VB Blog

Virus Bulletin at RSA

Posted by   Martijn Grooten on   Apr 13, 2018

Next week, VB Editor Martijn Grooten will be at the RSA Conference in San Francisco.

Read more  

Broad-ranging and international VB2018 programme announced

Posted by   Martijn Grooten on   Apr 11, 2018

VB is excited to reveal the details of an interesting and diverse programme for VB2018, the 28th Virus Bulletin International Conference, which takes place 3-5 October in Montreal, Canada.

Read more  

Netflix issue shows email verification really does matter

Posted by   Martijn Grooten on   Apr 10, 2018

A clever trick taking advantage of the fact that Gmail ignores dots in email addresses could be used to trick someone into paying for your Netflix subscription - demonstrating the importance of confirmed opt-in.

Read more  

VB2017 paper: Exploring the virtual worlds of advergaming

Posted by   Martijn Grooten on   Apr 10, 2018

At VB2017 in Madrid, Malwarebytes' Chris Boyd presented a paper in which he looked at various aspects of advergaming, from unreadable EULAs to fake programs that promise to block ads. Today, we publish both the paper and the recording of Chris's presentation.

Read more  

New paper: Distinguishing between malicious app collusion and benign app collaboration: a machine-learning approach

Posted by   Martijn Grooten on   Mar 27, 2018

Two or more mobile apps, viewed independently, may not appear to be malicious - but in combination, they could become harmful by exchanging information with one another and by performing malicious activities together. Today, we publish a new paper by a group of researchers affiliated with various UK universities and companies, which looks at how machine-learning methods can be used to detect app collusions.

Read more  

VB2016 paper: Wild Android collusions

Posted by   Martijn Grooten on   Mar 26, 2018

At VB2016 in Denver, Jorge Blasco presented a paper (co-written with Thomas M. Chen, Igor Muttik and Markus Roggenbach), in which he discussed the concept of app collusion - where two (or more) apps installed on the same device work together to collect and extract data from the device - and presented discoveries of colluding code in many in-the-wild apps. Today, we publish both the paper and the recording of Jorge's presentation.

Read more  

VB2017 paper: The life story of an IPT - Inept Persistent Threat actor

Posted by   Martijn Grooten on   Mar 19, 2018

At VB2017 in Madrid, Polish security researcher and journalist Adam Haertlé presented a paper about a very inept persistent threat. Today, we publish both the paper and the recording of Adam's presentation.

Read more  

Five reasons to submit a VB2018 paper this weekend

Posted by   Martijn Grooten on   Mar 16, 2018

The call for papers for VB2018 closes on 18 March, and while we've already received many great submissions, we still want more! Here are five reasons why you should submit a paper this weekend.

Read more  

First partners of VB2018 announced

Posted by   Martijn Grooten on   Mar 15, 2018

We are excited to announce the first six companies to partner with VB2018.

Read more  

VB2018: looking for technical and non-technical talks

Posted by   Martijn Grooten on   Mar 9, 2018

We like to pick good, solid technical talks for the VB conference programme, but good talks don't have to be technical and we welcome less technical submissions just as much.

Read more  
Previous1...2223242526...215Next

Search blog

Test your technical and mental limits in the VB2017 foosball tournament

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!
We all know the scenario. You're using multiple layers of defence, combined with a fast response time, to prevent a skilled attacker from reaching the goal. Or maybe you are that… https://www.virusbulletin.com/blog/2017/09/join-vb2017-foosball-tournament/

The case against running Windows XP is more subtle than we think it is

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.
Greater Manchester Police has admitted to the BBC that some 1,500 of its PCs (20% of the total) are still running Windows XP, an operating system that was considered end-of-life… https://www.virusbulletin.com/blog/2017/09/case-against-running-windows-xp-more-subtle-we-think-it/

Hot FinSpy research completes VB2017 programme

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days (CVE-2017-0199 and… https://www.virusbulletin.com/blog/2017/09/hot-finspy-research-makes-vb2017-programme-complete/

Transparency is essential when monitoring your users' activities

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.
The inspection of HTTPS traffic is a sensitive issue among security experts. On the one hand, there are those who argue that this breaks the important end-to-end principle of… https://www.virusbulletin.com/blog/2017/09/transparency-essential-when-monitoring-someone-elses-activities/

VB2017 preview: Android reverse engineering tools: not the usual suspects

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.
Six years ago (coincidentally the last time the VB conference was held in Spain) saw the first VB conference paper presented on Android malware, which at that time was still an… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-android-reverse-engineering-tools-not-usual-suspects/

Malicious CCleaner update points to a major weakness in our infrastructure

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.
For the security community, 2017 might well be called the year of the update: two of the biggest security stories – the WannaCry outbreak and the Equifax breach – involved… https://www.virusbulletin.com/blog/2017/09/malicious-ccleaner-update-points-major-weakness-our-infrastructure/

Despite the profitability of ransomware there is a good reason why mining malware is thriving

