VB Blog

Throwback Thursday: The Politics of Anti-Virus

Posted by   Helen Martin on   Nov 10, 2016

President-elect of the United States Donald Trump made a number of promises about cybersecurity during his electoral campaign. What comes of those pledges remains to be seen, but one thing is certain: there will be a team of hard-working, dedicated individuals working behind the scenes to protect the computer systems of Federal government agencies, as there have been for years. Back in 1999, VB published a report describing a day in the life of the Affiliated Computer Services Government Solutions Group (ACS GSG) - the group responsible for providing full service computer support to US Federal government agencies across the United States.

Read more  

VB2016 paper: The TAO of Automated Iframe Injectors - Building Drive-by Platforms For Fun

Posted by   Martijn Grooten on   Oct 18, 2016

We publish Aditya K. Sood's VB2016 paper on the use of iframe injectors by cybercriminals to deliver drive-by downloads.

Read more  

“Cybersecurity is, at its core, a people problem,” says VB2016 keynote speaker

Posted by   Virus Bulletin on   Sep 26, 2016

An interview with VB2016’s keynote speaker Christine Whalley - Director, Governance and IT Risk Management at Pfizer

Read more  

Throwback Thursday: Following the Breadcrumbs

Posted by   Helen Martin on   Sep 22, 2016

In 1999, Christine Orshesky described how one large organization decided to find out how and where the viruses within it were being obtained so it could do more to protect its networks.

Read more  

VB2016 preview: Cryptography mistakes in malware

Posted by   Martijn Grooten on   Sep 15, 2016

At VB2016, two talks will discuss mistakes made by malware authors in cryptographic implementations. Ben Herzog and Yaniv Balmas will present a paper in which they look at a number of these mistakes, while Malwarebytes researcher hasherezade will present a last-minute paper on making use of some of these mistakes to crack ransomware.

Read more  

GPS technology is more at risk from cyber attack than ever before, security expert demonstrates at VB2016

Posted by   Virus Bulletin on   Sep 14, 2016

Next month at VB2016, HPE Security's Oleg Petrovsky will speak about attacks on GPS. We conducted a short interview with Oleg and asked him about GPS, about the conference, and about his ultimate dinner party.

Read more  

BSides Denver: Join and Support the Security Community

Posted by   Martijn Grooten on   Sep 13, 2016

If you are coming to VB2016 in Denver, why not spend an extra day in the Mile-High City and join the free BSides Denver conference, which takes place on Saturday?

Read more  

VB2016 'Last-Minute' Papers Announced

Posted by   Martijn Grooten on   Sep 13, 2016

We are excited to announce the addition of the "last-minute" papers to the VB2016 programme: nine presentations covering hot research topics, from OS X attacks to exotic APTs, breaking ransomware and the current state of BGP.

Read more  

VB2016 preview: Debugging and Monitoring Malware Network Activities with Haka

Posted by   Martijn Grooten on   Sep 12, 2016

In a VB2016 paper, Stormshield researchers Benoit Ancel and Mehdi Talbi will present a paper on Haka, a tool that can be used to monitor and debug malware's network communications.

Read more  

Paper: Behavioural Detection and Prevention of Malware on OS X

Posted by   Martijn Grooten on   Sep 12, 2016

In a new paper published through Virus Bulletin, Vincent Van Mieghem presents a novel method for detecting malware on Mac OS X, based on the system calls used by malicious software.

Read more  
Previous1...4041424344...215Next

Search blog

Quick impressions from BSides Budapest

At Virus Bulletin, we love the BSides concept and we have attended several of the BSides events around the world. So when Peter Karsai, who is soon to join the VB team, offered to write about his experience at BSides Budapest, we jumped at the chance to p…
At Virus Bulletin, we love the BSides concept and we have attended several of the BSides events around the world. So when Peter Karsai, who is soon to join the VB team, offered to… https://www.virusbulletin.com/blog/2017/03/quick-impressions-bsides-budapest/

