VB Blog

VB2017: a wide ranging and international conference programme

Posted by Martijn Grooten on Apr 13, 2017

We are proud to announce a very broad and very international programme for VB2017, which will take place in Madrid, 4-6 October 2017.

Posted by Martijn Grooten on Apr 10, 2017

Virus Bulletin is excited to announce John-Graham Cumming and Brian Honan as the two keynote speakers for VB2017 in Madrid.

Posted by Martijn Grooten on Mar 31, 2017

As VB's COO John Hawes moves on to new challenges, the team wish him a fond farewell and good luck in his future endeavours.

Posted by Martijn Grooten on Mar 28, 2017

Symantec researchers Himanshu Anand and Chastine Menrige explain how a single click can lead to a compromised machine, without malware ever being stored on disk.

Posted by Martijn Grooten on Mar 22, 2017

The Necurs botnet has started sending pump-and-dump spam. Almost all of these emails are blocked by spam filters, yet the stock price still increased.

Posted by Martijn Grooten on Mar 10, 2017

Realistically speaking, if your software or system uses the SHA-1 hashing algorithm, it is unlikely that it will be exploited in the foreseeable future. But it is also extremely difficult to be certain that your system won't be the exception.

Posted by Martijn Grooten on Mar 10, 2017

The call for papers for VB2017, which takes place 4 to 6 October in Madrid, Spain, is currently open. We're always on the look out for new speakers and new content, so to help anyone who's unfamiliar with the VB conference, we've prepared a list of answers to some frequently asked questions about the event, and about how to submit a paper.

Posted by Helen Martin on Mar 9, 2017

This week marked the 25th anniversary of the trigger date of the infamous Michelangelo virus. In January 1992, VB published an analysis of the boot sector virus that captured the imagination of the press and kicked up a media storm.

Posted by Martijn Grooten on Mar 8, 2017

Is it your job to defend your company’s network? Are you defending a government’s systems? Do you help secure the devices used by activists operating in less open societies? Do you work with abuse victims targeted by spyware? Share your experiences with the security community at VB2017.

Posted by Virus Bulletin on Mar 8, 2017

At Virus Bulletin, we love the BSides concept and we have attended several of the BSides events around the world. So when Peter Karsai, who is soon to join the VB team, offered to write about his experience at BSides Budapest, we jumped at the chance to publish his post.

Previous1...3637383940...215Next

Search blog

August

https://www.virusbulletin.com/blog/2018/08/

VB2018 Small Talk: An industry approach for unwanted software criteria and clean requirements

An industry approach for defining and detecting unwanted software to be presented and discussed at the Virus Bulletin conference.
The constantly evolving threat landscape poses challenges for security vendors. But an equally big, if less reported, challenge is that posed by the kind of software that lives on… https://www.virusbulletin.com/blog/2018/08/vb2018-small-talk-industry-approach-unwanted-software-criteria-and-clean-requirements/

VB2018 call for last-minute papers opened

The call for last-minute papers for VB2018 is now open. Submit before 2 September to have your abstract considered for one of the nine slots reserved for 'hot' research.
Virus Bulletin has opened the call for last-minute papers for VB2018. The VB2018 programme already boasts some 40 talks, with a few more exciting things to be added very soon… https://www.virusbulletin.com/blog/2018/07/vb2018-call-last-minute-papers-opened/

VB2017 paper and update: Browser attack points still abused by banking trojans

At VB2017, ESET researchers Peter Kálnai and Michal Poslušný looked at how banking malware interacts with browsers. Today we publish their paper, share the video of their presentation, and also publish a guest blog post from Peter, in which he summarises …
#VB2017 follow-up: mid 2018 update Peter Kálnai & Michal Poslušný, ESET MITB attacks in Chrome In this short note, we look back to research presented at VB2017 [1].… https://www.virusbulletin.com/blog/2018/07/vb2017-paper-and-update-browser-attack-points-still-abused-banking-trojans/

New paper: Does malware based on Spectre exist?

It is likely that, by now, everyone in computer science has at least heard of the Spectre attack, and many excellent explanations of the attack already exist. But what is the likelihood of finding Spectre being exploited on Android smartphones?
The discovery of the Spectre and Meltdown attacks in January cast a long shadow over the year, with many of the issued security patches having their own problems and several new… https://www.virusbulletin.com/blog/2018/07/new-paper-does-malware-based-spectre-exist/

More VB2018 partners announced

We are excited to announce several more companies that have partnered with VB2018.
The Virus Bulletin Conference has always been about bringing the security community together, and in this spirit, this year we are referring to the organizations that support… https://www.virusbulletin.com/blog/2018/07/more-vb2018-partners-announced/

