VB Blog

VB2017 preview: Calling all PUA fighters

Posted by   Martijn Grooten on   Aug 31, 2017

We preview the VB2017 Small Talk to be given by AppEsteem's Dennis Batchelder that should help security vendors make decisions about apps whose behaviours sit right on the limits of what is acceptable from a security point of view.

Read more  

VB2017 preview: From insider threat to insider asset: a practical guide

Posted by   Martijn Grooten on   Aug 30, 2017

We preview the VB2017 paper by Forcepoint's Kristin Leary and Richard Ford, who will discuss a practical approach to preventing insider attacks.

Read more  

WireX DDoS botnet takedown shows the best side of the security industry

Posted by   Martijn Grooten on   Aug 29, 2017

Collaboration between a number of security companies has led to the takedown of the WireX Android DDoS botnet. Efforts like these, and the fact that the companies involved all decided to publish the very same blog post, show the best side of the security industry.

Read more  

VB2017 preview: Your role in child abuse

Posted by   Martijn Grooten on   Aug 28, 2017

We preview the VB2017 presentation by Mick Moran, who will discuss online child abuse and the role the security community can play fighting it.

Read more  

ROPEMAKER email exploit is of limited practical use

Posted by   Martijn Grooten on   Aug 28, 2017

Researchers at Mimecast have published a paper about the 'ROPEMAKER' exploit, which allows an email sender with malicious intentions to change the visial appearance of an email after it has been delivered.

Read more  

VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America

Posted by   Martijn Grooten on   Aug 25, 2017

We preview the VB2017 presentation by Kaspersky Lab researchers Thiago Marques and Fabio Assolini in which they look at malware targeting ATMs in Latin America.

Read more  

VB2017 preview: Stuck between a ROC and a hard place

Posted by   Martijn Grooten on   Aug 24, 2017

We preview the VB2017 paper by Microsoft's Holly Stewart and Joe Blackbird, which uses data about users switching anti-virus provider to decide whether machine-learning models should favour avoiding false positives over false negatives.

Read more  

VB2017 preview: Consequences of bad security in health care

Posted by   Martijn Grooten on   Aug 23, 2017

We preview the VB2017 presentation by Jelena Milosevic, an ICU nurse by profession, who will provide the audience with an inside view of security in hospitals.

Read more  

VB2017 Small Talk: The encryption vs. inspection debate

Posted by   Martijn Grooten on   Aug 22, 2017

At VB2017, Cloudflare's Head of Cryptography Nick Sullivan will give a Small Talk on the intercepting of HTTPS connections by proxies and anti-virus software.

Read more  

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 2

Posted by   Virus Bulletin on   Aug 10, 2017

In the second part of this two-part blog series, we look at five more memorable Virus Bulletin conference presentations.

Read more  
Previous1...3132333435...215Next

Search blog

August

https://www.virusbulletin.com/blog/2018/08/

VB2018 Small Talk: An industry approach for unwanted software criteria and clean requirements

An industry approach for defining and detecting unwanted software to be presented and discussed at the Virus Bulletin conference.
The constantly evolving threat landscape poses challenges for security vendors. But an equally big, if less reported, challenge is that posed by the kind of software that lives on… https://www.virusbulletin.com/blog/2018/08/vb2018-small-talk-industry-approach-unwanted-software-criteria-and-clean-requirements/

VB2018 call for last-minute papers opened

The call for last-minute papers for VB2018 is now open. Submit before 2 September to have your abstract considered for one of the nine slots reserved for 'hot' research.
Virus Bulletin has opened the call for last-minute papers for VB2018. The VB2018 programme already boasts some 40 talks, with a few more exciting things to be added very soon… https://www.virusbulletin.com/blog/2018/07/vb2018-call-last-minute-papers-opened/

VB2017 paper and update: Browser attack points still abused by banking trojans

At VB2017, ESET researchers Peter Kálnai and Michal Poslušný looked at how banking malware interacts with browsers. Today we publish their paper, share the video of their presentation, and also publish a guest blog post from Peter, in which he summarises …
#VB2017 follow-up: mid 2018 update Peter Kálnai & Michal Poslušný, ESET MITB attacks in Chrome In this short note, we look back to research presented at VB2017 [1].… https://www.virusbulletin.com/blog/2018/07/vb2017-paper-and-update-browser-attack-points-still-abused-banking-trojans/

New paper: Does malware based on Spectre exist?

