VB Blog

VB2014 paper: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Posted by   Virus Bulletin on   Jan 30, 2015

Chun Feng and Elia Florio analyse two Flash Player vulnerabilities and an IE one where Flash provides a helping hand.

Read more  

Frequently asked questions about VB2015 conference submissions

Posted by   Virus Bulletin on   Jan 30, 2015

No, it doesn't have to be about malware and no, it doesn't have to be deeply technical either!

Read more  

Linux systems affected by 'GHOST' vulnerability

Posted by   Virus Bulletin on   Jan 28, 2015

Proof-of-concept email gives remote access to Exim mail server.

Read more  

VB2014 paper: Design to discover: security analytics with 3D visualization engine

Posted by   Virus Bulletin on   Jan 26, 2015

Thibault Reuille and Dhia Mahjoub use DNS data to look for clusters of malicious domains.

Read more  

Adobe to patch Flash Player zero-day next week

Posted by   Virus Bulletin on   Jan 23, 2015

Patch due next week as malvertising leads to Bedep trojan downloader.

Read more  

Alleged Flash Player zero-day used in Angler exploit kit

Posted by   Virus Bulletin on   Jan 22, 2015

Adobe 'investigating reports'.

Read more  

Research paper profiles victims of targeted attacks

Posted by   Virus Bulletin on   Jan 21, 2015

Large organisations working in national security and international affairs run highest risk.

Read more  

Paper: Nesting doll: unwrapping Vawtrak

Posted by   Virus Bulletin on   Jan 20, 2015

Raul Alvarez unwraps the many layers of an increasingly prevalent banking trojan.

Read more  

VB2014 paper: OPSEC for security researchers

Posted by   Virus Bulletin on   Jan 19, 2015

Vicente Diaz teaches researchers the basics of OPSEC.

Read more  

WhatsApp spam on the rise

Posted by   Virus Bulletin on   Jan 16, 2015

End-to-end encryption makes spam filtering more difficult.

Read more  
Previous1...5960616263...215Next

Search blog

MnuBot banking trojan communicates via SQL server

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.
Researchers at IBM X-Force have discovered a new banking trojan, dubbed 'MnuBot', which is targeting Internet users in Brazil. The trojan performs tasks common to banking… https://www.virusbulletin.com/blog/2018/05/mnubot-banking-trojan-communicates-sql-server/

Throwback Thursday: Giving the EICAR test file some teeth

The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.
When in our VB100 test lab we set up an anti-virus product, one of the first things we do is to see if it works by making it scan the EICAR test file. This 68-byte file is… https://www.virusbulletin.com/blog/2018/05/throwback-thursday-giving-eicar-test-file-some-teeth/

XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.
Users complaining on Apple's official discussion forum about processes that use a lot of CPU have led to the discovery of a new piece of cryptocurrency-mining malware on macOS… https://www.virusbulletin.com/blog/2018/05/xmrig-used-new-macos-cryptominer/

Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.
A current trend sees DDoS attacks focusing less on large volume attacks and more on attacks that exhaust server resources, Cloudflare reports. The number of layer 7 attacks per… https://www.virusbulletin.com/blog/2018/05/tendency-ddos-attacks-become-less-volumetric-fits-wider-trend/

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.
A new research paper by digital rights organization Access Now looks at how FinFisher has been used against people interested in anti-government protests in Turkey. Through… https://www.virusbulletin.com/blog/2018/05/turkish-twitter-users-targeted-mobile-finfisher-spyware/

Hide'n'Seek IoT botnet adds persistence

The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.
The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart, Bitdefender reports. Though persistence is fairly common… https://www.virusbulletin.com/blog/2018/05/hidenseek-iot-botnet-adds-persistence/

Registration for VB2018 now open!

