VB Blog

VB2020 presentation: Evolution of Excel 4.0 macro weaponization

Posted by   Virus Bulletin on   Nov 30, 2020

At VB2020 localhost James Haughom, Stefano Ortolani and Baibhav Singh gave a presentation in which they described how XL4 macros are being weaponised and the evolution of the techniques used.

Read more  

Cybersecurity Assessment Tool launched by Ford Foundation

Posted by   Virus Bulletin on   Nov 20, 2020

The Ford Foundation has launched a tool designed to help nonprofit organizations assess their own cybersecurity efforts.

Read more  

VB2020 presentation: Another threat actor day…

Posted by   Virus Bulletin on   Nov 19, 2020

At VB2020 localhost Paul Jung, of Excellium Services, detailed an incident response that he and his team faced when, in December 2019, a Belgian hospital required their help to manage a breach of their informations system.

Read more  

VB2020 presentation: Ramsay: a cyber-espionage toolkit tailored for air-gapped networks

Posted by   Virus Bulletin on   Nov 16, 2020

At VB2020 localhost, ESET researcher Ignacio Sanmillan spoke about Ramsay, a toolkit specifically designed to steal documents and operate within air-gapped networks.

Read more  

VB2020 TIPS presentation: Business Email Compromise – Scalable Attribution Powering Industry and Law Enforcement Collaboration

Posted by   Virus Bulletin on   Nov 12, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing.

Read more  

VB2020 TIPS presentation: Collaborating with Competitors: A Better Strategy to Beat Adversaries

Posted by   Virus Bulletin on   Nov 3, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing.

Read more  

VB2020 TIPS presentations: cybercrime in the DACH region and ransomware in LATAM

Posted by   Virus Bulletin on   Oct 27, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing

Read more  

VB2020 TIPS presentation: Intelligence Sharing for Supply Chain Security

Posted by   Virus Bulletin on   Oct 21, 2020

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing.

Read more  

VB2020 localhost is over, but the content is still available to view!

Posted by   Virus Bulletin on   Oct 6, 2020

VB2020 localhost - VB's first foray into the world of virtual conferences - took place last week, but you can still watch all the presentations.

Read more  

New additions complete the VB2020 localhost programme

Posted by   Virus Bulletin on   Aug 25, 2020

The programme for VB2020 localhost - the first virtual, and entirely free to attend VB conference - is now complete, with new additions to both the live programme and the on-demand programme.

Read more  
Previous1234567...215Next

Search blog

Test your technical and mental limits in the VB2017 foosball tournament

As has become tradition, VB2017 will once again see a security industry table football tournament. Register your team now for some great fun and adrenaline-filled matches in between sessions in Madrid!
We all know the scenario. You're using multiple layers of defence, combined with a fast response time, to prevent a skilled attacker from reaching the goal. Or maybe you are that… https://www.virusbulletin.com/blog/2017/09/join-vb2017-foosball-tournament/

The case against running Windows XP is more subtle than we think it is

Greater Manchester Police is one of many organizations still running Windows XP on some of its systems. This is bad practice, but the case against running XP is far more subtle than we often pretend it is.
Greater Manchester Police has admitted to the BBC that some 1,500 of its PCs (20% of the total) are still running Windows XP, an operating system that was considered end-of-life… https://www.virusbulletin.com/blog/2017/09/case-against-running-windows-xp-more-subtle-we-think-it/

Hot FinSpy research completes VB2017 programme

Researchers from ESET have found a new way in which the FinSpy/FinFisher 'government spyware' can infect users, details of which they will present at VB2017 in Madrid.
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days (CVE-2017-0199 and… https://www.virusbulletin.com/blog/2017/09/hot-finspy-research-makes-vb2017-programme-complete/

Transparency is essential when monitoring your users' activities

Activity monitoring by security products in general, and HTTPS traffic inspection in particular, are sensitive issues in the security community. There is a time and a place for them, VB's Martijn Grooten argues, but only when they are done right.
The inspection of HTTPS traffic is a sensitive issue among security experts. On the one hand, there are those who argue that this breaks the important end-to-end principle of… https://www.virusbulletin.com/blog/2017/09/transparency-essential-when-monitoring-someone-elses-activities/

VB2017 preview: Android reverse engineering tools: not the usual suspects

We preview the VB2017 paper by Fortinet researcher Axelle Apvrille, in which she looks at some less obvious tools for reverse engineering Android malware.
Six years ago (coincidentally the last time the VB conference was held in Spain) saw the first VB conference paper presented on Android malware, which at that time was still an… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-android-reverse-engineering-tools-not-usual-suspects/

Malicious CCleaner update points to a major weakness in our infrastructure

Researchers from Cisco Talos have found that a recent version of the widely used CCleaner tool installed malware on the machine.
For the security community, 2017 might well be called the year of the update: two of the biggest security stories – the WannaCry outbreak and the Equifax breach – involved… https://www.virusbulletin.com/blog/2017/09/malicious-ccleaner-update-points-major-weakness-our-infrastructure/

Despite the profitability of ransomware there is a good reason why mining malware is thriving

