VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Posted by Martijn Grooten on Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Previous1...2728293031...215Next

Search blog

New paper: A review of the evolution of Andromeda over the years

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by…
In December last year, a joint operation involving law enforcement agencies and many security firms led to the dismantling of the Andromeda botnet, also known as Gamarue or… https://www.virusbulletin.com/blog/2018/02/new-paper-review-evolution-andromeda-over-years/

There is no evidence in-the-wild malware is using Meltdown or Spectre

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.
Almost a month after the Meltdown and Spectre attacks against various CPUs were discovered and revealed to the public, there have been reports of the existence of malware that… https://www.virusbulletin.com/blog/2018/02/there-no-evidence-wild-malware-using-meltdown-or-spectre/

February

https://www.virusbulletin.com/blog/2018/02/

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.
In late spring of 2011, a sudden rise in the price of Bitcoin – reaching almost US$30, up from less than $1 barely a month earlier – attracted the attention of malware authors.… https://www.virusbulletin.com/blog/2018/02/throwback-thursday-malware-taking-bitcoin-more-we-bargained/

First time speaker? Don't be afraid of submitting to the VB2018 CFP

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others h…
Last week, we opened the Call for Papers for VB2018, the 28th Virus Bulletin International Conference, which will take place in Montreal, 3-5 October this year. Over the years,… https://www.virusbulletin.com/blog/2018/01/first-time-speaker-we-hope-you-submit-vb2018-cfp/

VB2017 paper: VirusTotal tips, tricks and myths

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.
In a surprise announcement, Google's parent company Alphabet has introduced Chronicle, a threat intelligence offering in which Google-owned VirusTotal will play an important role.… https://www.virusbulletin.com/blog/2018/01/vb2017-paper-virustotal-tips-tricks-and-myths/

Healthcare CERTs highlight the need for security guidance for specific sectors

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.
In February 2016, a US hospital saw a heart operation interrupted by the rebooting of a monitoring PC, caused by anti-virus software running on the machine. The report filed makes… https://www.virusbulletin.com/blog/2018/01/healthcare-certs-show-need-security-guidance-specific-sectors/

VB2018 call for papers now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!
The call for papers for VB2018, the 28th Virus Bulletin International Conference, which will take place in Montreal, Canada, 3-5 October 2018, is now open! We welcome… https://www.virusbulletin.com/blog/2018/01/vb2018-call-papers/

Book review: Serious Cryptography

VB Editor Martijn Grooten recommends Jean-Philippe Aumasson's 'Serious Cryptography' as a very solid but practically focused introduction to cryptography.
This year, Alice and Bob will have been exchanging messages for 40 years. In terms of their contribution to cryptography, they have been almost as important as that other… https://www.virusbulletin.com/blog/2018/01/book-review-serious-cryptography/

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.
Cryptocurrencies have attracted the attention of cybercriminals for many years: as a relatively anonymous payment channel, as a target of their digital theft, and as a way to turn… https://www.virusbulletin.com/blog/2018/01/necurs-pump-and-dump-spam-campaign-pushes-obscure-cryptocurrency/

Alleged author of creepy FruitFly macOS malware arrested

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.
It is almost a year since the mysterious FruitFly malware for macOS was discovered. Malware targeting macOS is still uncommon enough to be newsworthy, but FruitFly seemed… https://www.virusbulletin.com/blog/2018/01/alleged-author-creepy-fruitfly-macos-malware-arrested/

The threat and security product landscape in 2017

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.
Like many security firms, Virus Bulletin takes the opportunity of the start of the new year to look back at the threats seen over the last 12 months. In a report we publish… https://www.virusbulletin.com/blog/2018/01/threat-and-security-product-landscape-2017/

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.
Of all the annual security reports and blog posts that look back at the previous year, that of Spamhaus is one I particularly look forward to, as it always comes with good and… https://www.virusbulletin.com/blog/2018/01/spamhaus-reports-shows-many-botnet-controllers-look-lot-legitimate-servers/

Tips on researching tech support scams

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.
At one end of the attack spectrum there are attacks that cleverly exploit features of modern processors. At the other end, there are tech support scams that, through some basic… https://www.virusbulletin.com/blog/2018/01/tips-researching-tech-support-scams/

2018

https://www.virusbulletin.com/blog/2018/

January

https://www.virusbulletin.com/blog/2018/01/

Meltdown and Spectre attacks mitigated by operating system updates

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their product…
We wish all our readers a very happy and very secure 2018! The latter part will not come without some serious work though. We are not even four days into the new year and we… https://www.virusbulletin.com/blog/2018/01/meltdown-and-spectre-attacks-mitigated-operating-system-updates/

Conference review: AVAR 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.
The first week of December was packed with security conferences, and VB2017 speakers were busy presenting their research at no fewer than four different events: FIRST in Prague,… https://www.virusbulletin.com/blog/2017/12/conference-review-avar-2017/

Conference review: Botconf 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.
Since its first edition in 2013, the Virus Bulletin team have been big fans of Botconf, the botnet fighting conference held every year in France. This year, Virus Bulletin sent… https://www.virusbulletin.com/blog/2017/12/conference-review-botconf-2017/

VB2017 videos on attacks against Ukraine

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adam…
(In)security is a global problem that affects every country in the world, but in recent years, none has been as badly hit as Ukraine. The most well known malware that… https://www.virusbulletin.com/blog/2017/12/vb2017-videos-attacks-against-ukraine/

« Previous 1...1415161718...120 Next »