VB Blog

VB2017 paper: Nine circles of Cerber

Posted by   Martijn Grooten on   Dec 15, 2017

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more  

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Posted by   Martijn Grooten on   Dec 14, 2017

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more  

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Posted by   Martijn Grooten on   Dec 14, 2017

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more  

Security Planner gives security advice based on your threat model

Posted by   Martijn Grooten on   Dec 13, 2017

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more  

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Posted by   Martijn Grooten on   Dec 11, 2017

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more  

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Posted by   Martijn Grooten on   Dec 7, 2017

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more  

VB2017 paper: Peering into spam botnets

Posted by   Martijn Grooten on   Dec 1, 2017

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more  

Throwback Thursday: Anti-malware testing undercover

Posted by   Martijn Grooten on   Nov 30, 2017

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more  

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Posted by   Martijn Grooten on   Nov 30, 2017

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more  

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more  
Previous1...2627282930...215Next

Search blog

VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

In today's blog post, we preview the VB2018 paper by Dragos Inc.'s Joe Slowik, who looks at the CRASHOVERRIDE malware, the first (publicly known) malware designed to impact electric grid operations.
One of the many highlights of last year's Virus Bulletin Conference was a last-minute paper by ESET researchers Anton Cherepanov and Robert Lipovsky on Industroyer, 'the first… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-anatomy-attack-detecting-and-defeating-crashoverride/

VB2018 preview: Cyber Threat Alliance

In today's blog post we look at a report on illicit cryptocurrency mining by the Cyber Threat Alliance and also look forward to the VB2018 talk by the CTA's CEO Michael Daniel.
Last week, the Cyber Threat Alliance (CTA) published a report on the illicit mining of cryptocurrencies. The report is notable for two reasons: first because it is exceptionally… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-cyber-threat-alliance/

VB2018 preview: hacking cars

In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners and manufacturers. On today's blog we preview two VB2018 papers, by Inbar Raz…
In recent years, car hacking has evolved from a mostly theoretical research field involving giggling researchers and scared journalists, to one that actually concerns car owners… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-hacking-cars/

Where are all the ‘A’s in APT?

In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.
In a guest blog post by VB2018 gold partner Kaspersky Lab, Costin Raiu, Director of the company's Global Research and Analysis Team, looks critically at the 'A' in APT.   A… https://www.virusbulletin.com/blog/2018/09/where-are-all-apt/

VB2018 preview: commercial spyware and its use by governments

Today, we preview three VB2018 presentations that look at threats against civil society in general and the use of commercial spyware by governments for this purpose in particular.
Yesterday, a new report by Citizen Lab looked at NSO Group's Pegasus spyware and its global use. The report is worth a read, for the political implications of the findings, for… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-commercial-spyware-and-its-use-governments/

VB2018 preview: Wipers in the wild

Today we preview the VB2018 paper by Saher Naumaan (BAE Systems Applied Intelligence) on the use of wipers in APT attacks.
Some of the earliest computer viruses deleted data and sometimes even rendered computers unusable. But as malware increasingly became a tool used for criminal or (geo)political… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-wipers-wild/

VB2018 preview: IoT botnets

The VB2018 programme is packed with a wide range of security topics featuring speakers from all around the world. Today we preview two of them: one by Qihoo 360 researchers on tracking variants of Mirai and one by researchers from Bitdefender on the peer-…
For a long time IoT-botnets were just one of those things security professionals warned about. Then, with the appearance of Mirai in 2016, they became a reality. Mirai's… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-iot-botnets/

VB2018: last-minute talks announced

We are excited to announce the final additions to the VB2018 programme in the form of 10 'last-minute' papers covering up-to-the-minute research and hot topics and two more invited talks.
With a little over three weeks to go until the start of VB2018, 28th Virus Bulletin Conference, we are excited to announce ten last-minute talks that cover hot research.  … https://www.virusbulletin.com/blog/2018/09/vb2018-last-minute-talks-announced/

VB2018 preview: Since the hacking of Sony Pictures

At VB2018, AhnLab researcher Minseok Cha will look at activities of the Lazarus Group on the Korean peninsula going back as early as April 2011.
Yesterday, the US Justice Department brought charges against an alleged hacker for the North Korean government. The man, Park Jin Hyok, is accused of being connected with the 2014… https://www.virusbulletin.com/blog/2018/09/vb2018-preview-hacking-sony-pictures/

