VB Blog

Latest Virus Bulletin report shows the difference web security products make

Posted by   Martijn Grooten on   Nov 27, 2018

The latest Virus Bulletin web security report sees Kaspersky, Trustwave and Fortinet all achieve VBWeb certification, but also see some products struggle with the new Fallout exploit kit.

Read more  

Subscribe to the relaunched Virus Bulletin eNews newsletter

Posted by   Martijn Grooten on   Nov 26, 2018

Subscribe to the re-launched Virus Bulletin eNews Newsletter to receive regular updates on the latest threat intelligence sources directly in your inbox.

Read more  

VB2018 paper: Since the hacking of Sony Pictures

Posted by   Martijn Grooten on   Nov 22, 2018

The Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Today we publish the VB2018 paper by AhnLab researcher Minseok (Jacky) Cha on the group's activities.

Read more  

VB2018 video: Shedding skin - Turla's fresh faces

Posted by   Martijn Grooten on   Nov 16, 2018

Today, we have published the video of a VB2018 presentation by Kaspersky Lab researchers Kurt Baumgartner and Mike Scott, who looked at the latest activity of the Turla group.

Read more  

VB2018 video: Triada: the past, the present and the (hopefully not existing) future

Posted by   Martijn Grooten on   Nov 13, 2018

Today we publish the video of the VB2018 presentation by Google researcher Lukasz Siewierski on the Triada Android malware and Google's work with OEMs to remove it from infected devices.

Read more  

VB2018 paper: Uncovering the wholesale industry of social media fraud: from botnet to bulk reseller panels

Posted by   Martijn Grooten on   Nov 6, 2018

Today, we publish the VB2018 paper by Masarah Paquet-Clouston (GoSecure) who looked at the supply chain behind social media fraud.

Read more  

VB2018 paper: Now you see it, now you don't: wipers in the wild

Posted by   Virus Bulletin on   Nov 1, 2018

Today, we publish the VB2018 paper from Saher Naumaan (BAE Systems) who looks at malware variants that contain a wiper functionality. We also publish the recording of her presentation.

Read more  

Emotet trojan starts stealing full emails from infected machines

Posted by   Martijn Grooten on   Oct 31, 2018

The infamous Emotet trojan has added the capability to steal full email bodies from infected machines, opening the possibilities for more targeted spam and phishing campaigns.

Read more  

VB2018 paper: Who wasn’t responsible for Olympic Destroyer?

Posted by   Martijn Grooten on   Oct 30, 2018

Cisco Talos researchers Paul Rascagnères and Warren Mercer were among the first to write about the Olympic Destroyer, the malware that targeted the 2018 PyeongChang Winter Olympic Games. Today, we publish the paper they presented at VB2018 about the malware; we also publish the video of their VB2018 presentation.

Read more  

VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

Posted by   Martijn Grooten on   Oct 26, 2018

Today, we publish the VB2018 paper by Malwarebytes researcher Jérôme Segura, in which he details the shift from exploit kits to drive-by mining. We also publish the video of his VB2018 presentation.

Read more  
Previous1...1516171819...215Next

Search blog

ROPEMAKER email exploit is of limited practical use

Researchers at Mimecast have published a paper about the 'ROPEMAKER' exploit, which allows an email sender with malicious intentions to change the visial appearance of an email after it has been delivered.
Researchers at Mimecast have published details (pdf) of an email exploit they call 'ROPEMAKER' (short for 'Remotely Originated Post-delivery Email Manipulation Attacks Keeping… https://www.virusbulletin.com/blog/2017/08/ropemaker-email-exploit-limited-practical-use/

VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America

We preview the VB2017 presentation by Kaspersky Lab researchers Thiago Marques and Fabio Assolini in which they look at malware targeting ATMs in Latin America.
A few years ago, I saw an ATM being opened for the first time. "Hold on," I thought, "this is really just a Windows XP PC!" Suddenly, I realised that, to attack an ATM,… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-mariachis-and-jackpotting-atm-malware-latin-america/

VB2017 preview: Stuck between a ROC and a hard place

We preview the VB2017 paper by Microsoft's Holly Stewart and Joe Blackbird, which uses data about users switching anti-virus provider to decide whether machine-learning models should favour avoiding false positives over false negatives.
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-stuck-between-roc-and-hard-place/

VB2017 preview: Consequences of bad security in health care

We preview the VB2017 presentation by Jelena Milosevic, an ICU nurse by profession, who will provide the audience with an inside view of security in hospitals.
Earlier this month, at the SHA2017 hacking camp, among the professional hackers and security experts, there was one speaker with a rather unconventional CV: Jelena Milosevic's day… https://www.virusbulletin.com/blog/2017/08/vb2017-preview-consequences-bad-security-health-care/

VB2017 Small Talk: The encryption vs. inspection debate

At VB2017, Cloudflare's Head of Cryptography Nick Sullivan will give a Small Talk on the intercepting of HTTPS connections by proxies and anti-virus software.
We all know that security often gets in the way of convenience, but sometimes security even gets in the way of security. This is the case, for example, when a decision needs to be… https://www.virusbulletin.com/blog/2017/08/vb2017-small-talk-encryption-vs-inspection-debate/

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 2

In the second part of this two-part blog series, we look at five more memorable Virus Bulletin conference presentations.
With an excellent conference programme featuring some of the top experts in the IT security industry and covering some of the most important topics, we have much to look forward… https://www.virusbulletin.com/blog/2017/08/throwback-thursday-ten-memorable-virus-bulletin-conference-presentations-part-2/

Five tips for submitting to Calls for Papers

With the VB2017 Call for Papers out, here are five tips to increase your chances of getting your submission accepted.
Two weeks ago, we opened the call for last-minute papers for VB2017. Like most CPFs, the number of submissions will far exceed the number of available slots. There is no golden… https://www.virusbulletin.com/blog/2017/08/five-tips-submitting-calls-papers/