Though ransomware is far more profitable than using a compromised PC to mine bitcoins, the global distribution of malware means that there are many botnets for which mining is the most efficient way to extract money out of a PC.
When, a few years ago, a friend and I were analysing a rather large botnet and we saw some network traffic indicating that it was engaged in Bitcoin mining, we felt rather… https://www.virusbulletin.com/blog/2017/09/despite-profitability-ransomware-there-good-reason-why-mining-malware-thriving/

VB2017 preview: Crypton - exposing malware's deepest secrets

We preview the VB2017 paper by Julia Karpin and Anna Dorfman (F5 networks), in which they present a tool to decrypt encrypted parts of malware.
Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-crypton-exposing-malwares-deepest-secrets/

VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats

We preview the VB2017 paper by Marco Romagna and Niek Jan van den Hout (The Hague University of Applied Sciences), in which they thoroughly analyse the motivations and modus operandy of hacktivists.
In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-hacktivism-and-website-defacement-motivations-capabilities-and-potential-threats/

Three questions to ask about security product bypasses

Proof-of-concepts for bypasses of security products always sound scary, but how seriously should we take them? VB Editor Martijn Grooten lists three questions one should ask about any such bypass to determine how serious a threat it represents.
Techniques for bypassing security products feature prominently at security conferences and on security blogs these days. Indeed, with so many people relying implicitly or… https://www.virusbulletin.com/blog/2017/09/three-questions-ask-about-security-product-bypasses/

VB2017: WHOIS and EICAR Small Talks added

Today, we announce two more 'Small Talks' for the VB2017 programme. In one of them, Neil Schwarzman will discuss the consequences of the GDPR for WHOIS and abuse research, while the other will be hosted by three members of EICAR, who will discuss its work…
In addition to the nine 'last-minute' papers that were announced and added to the VB2017 programme yesterday, we have also added two more 'Small Talks'. The 'Small Talks' take… https://www.virusbulletin.com/blog/2017/09/vb2017-whois-and-eicar-small-talks-added/

VB2017: nine last-minute papers announced

From attacks on Ukraine's power grid to web shells, and from car hacking to ransomware: we announce the first nine 'last-minute' papers on the VB2017 programme.
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the… https://www.virusbulletin.com/blog/2017/09/vb2017-nine-last-minute-papers-announced/

Patching is important even when it only shows the maturity of your security process

A lot of vulnerabilities that are discovered are never exploited in the wild. It is still important to patch them though.
Sometimes a Tweet says more than a 50-minute conference presentation: Bad TLS as an externally measurable metric for whether an organisation has a mature security process,… https://www.virusbulletin.com/blog/2017/09/patching-important-even-when-it-only-shows-maturity-your-security-process/

September

https://www.virusbulletin.com/blog/2017/09/

Massive data breach confirms what you already knew: you are getting spam

A security researcher found more than 700 million email addresses stored on a server used by a spam botnet, which gives us some insight into what the email lists used by spammers look like.
The security community spends a lot of time and effort researching the infrastructure used by spammers to send billions of unwanted and often malicious emails every day – but… https://www.virusbulletin.com/blog/2017/09/massive-data-breach-confirms-what-you-already-knew-you-are-getting-spam/

VB2017 preview: State of cybersecurity in Africa: Kenya

We preview the VB2017 presentation by Tyrus Kamau (Euclid Security), who will talk about the state of cybersecurity in Africa, with a particular focus on his home country, Kenya.
The Internet is very much a global phenomenon, and for that reason, so is cybersecurity. A remote code execution vulnerability is as much of a problem on a server in Afghanistan… https://www.virusbulletin.com/blog/2017/09/vb2017-preview-state-cyber-security-africa-kenya/

VB2017 preview: Calling all PUA fighters

We preview the VB2017 Small Talk to be given by AppEsteem's Dennis Batchelder that should help security vendors make decisions about apps whose behaviours sit right on the limits of what is acceptable from a security point of view.
While a lot of attention is focused on the fight against advanced malware, a different kind of threat is providing just as big a headache for security companies: that of apps… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-calling-all-pua-fighters/

VB2017 preview: From insider threat to insider asset: a practical guide

We preview the VB2017 paper by Forcepoint's Kristin Leary and Richard Ford, who will discuss a practical approach to preventing insider attacks.
"How to catch a Snowden" was the slogan branded across an exhibition booth at the recent Infosecurity Europe event by an exhibitor apparently offering a solution to insider… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-insider-threat-insider-asset-practical-guide/

WireX DDoS botnet takedown shows the best side of the security industry

Collaboration between a number of security companies has led to the takedown of the WireX Android DDoS botnet. Efforts like these, and the fact that the companies involved all decided to publish the very same blog post, show the best side of the security …
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many… https://www.virusbulletin.com/blog/2017/08/wirex-ddos-botnet-takedown-shows-best-side-security-industry/

VB2017 preview: Your role in child abuse

We preview the VB2017 presentation by Mick Moran, who will discuss online child abuse and the role the security community can play fighting it.
When previewing VB conference talks, I often get excited about presentations that are to showcase clever attacks and brilliant techniques to fight them. About Mick Moran's VB2017… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-your-role-child-abuse/

« Previous 1...1718192021...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.