VB Blog

Partner with VB2018 for extra visibility among industry peers

Posted by   Martijn Grooten on   Mar 8, 2018

Partnering with the VB conference links your company to a successful and well-established event, demonstrates your commitment to moving the industry forward, allows you to meet potential clients, be visible to industry peers and build lasting connections.

Read more  

VB2017 paper: The router of all evil

Posted by   Martijn Grooten on   Mar 7, 2018

At VB2017 in Madrid, security researcher Himanshu Anand presented a paper on malware that targets routers, looking both at the topic in general and at some individual case studies. Today we publish both the paper (co-written with Chastine Menrige) and the recording of Himanshu's presentation.

Read more  

Using Mailchimp makes malware campaigns a little bit more successful

Posted by   Martijn Grooten on   Mar 6, 2018

In recent months, some malicious spam campaigns have been spreading via the systems of Mailchimp, a well-known email service provider - a tactic which may give the campaigns a slightly higher success rate.

Read more  

VB2017 video: The state of cybersecurity in Africa: Kenya

Posted by   Martijn Grooten on   Mar 1, 2018

Though many of the IT security issues we face are global, there is a noticeable difference in the threats faced in various countries and regions, as well as in the ways they are dealt with. At VB2017, we heard from Tyrus Kamau about the state of cybersecurity in Kenya. Today, we publish the video of Tyrus's talk.

Read more  

A crime against statistics that is probably worse than the cyber attacks faced in County Durham

Posted by   Martijn Grooten on   Feb 21, 2018

A report on the number of cyber attacks faced by UK local authorities is a good example of how the large numbers seen in many reports on security are rather meaningless.

Read more  

NCSC gives important advice on lateral movement

Posted by   Martijn Grooten on   Feb 20, 2018

The UK's National Cyber Security Centre (NCSC) has provided helpful and practical advice on preventing and detecting lateral movement by an attacker within a network.

Read more  

What kind of people attend Virus Bulletin conferences?

Posted by   Martijn Grooten on   Feb 17, 2018

If you are considering submitting a proposal for a talk to VB2018 and you're not familiar with the event, you may find it useful to know what kind of people attend the conference.

Read more  

Olympic Games target of malware, again

Posted by   Martijn Grooten on   Feb 15, 2018

An unattributed malware attack has disrupted some computer systems of the 2018 Winter Olympics. In 1994, a computer virus also targeted the Winter Olympics.

Read more  

There are lessons to be learned from government websites serving cryptocurrency miners

Posted by   Martijn Grooten on   Feb 12, 2018

Thousands of websites, including many sites of government organisations in the UK, the US and Sweden, were recently found to have been serving a cryptocurrency miner. More interesting than the incident itself, though, are the lessons that can be learned from it.

Read more  

We need to continue the debate on the ethics and perils of publishing security research

Posted by   Martijn Grooten on   Feb 9, 2018

An article by security researcher Collin Anderson reopens the debate on whether publishing threat analyses is always in the public interest.

Read more  
Previous1...2324252627...215Next

Search blog

Test your technical and mental limits in the VB2017 foosball tournament

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!
We all know the scenario. You're using multiple layers of defence, combined with a fast response time, to prevent a skilled attacker from reaching the goal. Or maybe you are that… https://www.virusbulletin.com/blog/2017/09/join-vb2017-foosball-tournament/

The case against running Windows XP is more subtle than we think it is

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.
Greater Manchester Police has admitted to the BBC that some 1,500 of its PCs (20% of the total) are still running Windows XP, an operating system that was considered end-of-life… https://www.virusbulletin.com/blog/2017/09/case-against-running-windows-xp-more-subtle-we-think-it/

Hot FinSpy research completes VB2017 programme

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days (CVE-2017-0199 and… https://www.virusbulletin.com/blog/2017/09/hot-finspy-research-makes-vb2017-programme-complete/

Transparency is essential when monitoring your users' activities

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.
The inspection of HTTPS traffic is a sensitive issue among security experts. On the one hand, there are those who argue that this breaks the important end-to-end principle of… https://www.virusbulletin.com/blog/2017/09/transparency-essential-when-monitoring-someone-elses-activities/

VB2017 preview: Android reverse engineering tools: not the usual suspects

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.
Six years ago (coincidentally the last time the VB conference was held in Spain) saw the first VB conference paper presented on Android malware, which at that time was still an… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-android-reverse-engineering-tools-not-usual-suspects/

Malicious CCleaner update points to a major weakness in our infrastructure

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.
For the security community, 2017 might well be called the year of the update: two of the biggest security stories – the WannaCry outbreak and the Equifax breach – involved… https://www.virusbulletin.com/blog/2017/09/malicious-ccleaner-update-points-major-weakness-our-infrastructure/

Despite the profitability of ransomware there is a good reason why mining malware is thriving