Malware authors' continued use of stolen certificates isn't all bad news

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors' use of stolen certificates.
A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov… https://www.virusbulletin.com/blog/2018/07/malware-authors-continued-use-stolen-certificates-not-only-bad-news/

Save the dates: VB2019 to take place 2-4 October 2019

Though the location will remain under wraps for a few more months, we are pleased to announce the dates for VB2019, the 29th Virus Bulletin International Conference.
While we hope that you have already circled the dates of 3-5 October 2018 in your agendas, and that you will join us and security experts from around the world for VB2018 in… https://www.virusbulletin.com/blog/2018/07/save-dates-vb2019-take-place-2-4-october-2019/

Necurs update reminds us that the botnet cannot be ignored

The operators of the Necurs botnet, best known for being one of the most prolific spam botnets of the past few years, have pushed out updates to its client, which provide some important lessons about why malware infections matter.
If, at some point in the past few years, you have looked at a spam campaign in which a lot of emails were being sent from Vietnam or India, there's a good chance the spam was sent… https://www.virusbulletin.com/blog/2018/07/necurs-update-reminds-us-botnet-cannot-be-ignored/

Nominations opened for fifth Péter Szőr Award

Virus Bulletin has opened nominations for the fifth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2017 and 30 June 2018.
Virus Bulletin is seeking nominations for the fifth annual Péter Szőr Award. The award was inaugurated during the VB2014 conference, in honour of late security researcher and… https://www.virusbulletin.com/blog/2018/07/nominations-opened-fifth-peter-szor-award/

July

https://www.virusbulletin.com/blog/2018/07/

.SettingContent-ms files remind us that it is features, not bugs we should be most concerned about

Security researcher Matt Nelson has discovered how .SettingContent-ms files can be embedded into Office files to deliver malware.
One of the most significant developments in the threat landscape in recent years has been the return of malicious Office macros, their resurgence having started four years ago.… https://www.virusbulletin.com/blog/2018/07/settingcontent-ms-files-remind-us-it-features-not-bugs-we-should-be-most-concerned-about/

We cannot ignore the increased use of IoT in domestic abuse cases

The New York Times reports that smart home devices are increasingly used in cases of domestic abuse.
Smart home technology is increasingly being used in domestic abuse cases. In more than 30 interviews with The New York Times, domestic abuse victims, their lawyers, shelter… https://www.virusbulletin.com/blog/2018/06/we-cannot-ignore-increased-use-iot-domestic-abuse-cases/

Benefit now from early bird discount tickets for VB2018

If you want to come to VB2018 in Montreal this year (and why wouldn't you?) and want to save a bit on the ticket price (and why wouldn't you?), remember that early bird discounts will be available until 30 June.
In a little over three months, security experts from around the world will gather in Montreal for VB2018, the 28th Virus Bulletin International Conference. We have an exciting… https://www.virusbulletin.com/blog/2018/06/last-week-buy-early-bird-discount-ticket-vb2018/

We are more ready for IPv6 email than we may think

Though IPv6 is gradually replacing IPv4 on the Internet's network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?
In email security circles, IPv6 is the elephant in the room. While the transition from IPv4 to IPv6 is a relatively smooth affair for most of the Internet, and few people will… https://www.virusbulletin.com/blog/2018/06/we-are-more-ready-ipv6-email-we-may-think/

Subtle change could see a reduction in installation of malicious Chrome extensions

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.
As modern browsers have become harder to attack, malware authors have found a simple way around this: by working with the browser rather than against it. More particularly, by… https://www.virusbulletin.com/blog/2018/06/subtle-change-could-see-reduction-installation-malicious-chrome-extensions/

Paper: EternalBlue: a prominent threat actor of 2017–2018

We publish a paper by researchers from Quick Heal Security Labs in India, who study the EternalBlue and DoublePulsar exploits in full detail.
A little over a year ago, one of the defining security events of the decade occurred: the WannaCry outbreak. A damaging and destructive cyber attack that hit the UK's National… https://www.virusbulletin.com/blog/2018/06/paper-eternalblue-prominent-threat-actor-20172018/

June

https://www.virusbulletin.com/blog/2018/06/

'North Korea' a hot subject among VB2018 talks

Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.
A few years ago, I somehow got involved in the discussion of a run-of-the-mill malicious spam campaign and ended up speaking to a journalist from the Daily Telegraph. "Is it true… https://www.virusbulletin.com/blog/2018/06/north-korea-hot-subject-among-vb2018-talks/

Expired domain led to SpamCannibal's blacklist eating the whole world

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.
The first line of defence in many a spam filter is to query one or more DNS blacklists to see if the sender's IP address (and sometimes their domain) is listed as a known spammer.… https://www.virusbulletin.com/blog/2018/05/expired-domain-led-spamcannibal-blacklisting-whole-world/

« Previous 1...1112131415...120 Next »