The WannaCry kill switch wasn't inserted to make someone a hero

Following the arrest of WannaCry hero Marcus Hutchings, suggestions have been made that he was behind the WannaCry malware itself, and that he inserted the kill switch to make himself a hero. This seems highly unlikely.
Almost three months after its damaging outbreak, the WannaCry malware remains shrouded in mystery. Last week's arrest of security researcher Marcus Hutchings, better known and… https://www.virusbulletin.com/blog/2017/08/wannacry-kill-switch-wasnt-inserted-make-someone-hero/

Throwback Thursday: Ten memorable Virus Bulletin conference presentations - part 1

In a two-part blog post series, we look back at ten memorable VB conference presentations from the past ten years.
With an excellent conference programme (and still some gaps to fill!), we have much to look forward to when it comes to VB2017, the 27th Virus Bulletin conference. But we also… https://www.virusbulletin.com/blog/2017/08/throwback-thursday-ten-memorable-virus-bulletin-conference-presentations-part-1/

Worms wiggling inside your networks are a lot harder to stop

The authors of the Trickbot banking trojan seem to have taken note of the use of SMB by WannaCry and (Not)Petya and have added an (experimental) module that uses SMB for lateral movement.
Damaging though they were, the recent WannaCry and (Not)Petya outbreaks taught security practitioners many valuable lessons. Unfortunately, they taught important lessons to… https://www.virusbulletin.com/blog/2017/08/worms-wiggling-inside-your-networks-are-lot-harder-stop/

August

https://www.virusbulletin.com/blog/2017/08/

VB2017 drinks reception to be hosted in Madrid's unique Geographic Club

To give those attending VB2017 Madrid a chance to experience a little bit of the host city, the VB2017 drinks reception will be held at the unique and fascinating Geographic Club.
When, at the end of VB2016, we announced Madrid as the location for VB2017, the cheering from the audience suggested that it was a popular choice. This is understandable of… https://www.virusbulletin.com/blog/2017/08/vb2017-drinks-reception-be-hosted-geographic-club/

By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

To comply with Chinese laws, Apple has removed all iOS VPN apps from its Chinese app store. This means that the company uses iOS's strongest security asset, its tightly controlled App Store, against its own users.
A little over a month ago, Apple's iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great… https://www.virusbulletin.com/blog/2017/08/removing-vpns-its-chinese-app-store-apple-turns-its-biggest-security-asset-aggasnt-its-users/

VB2017 Small Talks and reserve papers announced

Today we announce the first two Small Talks for the VB2017 programme: ENISA will provide its perspective on the WannaCry outbreak and the lessons learned from it, while David Harley will talk about the past and present of security product testing.
Today, we are pleased to announce the first two Small Talks for the VB2017 programme. The 'Small Talks' were first introduced as a third stream at the VB Conference in 2015,… https://www.virusbulletin.com/blog/2017/07/small-talks-and-reserve-papers-announced-vb2017-programme/

NoMoreRansom's first birthday demonstrates importance of collaboration

This week the NoMoreRansom project celebrated its first birthday. It has already helped many victims of ransomware with advice and tools and is an excellent example of collaboration between private and public partners in IT security.
This week, the NoMoreRansom project celebrates its first anniversary and can look back to subtle but important successes in the fight against ransomware. The advice from… https://www.virusbulletin.com/blog/2017/07/nomoreransoms-first-birthday-shows-importance-collaboration/

VB2017 call for last-minute papers opened

Today, we open the call for last-minute papers for VB2017. Submit before 3 September to have your abstract considered for one of the ten slots reserved for 'hot' research.
UPDATE 4 Sept 2017: Please note that the call for last-minute papers for VB2017 has now closed. Virus Bulletin has opened the call for last-minute papers for VB2017. The… https://www.virusbulletin.com/blog/2017/07/vb2017-call-last-minute-papers-opened/

Five reasons to come to VB2017 in Madrid

We're not ones to make bold claims about our conference, and we suggest you ask past attendees for their opinion, but here are five reasons why we think you should come to VB2017 in Madrid.
I regularly use this blog to add nuance to bold claims about dangerous vulnerabilities or impressive claims about security solutions – something that I think befits an independent… https://www.virusbulletin.com/blog/2017/07/five-reasons-come-vb2017-madrid/

DMARC: an imperfect solution that can make a big difference

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.
US Senator Ron Wyden has written a letter (pdf) to the Department of Homeland Security, urging the US government to implement DMARC to "ensure hackers cannot send emails that… https://www.virusbulletin.com/blog/2017/07/dmarc-imperfect-solution-can-make-big-difference/

Advanced and inept persistent threats to be discussed at VB2017

Unsurprisingly given today's threat landscape, the VB2017 programme contains several talks on various advanced persistent threats - but also a talk on what may be the polar opposite of such threats: an inept persistent threat.
Only a few years ago, "APT" (advanced persistent threat) was a buzzword mostly heard being bandied around at security exhibitions to sell even more advanced technology to prevent,… https://www.virusbulletin.com/blog/2017/07/advanced-and-inept-persistent-threats-be-discussed-vb2017/

Password security is 1% choosing a half-decent password, 99% not using it anywhere else

Password security advice focuses too much on password strength and too little on avoiding password reuse, Martijn Grooten argues.
It is a truth generally acknowledged that there is no such thing as absolute security. Security is always a compromise with usability, and good security is about finding the right… https://www.virusbulletin.com/blog/2017/07/password-security-1-choosing-half-decent-password-99-not-using-it-anywhere-else/

« Previous 1...1819202122...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.