Book review: Click Here to Kill Everybody

Paul Baccas reviews Bruce Schneier's latest thought-provoking book, 'Click Here to Kill Everybody'.
Paul Baccas reviews 'Click here to Kill Everybody' by Bruce Schneier   Title: Click Here to Kill Everybody: Security and Survival in a Hyper-connected World… https://www.virusbulletin.com/blog/2018/09/book-review-click-here-kill-everybody/

Spam is mostly noise and that makes measuring it very difficult

A brief analysis by Recorded Future suggests that the volume of spam and new domain registrations hasn't increased since the GDPR came into effect.
A recent blog post published by Recorded Future looked at the possible effect of the GDPR on the volume of spam and concludes there has been no noticeable impact. The question… https://www.virusbulletin.com/blog/2018/09/spam-mostly-noise-and-makes-measuring-it-complicated/

September

https://www.virusbulletin.com/blog/2018/09/

Virus Bulletin announces programme of the first International Threat Intelligence Summit

VB is thrilled to announce the programme of the first International Threat Intelligence Summit that will form an integral part of the VB2018 conference programme.
Today, we are excited to announce the programme of the first International Threat Intelligence Summit, which will form an integral part of the VB2018 conference programme. Most… https://www.virusbulletin.com/blog/2018/08/virus-bulletin-announces-programme-first-international-threat-intelligence-summit/

VB2018 preview: Explain Ethereum smart contract hacking like I am five

Designing smart contracts is hard: we preview a VB2018 paper on the blockchain-based platform Ethereum, that describes both how the technology works and how a number of security issues inherent to the platform have led to various high-profile and often ve…
Shout 'blockchain' in a group of security experts and everyone will start to laugh. It is fair to say that the security community tends to be rather sceptical about… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-explain-ethereum-smart-contract-hacking-i-am-five/

VB2017 video: Client Maximus raises the bar

At VB2017, IBM Trusteer researcher Omer Agmon, presented a 'last-minute' paper in which he analysed the Client Maximum trojan, which targets Brazilian users of online banking. Today, we release the recording of his presentation.
Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware… https://www.virusbulletin.com/blog/2018/08/vb2017-video-client-maximus-raises-bar/

The security industry is genuinely willing to help you do good work

For those organizations working for the public good, security vendors are often willing to offer their services for free, or for very low cost.
An article at Cyberscoop lists security companies that are offering assistance to protect election systems, for example by protecting against DDoS attacks, performing penetration… https://www.virusbulletin.com/blog/2018/08/security-industry-genuinely-willing-help-you-do-good-work/

VB2018 preview: Unpacking the packed unpacker: reversing an Android anti-analysis library

At VB2018, Google researcher Maddie Stone will present an analysis of the multi-layered 'WeddingCake' anti-analysis library used by many Android malware families.
Seven years ago, the first VB conference paper on Android malware looked at what was then a new, but growing trend. Since then both the threat and the research community have… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-unpacking-packed-unpacker-reversing-android-anti-analysis-library/

VB2018 preview: From drive-by download to drive-by mining

At VB2018, Malwarebytes researcher Jérôme Segura will discuss the rise of drive-by cryptocurrency mining, explaining how it works and putting it in the broader context of changes in the cybercrime landscape.
"Understanding the new paradigm", Malwarebytes researcher Jérôme Segura writes in the title of his upcoming VB2018 presentation on drive-by mining. He could hardly have put it… https://www.virusbulletin.com/blog/2018/08/vb2018-preview-drive-download-drive-mining/

Red Eyes threat group targets North Korean defectors

A research paper by AhnLab researcher Minseok Cha looks at the activities of the Red Eyes threat group (also known as Group 123 and APT 37), whose targets include North Korean defectors, as well as journalists and human rights defenders focused on North K…
AhnLab has published a research paper that looks at the Red Eyes group, which is particularly active against North Korean defectors, as well as journalists and human rights… https://www.virusbulletin.com/blog/2018/08/red-eyes-threat-group-targets-north-korean-defectors/

VB announces Threat Intelligence Summit to take place during VB2018

We are very excited to announce a special summit, as part of VB2018, that will be dedicated to all aspects of threat intelligence.
The very first edition of Virus Bulletin magazine, published in July 1989, contained lists of "[all] known IBM PC viruses" and "[all] known Apple Macintosh viruses". In the… https://www.virusbulletin.com/blog/2018/08/vb-announces-threat-intelligence-summit-take-place-during-vb2018/

« Previous 1...1011121314...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.