-23

Posted by   Martijn Grooten on   Dec 12, 2018

Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.

Read more  

VB2019 London - join us for the most international threat intelligence conference!

Posted by   Martijn Grooten on   Dec 11, 2018

VB calls on organisations and individuals involved in threat intelligence from around the world to participate in next year's Virus Bulletin conference.

Read more  

VB2018 paper: Tracking Mirai variants

Posted by   Martijn Grooten on   Dec 7, 2018

Today, we publish the VB2018 paper by Qihoo 360 researchers Ya Liu and Hui Wang, on extracting data from variants of the Mirai botnet to classify and track variants.

Read more  

VB2018 paper: Hide'n'Seek: an adaptive peer-to-peer IoT botnet

Posted by   Martijn Grooten on   Dec 6, 2018

2018 has seen an increase in the variety of botnets living on the Internet of Things - such as Hide'N'Seek, which is notable for its use of peer-to-peer for command-and-control communication. Today, we publish the VB2018 paper by Bitdefender researchers Adrian Șendroiu and Vladimir Diaconescu, who studied the Hide'N'Seek IoT botnet. We also release the recording of their presentation.

Read more  

New paper: Botception: botnet distributes script with bot capabilities

Posted by   Martijn Grooten on   Dec 4, 2018

In a new paper, Avast researchers Jan Sirmer and Adolf Streda look at how a spam campaign sent via the Necurs botnet was delivering the Flawed Ammyy RAT. As well as publishing the paper, we have also released the video of the reseachers' VB2018 presentation on the same topic.

Read more  

VB2018 video: Behind the scenes of the SamSam investigation

Posted by   Martijn Grooten on   Nov 29, 2018

Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.

Read more  

VB2018 video: Foreverdays: tracking and mitigating threats targeting civil society orgs

Posted by   Martijn Grooten on   Nov 28, 2018

Today, we publish the video of the VB2018 presentation by CitizenLab researchers Masashi Nishihata and John Scott Railton, on threats faced by civil society.

Read more  
Previous1...1415161718...215Next

Search blog

VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

In today's blog post, we preview the VB2018 paper by Dragos Inc.'s Joe Slowik, who looks at the CRASHOVERRIDE malware, the first (publicly known) malware designed to impact electric grid operations.
One of the many highlights of last year's Virus Bulletin Conference was a last-minute paper by ESET researchers Anton Cherepanov and Robert Lipovsky on Industroyer, 'the first… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-anatomy-attack-detecting-and-defeating-crashoverride/

VB2018 preview: Cyber Threat Alliance

In today's blog post we look at a report on illicit cryptocurrency mining by the Cyber Threat Alliance and also look forward to the VB2018 talk by the CTA's CEO Michael Daniel.
Last week, the Cyber Threat Alliance (CTA) published a report on the illicit mining of cryptocurrencies. The report is notable for two reasons: first because it is exceptionally… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-cyber-threat-alliance/

VB2018 preview: hacking cars

In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners and manufacturers. On today's blog we preview two VB2018 papers, by Inbar Raz…
In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-hacking-cars/

Where are all the ‘A’s in APT?

In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.   A… https://www.virusbulletin.com/blog/2018/09/where-are-all-apt/

VB2018 preview: commercial spyware and its use by governments

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.
Yesterday, a new report by Citizen Lab looked at NSO Group's Pegasus spyware and its global use. The report is worth a read, for the political implications of the findings, for… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-commercial-spyware-and-its-use-governments/

VB2018 preview: Wipers in the wild

Today we preview the VB2018 paper by Saher Naumaan (BAE Systems Applied Intelligence) on the use of wipers in APT attacks.
Some of the earliest computer viruses deleted data and sometimes even rendered computers unusable. But as malware increasingly became a tool used for criminal or (geo)political… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-wipers-wild/

VB2018 preview: IoT botnets

The VB2018 programme is packed with a wide range of security topics featuring speakers from all around the world. Today we preview two of them: one by Qihoo 360 researchers on tracking variants of Mirai and one by researchers from Bitdefender on the peer-…
For a long time IoT-botnets were just one of those things security professionals warned about. Then, with the appearance of Mirai in 2016, they became a reality. Mirai's… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-iot-botnets/

VB2018: last-minute talks announced

We are excited to announce the final additions to the VB2018 programme in the form of 10 'last-minute' papers covering up-to-the-minute research and hot topics and two more invited talks.
With a little over three weeks to go until the start of VB2018, 28th Virus Bulletin Conference, we are excited to announce ten last-minute talks that cover hot research.  … https://www.virusbulletin.com/blog/2018/09/vb2018-last-minute-talks-announced/