It is likely that, by now, everyone in computer science has at least heard of the Spectre attack, and many excellent explanations of the attack already exist. But what is the likelihood of finding Spectre being exploited on Android smartphones?
The discovery of the Spectre and Meltdown attacks in January cast a long shadow over the year, with many of the issued security patches having their own problems and several new… https://www.virusbulletin.com/blog/2018/07/new-paper-does-malware-based-spectre-exist/

More VB2018 partners announced

We are excited to announce several more companies that have partnered with VB2018.
The Virus Bulletin Conference has always been about bringing the security community together, and in this spirit, this year we are referring to the organizations that support… https://www.virusbulletin.com/blog/2018/07/more-vb2018-partners-announced/

Malware authors' continued use of stolen certificates isn't all bad news

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors' use of stolen certificates.
A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov… https://www.virusbulletin.com/blog/2018/07/malware-authors-continued-use-stolen-certificates-not-only-bad-news/

Save the dates: VB2019 to take place 2-4 October 2019

Though the location will remain under wraps for a few more months, we are pleased to announce the dates for VB2019, the 29th Virus Bulletin International Conference.
While we hope that you have already circled the dates of 3-5 October 2018 in your agendas, and that you will join us and security experts from around the world for VB2018 in… https://www.virusbulletin.com/blog/2018/07/save-dates-vb2019-take-place-2-4-october-2019/

Necurs update reminds us that the botnet cannot be ignored

The operators of the Necurs botnet, best known for being one of the most prolific spam botnets of the past few years, have pushed out updates to its client, which provide some important lessons about why malware infections matter.
If, at some point in the past few years, you have looked at a spam campaign in which a lot of emails were being sent from Vietnam or India, there's a good chance the spam was sent… https://www.virusbulletin.com/blog/2018/07/necurs-update-reminds-us-botnet-cannot-be-ignored/

Nominations opened for fifth Péter Szőr Award

Virus Bulletin has opened nominations for the fifth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2017 and 30 June 2018.
Virus Bulletin is seeking nominations for the fifth annual Péter Szőr Award. The award was inaugurated during the VB2014 conference, in honour of late security researcher and… https://www.virusbulletin.com/blog/2018/07/nominations-opened-fifth-peter-szor-award/

July

https://www.virusbulletin.com/blog/2018/07/

.SettingContent-ms files remind us that it is features, not bugs we should be most concerned about

Security researcher Matt Nelson has discovered how .SettingContent-ms files can be embedded into Office files to deliver malware.
One of the most significant developments in the threat landscape in recent years has been the return of malicious Office macros, their resurgence having started four years ago.… https://www.virusbulletin.com/blog/2018/07/settingcontent-ms-files-remind-us-it-features-not-bugs-we-should-be-most-concerned-about/

We cannot ignore the increased use of IoT in domestic abuse cases

The New York Times reports that smart home devices are increasingly used in cases of domestic abuse.
Smart home technology is increasingly being used in domestic abuse cases. In more than 30 interviews with The New York Times, domestic abuse victims, their lawyers, shelter… https://www.virusbulletin.com/blog/2018/06/we-cannot-ignore-increased-use-iot-domestic-abuse-cases/

Benefit now from early bird discount tickets for VB2018

If you want to come to VB2018 in Montreal this year (and why wouldn't you?) and want to save a bit on the ticket price (and why wouldn't you?), remember that early bird discounts will be available until 30 June.
In a little over three months, security experts from around the world will gather in Montreal for VB2018, the 28th Virus Bulletin International Conference. We have an exciting… https://www.virusbulletin.com/blog/2018/06/last-week-buy-early-bird-discount-ticket-vb2018/

We are more ready for IPv6 email than we may think

Though IPv6 is gradually replacing IPv4 on the Internet's network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?
In email security circles, IPv6 is the elephant in the room. While the transition from IPv4 to IPv6 is a relatively smooth affair for most of the Internet, and few people will… https://www.virusbulletin.com/blog/2018/06/we-are-more-ready-ipv6-email-we-may-think/

Subtle change could see a reduction in installation of malicious Chrome extensions

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.
As modern browsers have become harder to attack, malware authors have found a simple way around this: by working with the browser rather than against it. More particularly, by… https://www.virusbulletin.com/blog/2018/06/subtle-change-could-see-reduction-installation-malicious-chrome-extensions/

Paper: EternalBlue: a prominent threat actor of 2017–2018

We publish a paper by researchers from Quick Heal Security Labs in India, who study the EternalBlue and DoublePulsar exploits in full detail.
A little over a year ago, one of the defining security events of the decade occurred: the WannaCry outbreak. A damaging and destructive cyber attack that hit the UK's National… https://www.virusbulletin.com/blog/2018/06/paper-eternalblue-prominent-threat-actor-20172018/

June

https://www.virusbulletin.com/blog/2018/06/

'North Korea' a hot subject among VB2018 talks

Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.
A few years ago, I somehow got involved in the discussion of a run-of-the-mill malicious spam campaign and ended up speaking to a journalist from the Daily Telegraph. "Is it true… https://www.virusbulletin.com/blog/2018/06/north-korea-hot-subject-among-vb2018-talks/

Expired domain led to SpamCannibal's blacklist eating the whole world

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.
The first line of defence in many a spam filter is to query one or more DNS blacklists to see if the sender's IP address (and sometimes their domain) is listed as a known spammer.… https://www.virusbulletin.com/blog/2018/05/expired-domain-led-spamcannibal-blacklisting-whole-world/

« Previous 1...1112131415...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.