VB Blog

VB2019 presentation: Attor: spy platform with curious GSM fingerprinting

Posted by   Virus Bulletin on   Feb 11, 2020

Attor is a newly discovered cyber-espionage platform, use of which dates back to at least 2014 and which focuses on diplomatic missions and governmental institutions. Details of Attor were presented at VB2019 in London by ESET researcher Zuzana Hromcová. Today we release the recording of Zuzana's presentation.

Read more  

Why we encourage newcomers and seasoned presenters alike to submit a paper for VB2020

Posted by   Virus Bulletin on   Feb 6, 2020

With the call for papers for VB2020 currently open, we explain why, whether you've never presented before or you're a conference circuit veteran, if you have some interesting research to share with the community we want to hear from you!

Read more  

VB2019 paper: The cake is a lie! Uncovering the secret world of malware-like cheats in video games

Posted by   Helen Martin on   Feb 5, 2020

At VB2019 in London, Kaspersky researcher Santiago Pontiroli presented a paper on the growing illegal economy around video game cheats and its parallels with the malware industry. Today we publish both Santiago's paper and the recording of his presentation.

Read more  

VB2019 paper: Rich headers: leveraging the mysterious artifact of the PE format

Posted by   Virus Bulletin on   Jan 31, 2020

In a paper presented at VB2019 in London, ESET researchers Peter Kálnai and Michal Poslušný discussed the subject of rich headers and how it can be useful in malware research. Today we publish both their paper and the recording of their presentation.

Read more  

VB2019 paper: Medical IoT for diabetes and cybercrime

Posted by   Helen Martin on   Jan 28, 2020

At VB2019 in London, Fortinet researcher Axelle Apvrille presented a paper co-written with Aamir Lakhani that looked at the threats faced by those who use medical IoT devices to help manage their diabetes. Today we publish the researchers' paper, as well as the recording of Axelle's presentation.

Read more  

VB2019 paper: Spoofing in the reeds with Rietspoof

Posted by   Virus Bulletin on   Jan 24, 2020

In a VB2019 paper Avast researchers Jan Sirmer, Luigino Camastra and Adolf Středa revealed full details of the Rietspoof malware. Today we publish their paper and the recording of the presentation given by Jan and Luigino in London.

Read more  

New paper: Behind the scenes of GandCrab's operation

Posted by   Helen Martin on   Jan 20, 2020

The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab Security Analysis Team reveal the full details of the battle that went on between GandCrab and AhnLab.

Read more  

VB2019 paper: King of the hill: nation-state counterintelligence for victim deconfliction

Posted by   Virus Bulletin on   Jan 16, 2020

At VB2019 Juan Andres Guerrero-Saade looked at nation-state actors using threat intelligence for victim deconfliction. Today we publish both his paper and the recording of his presentation.

Read more  

The VB2020 call for papers - how it works

Posted by   Virus Bulletin on   Jan 14, 2020

With the VB2020 Call for Papers now open, we explain how the selection procedure works, which may help you during your abstract submission.

Read more  

VB2019 presentation: Targeted attacks through ISPs

Posted by   Virus Bulletin on   Jan 13, 2020

In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today we release the recording of Denis' presentation.

Read more  
Previous1...45678...215Next

Search blog

Save the dates: VB2018 to take place 3-5 October 2018

Though the location will remain a secret for a few more months, we are pleased to announce the dates for VB2018, the 28th Virus Bulletin International Conference.
While we hope that you have already circled the dates of 4-6 October 2017 in your agendas, and that you will join us and security experts from around the world for VB2017 in Spain… https://www.virusbulletin.com/blog/2017/07/save-dates-vb2018-take-place-3-5-october-2018/

Review: BSides Athens 2017

The second edition of BSides Athens saw a great and varied programme presented in the Greek capital. VB's Martijn Grooten was pleased to attend.
BSides London has been a regular fixture on the Virus Bulletin agenda for the past few years, but its international audience (thanks to the event being held in parallel with… https://www.virusbulletin.com/blog/2017/07/review-bsides-athens-2017/

Let's not help attackers by spreading fear, uncertainty and doubt

Spreading 'FUD' in the wake of cyber-attacks is never a good idea. But it's even worse when this might be one of the attackers' implicit goals.
A week and a half after the outbreak of (Not)Petya, we are still not 100% certain about the motivation of the attackers. Was it a (failed) attempt to extort money from a large… https://www.virusbulletin.com/blog/2017/07/lets-not-help-attackers-spreading-fear-uncertainty-and-doubt/

Calling next-gen security researchers: student discount for VB2017 announced

For the third year in a row, we have set aside a limited number of student tickets for the Virus Bulletin conference, to allow 'next-generation' security researchers to experience one of the most important gatherings of security researchers around the wor…
Next-gen firewalls, next-gen anti-virus. At Virus Bulletin, we follow the 'next-gen' trends with interest, if only because behind the marketing there is often very interesting… https://www.virusbulletin.com/blog/2017/07/calling-next-gen-security-researchers-student-discount-vb2017-announced/