Though ransomware is far more profitable than using a compromised PC to mine bitcoins, the global distribution of malware means that there are many botnets for which mining is the most efficient way to extract money out of a PC.
When, a few years ago, a friend and I were analysing a rather large botnet and we saw some network traffic indicating that it was engaged in Bitcoin mining, we felt rather… https://www.virusbulletin.com/blog/2017/09/despite-profitability-ransomware-there-good-reason-why-mining-malware-thriving/

VB2017 preview: Crypton - exposing malware's deepest secrets

We preview the VB2017 paper by Julia Karpin and Anna Dorfman (F5 networks), in which they present a tool to decrypt encrypted parts of malware.
Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-crypton-exposing-malwares-deepest-secrets/

VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats

We preview the VB2017 paper by Marco Romagna and Niek Jan van den Hout (The Hague University of Applied Sciences), in which they thoroughly analyse the motivations and modus operandy of hacktivists.
In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-hacktivism-and-website-defacement-motivations-capabilities-and-potential-threats/

Three questions to ask about security product bypasses

Proof-of-concepts for bypasses of security products always sound scary, but how seriously should we take them? VB Editor Martijn Grooten lists three questions one should ask about any such bypass to determine how serious a threat it represents.
Techniques for bypassing security products feature prominently at security conferences and on security blogs these days. Indeed, with so many people relying implicitly or… https://www.virusbulletin.com/blog/2017/09/three-questions-ask-about-security-product-bypasses/

VB2017: WHOIS and EICAR Small Talks added

Today, we announce two more 'Small Talks' for the VB2017 programme. In one of them, Neil Schwarzman will discuss the consequences of the GDPR for WHOIS and abuse research, while the other will be hosted by three members of EICAR, who will discuss its work…
In addition to the nine 'last-minute' papers that were announced and added to the VB2017 programme yesterday, we have also added two more 'Small Talks'. The 'Small Talks' take… https://www.virusbulletin.com/blog/2017/09/vb2017-whois-and-eicar-small-talks-added/

VB2017: nine last-minute papers announced

From attacks on Ukraine's power grid to web shells, and from car hacking to ransomware: we announce the first nine 'last-minute' papers on the VB2017 programme.
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the… https://www.virusbulletin.com/blog/2017/09/vb2017-nine-last-minute-papers-announced/

Patching is important even when it only shows the maturity of your security process

A lot of vulnerabilities that are discovered are never exploited in the wild. It is still important to patch them though.
Sometimes a Tweet says more than a 50-minute conference presentation: Bad TLS as an externally measurable metric for whether an organisation has a mature security process,… https://www.virusbulletin.com/blog/2017/09/patching-important-even-when-it-only-shows-maturity-your-security-process/

September

https://www.virusbulletin.com/blog/2017/09/

Massive data breach confirms what you already knew: you are getting spam

A security researcher found more than 700 million email addresses stored on a server used by a spam botnet, which gives us some insight into what the email lists used by spammers look like.
The security community spends a lot of time and effort researching the infrastructure used by spammers to send billions of unwanted and often malicious emails every day – but… https://www.virusbulletin.com/blog/2017/09/massive-data-breach-confirms-what-you-already-knew-you-are-getting-spam/

VB2017 preview: State of cybersecurity in Africa: Kenya

We preview the VB2017 presentation by Tyrus Kamau (Euclid Security), who will talk about the state of cybersecurity in Africa, with a particular focus on his home country, Kenya.
The Internet is very much a global phenomenon, and for that reason, so is cybersecurity. A remote code execution vulnerability is as much of a problem on a server in Afghanistan… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-state-cyber-security-africa-kenya/

VB2017 preview: Calling all PUA fighters

We preview the VB2017 Small Talk to be given by AppEsteem's Dennis Batchelder that should help security vendors make decisions about apps whose behaviours sit right on the limits of what is acceptable from a security point of view.
While a lot of attention is focused on the fight against advanced malware, a different kind of threat is providing just as big a headache for security companies: that of apps… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-calling-all-pua-fighters/

VB2017 preview: From insider threat to insider asset: a practical guide

We preview the VB2017 paper by Forcepoint's Kristin Leary and Richard Ford, who will discuss a practical approach to preventing insider attacks.
"How to catch a Snowden" was the slogan branded across an exhibition booth at the recent Infosecurity Europe event by an exhibitor apparently offering a solution to insider… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-insider-threat-insider-asset-practical-guide/

WireX DDoS botnet takedown shows the best side of the security industry

Collaboration between a number of security companies has led to the takedown of the WireX Android DDoS botnet. Efforts like these, and the fact that the companies involved all decided to publish the very same blog post, show the best side of the security …
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many… https://www.virusbulletin.com/blog/2017/08/wirex-ddos-botnet-takedown-shows-best-side-security-industry/

VB2017 preview: Your role in child abuse

We preview the VB2017 presentation by Mick Moran, who will discuss online child abuse and the role the security community can play fighting it.
When previewing VB conference talks, I often get excited about presentations that are to showcase clever attacks and brilliant techniques to fight them. About Mick Moran's VB2017… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-your-role-child-abuse/

« Previous 1...1718192021...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.