Though ransomware is far more profitable than using a compromised PC to mine bitcoins, the global distribution of malware means that there are many botnets for which mining is the most efficient way to extract money out of a PC.
When, a few years ago, a friend and I were analysing a rather large botnet and we saw some network traffic indicating that it was engaged in Bitcoin mining, we felt rather… https://www.virusbulletin.com/blog/2017/09/despite-profitability-ransomware-there-good-reason-why-mining-malware-thriving/

VB2017 preview: Crypton - exposing malware's deepest secrets

We preview the VB2017 paper by Julia Karpin and Anna Dorfman (F5 networks), in which they present a tool to decrypt encrypted parts of malware.
Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-crypton-exposing-malwares-deepest-secrets/

VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats

We preview the VB2017 paper by Marco Romagna and Niek Jan van den Hout (The Hague University of Applied Sciences), in which they thoroughly analyse the motivations and modus operandy of hacktivists.
In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-hacktivism-and-website-defacement-motivations-capabilities-and-potential-threats/

Three questions to ask about security product bypasses

Proof-of-concepts for bypasses of security products always sound scary, but how seriously should we take them? VB Editor Martijn Grooten lists three questions one should ask about any such bypass to determine how serious a threat it represents.
Techniques for bypassing security products feature prominently at security conferences and on security blogs these days. Indeed, with so many people relying implicitly or… https://www.virusbulletin.com/blog/2017/09/three-questions-ask-about-security-product-bypasses/

VB2017: WHOIS and EICAR Small Talks added

Today, we announce two more 'Small Talks' for the VB2017 programme. In one of them, Neil Schwarzman will discuss the consequences of the GDPR for WHOIS and abuse research, while the other will be hosted by three members of EICAR, who will discuss its work…
In addition to the nine 'last-minute' papers that were announced and added to the VB2017 programme yesterday, we have also added two more 'Small Talks'. The 'Small Talks' take… https://www.virusbulletin.com/blog/2017/09/vb2017-whois-and-eicar-small-talks-added/

VB2017: nine last-minute papers announced

From attacks on Ukraine's power grid to web shells, and from car hacking to ransomware: we announce the first nine 'last-minute' papers on the VB2017 programme.
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the… https://www.virusbulletin.com/blog/2017/09/vb2017-nine-last-minute-papers-announced/

Patching is important even when it only shows the maturity of your security process

A lot of vulnerabilities that are discovered are never exploited in the wild. It is still important to patch them though.
Sometimes a Tweet says more than a 50-minute conference presentation: Bad TLS as an externally measurable metric for whether an organisation has a mature security process,… https://www.virusbulletin.com/blog/2017/09/patching-important-even-when-it-only-shows-maturity-your-security-process/

September

https://www.virusbulletin.com/blog/2017/09/

Massive data breach confirms what you already knew: you are getting spam

A security researcher found more than 700 million email addresses stored on a server used by a spam botnet, which gives us some insight into what the email lists used by spammers look like.
The security community spends a lot of time and effort researching the infrastructure used by spammers to send billions of unwanted and often malicious emails every day – but… https://www.virusbulletin.com/blog/2017/09/massive-data-breach-confirms-what-you-already-knew-you-are-getting-spam/

VB2017 preview: State of cybersecurity in Africa: Kenya

We preview the VB2017 presentation by Tyrus Kamau (Euclid Security), who will talk about the state of cybersecurity in Africa, with a particular focus on his home country, Kenya.
The Internet is very much a global phenomenon, and for that reason, so is cybersecurity. A remote code execution vulnerability is as much of a problem on a server in Afghanistan… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-state-cyber-security-africa-kenya/

VB2017 preview: Calling all PUA fighters

We preview the VB2017 Small Talk to be given by AppEsteem's Dennis Batchelder that should help security vendors make decisions about apps whose behaviours sit right on the limits of what is acceptable from a security point of view.
While a lot of attention is focused on the fight against advanced malware, a different kind of threat is providing just as big a headache for security companies: that of apps… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-calling-all-pua-fighters/

VB2017 preview: From insider threat to insider asset: a practical guide

We preview the VB2017 paper by Forcepoint's Kristin Leary and Richard Ford, who will discuss a practical approach to preventing insider attacks.
"How to catch a Snowden" was the slogan branded across an exhibition booth at the recent Infosecurity Europe event by an exhibitor apparently offering a solution to insider… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-insider-threat-insider-asset-practical-guide/

WireX DDoS botnet takedown shows the best side of the security industry

Collaboration between a number of security companies has led to the takedown of the WireX Android DDoS botnet. Efforts like these, and the fact that the companies involved all decided to publish the very same blog post, show the best side of the security …
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many… https://www.virusbulletin.com/blog/2017/08/wirex-ddos-botnet-takedown-shows-best-side-security-industry/

VB2017 preview: Your role in child abuse

We preview the VB2017 presentation by Mick Moran, who will discuss online child abuse and the role the security community can play fighting it.
When previewing VB conference talks, I often get excited about presentations that are to showcase clever attacks and brilliant techniques to fight them. About Mick Moran's VB2017… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-your-role-child-abuse/

« Previous 1...1718192021...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.