VB Blog

VB2018 presentation: Levelling up: why sharing threat intelligence makes you more competitive

Posted by   Helen Martin on   Mar 1, 2019

In a presentation at VB2018, Michael Daniel, President and CEO of the Cyber Threat Alliance, outlined exactly how threat sharing strengthens a company's competitive advantage. Today we release the recording of his presentation.

Read more  

The malspam security products miss: Emotet, Ursnif, and a spammer's blunder

Posted by   Martijn Grooten on   Feb 25, 2019

The set-up of the VBSpam test lab gives us a unique insight into the kinds of emails that are more likely to bypass email filters. This week we look at the malspam that was missed: a very international email with a link serving Emotet, an Italian Ursnif campaign with a password-protected ZIP and an email to which a clumsy spammer had attached a list of email addresses rather than a payload.

Read more  

VB2018 paper: The modality of mortality in domain names

Posted by   Martijn Grooten on   Feb 22, 2019

Domains play a crucial role in most cyber attacks, from the very advanced to the very mundane. Today, we publish a VB2018 paper by Paul Vixie (Farsight Security) who undertook the first systematic study into the lifetimes of newly registered domains.

Read more  

VB2018 paper: Analysing compiled binaries using logic

Posted by   Martijn Grooten on   Feb 20, 2019

Constraint programming is a lesser-known technique that is becoming increasingly popular among malware analysts. In a paper presented at VB2018 Thaís Moreira Hamasaki presented an overview of the technique and explained how it can be applied to the analysis of (potentially) malicious binaries. Today, we publish both Thaís' paper and the video of her presentation.

Read more  

Virus Bulletin encourages experienced speakers and newcomers alike to submit proposals for VB2019

Posted by   Martijn Grooten on   Feb 19, 2019

With a little less than a month before the deadline of the call for papers for VB2019, Virus Bulletin encourages submissions from experienced speakers and newcomers alike.

Read more  

VB2018 paper: Internet balkanization: why are we raising borders online?

Posted by   Helen Martin on   Feb 13, 2019

At VB2018 in Montreal, Ixia researcher Stefan Tanase presented a thought-provoking paper on the current state of the Internet and the worrying tendency towards raising borders and restricting the flow of information. Today we publish both his paper and the recording of his presentation.

Read more  

The malspam security products miss: banking and email phishing, Emotet and Bushaloader

Posted by   Martijn Grooten on   Feb 11, 2019

The set-up of the VBSpam test lab gives us a unique insight into the kinds of emails that are more likely to bypass email filters. This week we look at the malspam that was missed: banking and email phishing, Emotet and Bushaloader.

Read more  

VB2018 paper: Where have all the good hires gone?

Posted by   Helen Martin on   Feb 8, 2019

The cybersecurity skills gap has been described as one of the biggest challenges facing IT leaders today. At VB2018 in Montreal, ESET's Lysa Myers outlined some of the things the industry can do to help address the problem. Today we publish Lysa's paper and the recording of her presentation.

Read more  

Preview: Nullcon 2019

Posted by   Martijn Grooten on   Feb 5, 2019

We look forward the Nullcon 2019 conference in Goa, India, at which VB Editor Martijn Grooten will give a talk on the state of malware.

Read more  

From Amazon to Emotet: a look at those phishing and malware emails that bypassed email security products

Posted by   Martijn Grooten on   Feb 3, 2019

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Recently some of the emails that bypassed security products included a broken Amazon phishing campaign, a large fake UPS campaign and malicious emails carrying Emotet and Lokibot.

Read more  
Previous1...1213141516...215Next

Search blog

New paper: A review of the evolution of Andromeda over the years

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by…
In December last year, a joint operation involving law enforcement agencies and many security firms led to the dismantling of the Andromeda botnet, also known as Gamarue or… https://www.virusbulletin.com/blog/2018/02/new-paper-review-evolution-andromeda-over-years/

There is no evidence in-the-wild malware is using Meltdown or Spectre

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.
Almost a month after the Meltdown and Spectre attacks against various CPUs were discovered and revealed to the public, there have been reports of the existence of malware that… https://www.virusbulletin.com/blog/2018/02/there-no-evidence-wild-malware-using-meltdown-or-spectre/