Registration for VB2018, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.
Registration for VB2018, the 28th Virus Bulletin Conference, which will take place in Montreal 3-5 October this year, is now open. Last month, we announced an exciting and… https://www.virusbulletin.com/blog/2018/05/registration-vb2018-now-open/

May

https://www.virusbulletin.com/blog/2018/05/

RSA 2018: the good, the bad, the ugly, the great and the fantastic

In April, VB's Martijn Grooten attended the RSA Expo in San Francisco. He shares his views on the expo and the industry.
Two weeks ago, I was one of the more than 50,000 people who attended the RSA expo in San Francisco. I deliberately say 'expo', for while I spoke at the event two years ago, this… https://www.virusbulletin.com/blog/2018/05/rsa-2018-good-bad-ugly-great-and-fantastic/

Standalone product test: Kaspersky Security for Microsoft Office 365

There are a number of security solutions on the market that are designed to increase the default protection provided by Office 365. One such product is the newly launched Kaspersky Security for Microsoft Office 365. Virus Bulletin was commissioned to meas…
The Office 365 productivity software has become one of Microsoft's flagship products, providing organizations around the world with collaboration tools, office applications and an… https://www.virusbulletin.com/blog/2018/04/standalone-product-test-kaspersky-security-microsoft-office-365/

GravityRAT malware takes your system's temperature

The GravityRAT malware, discovered by Cisco Talos researchers, gives some interesting insight into modern malware development.
Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed 'GravityRAT', an advanced Remote Access Trojan (RAT) that appears to have been used in… https://www.virusbulletin.com/blog/2018/04/gravityrat-malware-takes-your-systems-temperature/

$150k in cryptocurrency stolen through combined BGP-DNS hijack

A BGP hijack was used to take over some of Amazon's DNS infrastructure, which was then used to serve a phishing site to users of the MyEtherWallet service.
If the Internet is, as is often said, held together with elastic bands and pieces of Sellotape, BGP is essentially a bunch of post-it notes that serve as traffic signs. BGP… https://www.virusbulletin.com/blog/2018/04/150-k-cryptocurrency-stolen-through-cominbed-bgp-dns-hijack/

Security-focused routers may help to mitigate IoT threats

Various security companies are offering security-focused routers. This is a good trend and may help mitigate a lot of the issues that come with the IoT.
Walking around the RSA show floor last week, it was clear that the Internet of Things, or IoT, is a hot topic in security. Indeed, the number of connected devices continues to… https://www.virusbulletin.com/blog/2018/04/security-focused-routers-may-help-mitigate-iot-threats/

The road to IPv6 is generally smooth but contains a few potholes

Most of the switch from IPv4 to IPv6 will happen seamlessly. But we cannot assume it won't introduce new security issues.
"The report of my death was an exaggeration," Mark Twain famously said in 1897. It was indeed: Twain went on to live for another 13 years but did eventually die. The same is… https://www.virusbulletin.com/blog/2018/04/road-ipv6-generally-smooth-contains-few-potholes/

New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn downloa…
Ever since their return more than four years ago, initially in targeted attacks and later in large-scale malware campaigns, Office macros have been one of the most prominent ways… https://www.virusbulletin.com/blog/2018/04/new-paper-powering-distribution-tesla-stealer-powershell-and-vba-macros/

VB2017 paper: Android reverse engineering tools: not the usual suspects

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a workshop o…
Within a few years, Android malware has grown from a relatively small threat – the first VB conference talk on Android, in 2011, mentioned fewer than 100 malware families – to a… https://www.virusbulletin.com/blog/2018/04/vb2017-paper-android-reverse-engineering-tools-not-usual-suspects/

Patch early, patch often, but don't blindly trust every 'patch'

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.
Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of… https://www.virusbulletin.com/blog/2018/04/patch-early-patch-often-dont-blindly-trust-every-patch/

Virus Bulletin at RSA

Next week, VB Editor Martijn Grooten will be at the RSA Conference in San Francisco.
Next week, I will be joining the international security community to attend the RSA Conference in San Francisco. Though it lacks the intimate atmosphere of so many smaller… https://www.virusbulletin.com/blog/2018/04/virus-bulletin-rsa/

Broad-ranging and international VB2018 programme announced

VB is excited to reveal the details of an interesting and diverse programme for VB2018, the 28th Virus Bulletin International Conference, which takes place 3-5 October in Montreal, Canada.
Today, we are very excited to announce the programme for VB2018, the 28th Virus Bulletin International Conference, which is to take place in Montreal, 3-5 October 2018. Putting… https://www.virusbulletin.com/blog/2018/04/broad-and-international-vb2018-programme-announced/

April

https://www.virusbulletin.com/blog/2018/04/

« Previous 1...1213141516...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.