VB2018 preview: Since the hacking of Sony Pictures

At VB2018, AhnLab researcher Minseok Cha will look at activities of the Lazarus Group on the Korean peninsula going back as early as April 2011.
Yesterday, the US Justice Department brought charges against an alleged hacker for the North Korean government. The man, Park Jin Hyok, is accused of being connected with the 2014… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-hacking-sony-pictures/

Book review: Click Here to Kill Everybody

Paul Baccas reviews Bruce Schneier's latest thought-provoking book, 'Click Here to Kill Everybody'.
Paul Baccas reviews 'Click here to Kill Everybody' by Bruce Schneier   Title: Click Here to Kill Everybody: Security and Survival in a Hyper-connected World… https://www.virusbulletin.com/blog/2018/09/book-review-click-here-kill-everybody/

Spam is mostly noise and that makes measuring it very difficult

A brief analysis by Recorded Future suggests that the volume of spam and new domain registrations hasn't increased since the GDPR came into effect.
A recent blog post published by Recorded Future looked at the possible effect of the GDPR on the volume of spam and concludes there has been no noticeable impact. The question… https://www.virusbulletin.com/blog/2018/09/spam-mostly-noise-and-makes-measuring-it-complicated/

September

https://www.virusbulletin.com/blog/2018/09/

Virus Bulletin announces programme of the first International Threat Intelligence Summit

VB is thrilled to announce the programme of the first International Threat Intelligence Summit that will form an integral part of the VB2018 conference programme.
Today, we are excited to announce the programme of the first International Threat Intelligence Summit, which will form an integral part of the VB2018 conference programme. Most… https://www.virusbulletin.com/blog/2018/08/virus-bulletin-announces-programme-first-international-threat-intelligence-summit/

VB2018 preview: Explain Ethereum smart contract hacking like I am five

Designing smart contracts is hard: we preview a VB2018 paper on the blockchain-based platform Ethereum, that describes both how the technology works and how a number of security issues inherent to the platform have led to various high-profile and often ve…
Shout 'blockchain' in a group of security experts and everyone will start to laugh. It is fair to say that the security community tends to be rather sceptical about… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-explain-ethereum-smart-contract-hacking-i-am-five/

VB2017 video: Client Maximus raises the bar

At VB2017, IBM Trusteer researcher Omer Agmon, presented a 'last-minute' paper in which he analysed the Client Maximum trojan, which targets Brazilian users of online banking. Today, we release the recording of his presentation.
Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware… https://www.virusbulletin.com/blog/2018/08/vb2017-video-client-maximus-raises-bar/

The security industry is genuinely willing to help you do good work

For those organizations working for the public good, security vendors are often willing to offer their services for free, or for very low cost.
An article at Cyberscoop lists security companies that are offering assistance to protect election systems, for example by protecting against DDoS attacks, performing penetration… https://www.virusbulletin.com/blog/2018/08/security-industry-genuinely-willing-help-you-do-good-work/

VB2018 preview: Unpacking the packed unpacker: reversing an Android anti-analysis library

At VB2018, Google researcher Maddie Stone will present an analysis of the multi-layered 'WeddingCake' anti-analysis library used by many Android malware families.
Seven years ago, the first VB conference paper on Android malware looked at what was then a new, but growing trend. Since then both the threat and the research community have… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-unpacking-packed-unpacker-reversing-android-anti-analysis-library/

VB2018 preview: From drive-by download to drive-by mining

At VB2018, Malwarebytes researcher Jérôme Segura will discuss the rise of drive-by cryptocurrency mining, explaining how it works and putting it in the broader context of changes in the cybercrime landscape.
"Understanding the new paradigm", Malwarebytes researcher Jérôme Segura writes in the title of his upcoming VB2018 presentation on drive-by mining. He could hardly have put it… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-drive-download-drive-mining/

Red Eyes threat group targets North Korean defectors

A research paper by AhnLab researcher Minseok Cha looks at the activities of the Red Eyes threat group (also known as Group 123 and APT 37), whose targets include North Korean defectors, as well as journalists and human rights defenders focused on North K…
AhnLab has published a research paper that looks at the Red Eyes group, which is particularly active against North Korean defectors, as well as journalists and human rights… https://www.virusbulletin.com/blog/2018/08/red-eyes-threat-group-targets-north-korean-defectors/

VB announces Threat Intelligence Summit to take place during VB2018

We are very excited to announce a special summit, as part of VB2018, that will be dedicated to all aspects of threat intelligence.
The very first edition of Virus Bulletin magazine, published in July 1989, contained lists of "[all] known IBM PC viruses" and "[all] known Apple Macintosh viruses". In the… https://www.virusbulletin.com/blog/2018/08/vb-announces-threat-intelligence-summit-take-place-during-vb2018/

« Previous 1...1011121314...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.