February

https://www.virusbulletin.com/blog/2018/02/

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.
In late spring of 2011, a sudden rise in the price of Bitcoin – reaching almost US$30, up from less than $1 barely a month earlier – attracted the attention of malware authors.… https://www.virusbulletin.com/blog/2018/02/throwback-thursday-malware-taking-bitcoin-more-we-bargained/

First time speaker? Don't be afraid of submitting to the VB2018 CFP

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others h…
Last week, we opened the Call for Papers for VB2018, the 28th Virus Bulletin International Conference, which will take place in Montreal, 3-5 October this year. Over the years,… https://www.virusbulletin.com/blog/2018/01/first-time-speaker-we-hope-you-submit-vb2018-cfp/

VB2017 paper: VirusTotal tips, tricks and myths

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.
In a surprise announcement, Google's parent company Alphabet has introduced Chronicle, a threat intelligence offering in which Google-owned VirusTotal will play an important role.… https://www.virusbulletin.com/blog/2018/01/vb2017-paper-virustotal-tips-tricks-and-myths/

Healthcare CERTs highlight the need for security guidance for specific sectors

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.
In February 2016, a US hospital saw a heart operation interrupted by the rebooting of a monitoring PC, caused by anti-virus software running on the machine. The report filed makes… https://www.virusbulletin.com/blog/2018/01/healthcare-certs-show-need-security-guidance-specific-sectors/

VB2018 call for papers now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!
The call for papers for VB2018, the 28th Virus Bulletin International Conference, which will take place in Montreal, Canada, 3-5 October 2018, is now open! We welcome… https://www.virusbulletin.com/blog/2018/01/vb2018-call-papers/

Book review: Serious Cryptography

VB Editor Martijn Grooten recommends Jean-Philippe Aumasson's 'Serious Cryptography' as a very solid but practically focused introduction to cryptography.
This year, Alice and Bob will have been exchanging messages for 40 years. In terms of their contribution to cryptography, they have been almost as important as that other… https://www.virusbulletin.com/blog/2018/01/book-review-serious-cryptography/

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.
Cryptocurrencies have attracted the attention of cybercriminals for many years: as a relatively anonymous payment channel, as a target of their digital theft, and as a way to turn… https://www.virusbulletin.com/blog/2018/01/necurs-pump-and-dump-spam-campaign-pushes-obscure-cryptocurrency/

Alleged author of creepy FruitFly macOS malware arrested

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.
It is almost a year since the mysterious FruitFly malware for macOS was discovered. Malware targeting macOS is still uncommon enough to be newsworthy, but FruitFly seemed… https://www.virusbulletin.com/blog/2018/01/alleged-author-creepy-fruitfly-macos-malware-arrested/

The threat and security product landscape in 2017

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.
Like many security firms, Virus Bulletin takes the opportunity of the start of the new year to look back at the threats seen over the last 12 months. In a report we publish… https://www.virusbulletin.com/blog/2018/01/threat-and-security-product-landscape-2017/

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.
Of all the annual security reports and blog posts that look back at the previous year, that of Spamhaus is one I particularly look forward to, as it always comes with good and… https://www.virusbulletin.com/blog/2018/01/spamhaus-reports-shows-many-botnet-controllers-look-lot-legitimate-servers/

Tips on researching tech support scams

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.
At one end of the attack spectrum there are attacks that cleverly exploit features of modern processors. At the other end, there are tech support scams that, through some basic… https://www.virusbulletin.com/blog/2018/01/tips-researching-tech-support-scams/

2018

https://www.virusbulletin.com/blog/2018/

January

https://www.virusbulletin.com/blog/2018/01/

Meltdown and Spectre attacks mitigated by operating system updates

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their product…
We wish all our readers a very happy and very secure 2018! The latter part will not come without some serious work though. We are not even four days into the new year and we… https://www.virusbulletin.com/blog/2018/01/meltdown-and-spectre-attacks-mitigated-operating-system-updates/

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

Conference review: Botconf 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.
Since its first edition in 2013, the Virus Bulletin team have been big fans of Botconf, the botnet fighting conference held every year in France. This year, Virus Bulletin sent… https://www.virusbulletin.com/blog/2017/12/conference-review-botconf-2017/

VB2017 videos on attacks against Ukraine

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adam…
(In)security is a global problem that affects every country in the world, but in recent years, none has been as badly hit as Ukraine. The most well known malware that… https://www.virusbulletin.com/blog/2017/12/vb2017-videos-attacks-against-ukraine/

« Previous 1...1415161718...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.