Nominations opened for fourth Péter Szőr Award

Virus Bulletin has opened nominations for the fourth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2016 and 30 June 2017.
Virus Bulletin is seeking nominations for the fourth annual Péter Szőr Award. The award was inaugurated during the VB2014 conference, in honour of late security researcher and… https://www.virusbulletin.com/blog/2017/07/nominations-opened-fourth-peter-szor-award/

July

https://www.virusbulletin.com/blog/2017/07/

VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

According to some researchers, there is some evidence linking the recent (Not)Petya attacks with the BlackEnergy group - which became infamous for its targeted attacks against the Ukraine. At VB2016, ESET researchers Anton Cherepanov and Robert Lipovsky s…
In a blog post published on Friday, ESET researcher Anton Cherepanov provides evidence linking last week's (Not)Petya attacks to the BlackEnergy group; Kaspersky researchers also… https://www.virusbulletin.com/blog/2017/07/vb2016-paper-blackenergy-what-we-really-know-about-notorious-cyber-attacks/

Security advice in the wake of WannaCry and Not(Petya)

As WannaCry and (Not)Petya have shown, malware attacks can do a lot of damage. So is staying safe just a case of following good security advice?
The recent outbreaks of WannaCry and (Not)Petya have left many users and organizations understandably confused about what to do and how to fend off such attacks. Thankfully,… https://www.virusbulletin.com/blog/2017/06/security-advice-wake-wannacry-and-notpetya/

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.
"What's in a name? that which we call a rose By any other name would smell as sweet" Shakespeare's philosophising can equally be applied to malware, and whether you call it… https://www.virusbulletin.com/blog/2017/06/48-hours-after-initial-reports-many-mysteries-around-latest-ransomwarewiper-threat-remain/

VB2017 Early Bird discount to expire this week

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!
"Hundreds of businesses, both large and small, have suffered from the handiwork of the virus writers. It is now clear that a sabotage mentality exists and new computer viruses… https://www.virusbulletin.com/blog/2017/06/vb2017-early-bird-discount-expire-week/

VB2016 paper: Steam stealers: it's all fun and games until someone's account gets hijacked

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these p…
The online games market is huge, and the Steam platform is a huge player in that market. Users registered on the Steam platform use their credit cards to buy content, and… https://www.virusbulletin.com/blog/2017/06/vb2016-paper-steam-stealers-its-all-fun-and-games-until-someones-account-gets-hijacked/

Research paper shows it may be possible to distinguish malware traffic using TLS

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C…
Researchers at Cisco have published a paper (PDF) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from… https://www.virusbulletin.com/blog/2017/06/research-paper-shows-it-may-be-possible-distinguish-malware-traffic-using-tls/

Is CVE-2017-0199 the new CVE-2012-0158?

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.
There are two good reasons not to be concerned about CVE-2012-0158, an RTF handling vulnerability in Microsoft Office. First, the vulnerability was patched more than five years… https://www.virusbulletin.com/blog/2017/06/cve-2017-0199-new-cve-2012-0158/

Review: BSides London 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.
This month, for the first time in its 28-year history, Virus Bulletin became the sponsor of another industry conference: BSides London. I have to admit to having been more than a… https://www.virusbulletin.com/blog/2017/06/review-bsides-london-2017/

VB2017: one of the most international security conferences

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security con…
The 40 talks confirmed thus far for the VB2017 conference programme will be delivered by speakers that are based in 18 different countries across five continents. If you also… https://www.virusbulletin.com/blog/2017/06/vb2017-one-most-international-security-conferences/

VB2016 paper: Diving into Pinkslipbot's latest campaign

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qa…
Pinkslipbot, also known as Qakbot or Qbot, is a banking trojan that makes the news every once in a while, yet never seems to get the attention of the world's Zbots and Dridexes. I… https://www.virusbulletin.com/blog/2017/06/vb2016-paper-diving-pinkslipbots-latest-campaign/

Book review: Spam: A Shadow History of the Internet

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.
This review, by VB Editor Martijn Grooten, was originally published in the Journal of the International Committee for the History of Technology (ICON). It is republished with… https://www.virusbulletin.com/blog/2017/06/book-review-spam-shadow-history-internet/

June

https://www.virusbulletin.com/blog/2017/06/

Virus Bulletin to sponsor BSides London

Virus Bulletin is proud to be a Silver sponsor of BSides London next week; we look forward to the event and to meeting many security professionals.
When VB'91, the inaugural Virus Bulletin conference, took place (in 1991), there were few security conferences on the scene and there were more virus researchers than computer… https://www.virusbulletin.com/blog/2017/06/virus-bulletin-sponsor-bsides-london/

VB2016 video: Last-minute paper: Malicious proxy auto-configs: an easy way to harvest banking credentials

In a VB2016 last-minute presentation, Jaromír Horejší and Jan Širmer looked at Retefe, a trojan that has targeted banks in several European countries and used malicious proxy auto-config filesto redirect users' traffic to a server controlled by the attack…
"Much media attention is given to imminent and visible threats, like ransomware. Other threats remain under the radar and often go unnoticed." This part of Jaromír Horejší and Jan… https://www.virusbulletin.com/blog/2017/may/vb2016-video-last-minute-paper-malicious-proxy-auto-configs-easy-way-harvest-banking-credentials/

« Previous 1...1920212223...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.