March

https://www.virusbulletin.com/blog/2017/03/

First sponsors of VB2017 announced

We are excited to announce the first five sponsors of VB2017, companies based in Europe, Asia and North America.
We are proud of the fact that the Virus Bulletin Conference is one of the industry's most international security conferences, with speakers and attendees coming together from all… https://www.virusbulletin.com/blog/2017/03/first-sponsors-vb2017-announced/

Security products and HTTPS: let's do it better

A recent paper showed that many HTTPS-intercepting security solutions have implemented TLS rather poorly. Does that mean we should avoid such solutions altogether?
It is one of the most hotly discussed topics in the security community: is it acceptable for a security product to intercept encrypted HTTP communication (HTTPS) to analyse its… https://www.virusbulletin.com/blog/2017/02/security-products-and-https-lets-do-it-better/

The SHA-1 hashing algorithm has been 'shattered'

Researchers from Google and CWI Amsterdam have created the first known collision of the SHA-1 hashing algorithm, making a very strong case to ditch it.
Researchers from Google and CWI Amsterdam have created the first publicly known SHA-1 collision. SHA-1 is a hashing algorithm: it turns data of arbitrary size (such as a string… https://www.virusbulletin.com/blog/2017/02/sha-1-hashing-algorithm-has-been-shattered/

Throwback Thursday: Once a researcher...

VB was saddened to learn this week of the passing of one of the pioneers of the AV industry, Ross Greenberg. This Throwback Thursday we look back at an interview with Ross in November 1995.
VB was saddened to learn this week of the passing of one of the pioneers of the AV industry, Ross M. Greenberg.   Ross Greenberg, author of Flushot, Virex PC, and… https://www.virusbulletin.com/blog/2017/02/throwback-thursday-once-researcher/

VB2017: What is happening in the threat landscape and what are we doing against it? Submit a proposal in the VB2017 CFP!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Then submit an abstract in the CFP for VB2017!
There are four weeks (minus one day) until the Call for Papers for VB2017 closes. The Virus Bulletin International Conference is one of the longest running and most prestigious… https://www.virusbulletin.com/blog/2017/02/vb2017-what-happening-and-what-are-we-doing-against-it-submit-now-cfp/

VB2016 paper: APT reports and OPSEC evolution, or: these are not the APT reports you are looking for

APT reports are great for gaining an understanding of how advanced attack groups operate - however, they can also provide free QA for the threat actors. Today, we publish a VB2016 paper by Gadi Evron (Cymmetria) and Inbar Raz (Perimeter X), who discuss wh…
Ever since Mandiant released its APT1 report four years ago, reports on advanced attack groups have been an important fixture in the security industry. These reports are great for… https://www.virusbulletin.com/blog/2017/02/vb2016-paper-apt-reports-and-opsec-evolution-or-these-are-not-apt-reports-you-are-looking/

Security for your ears: recommended infosec podcasts

Industry veteran Mikko Hyppönen recently urged would-be security researchers to ditch their favourite pop music and listen to security podcasts on their commute to work instead. Virus Bulletin Editor Martijn Grooten shares his favourite security podcasts.
"Don't waste your commute listening to pop music. Listen to infosec lectures and podcasts." Industry veteran Mikko Hyppönen recently shared some useful advice for those wanting to… https://www.virusbulletin.com/blog/2017/02/security-podcasts-worth-listening/

VB2016 video: Getting duped: piggybacking on webcam streams for surreptitious recordings

In a presentation at VB2016, Patrick Wardle, Director of Research at Synack, discussed the possibilities of Mac malware recording the user via the webcam. Today, we publish the video of Patrick's presentation.
If you are going to be at RSA in San Francisco next week, we highly recommend you attend Patrick Wardle's talk on OS X malware in 2016 – not just because it is important for Mac… https://www.virusbulletin.com/blog/2017/02/vb2016-video-last-minute-paper-getting-duped-piggybacking-webcam-streams-surreptitious-recordings/

We shouldn't forget those most vulnerable in our digital world

Virus Bulletin Editor Martijn Grooten calls for the security community not to forget those most vulnerable in the digital world, including political activists living under oppressive regimes, and victims of abuse.
The new UK government has passed a far-reaching surveillance law. The new US government has stripped privacy rights from non-citizens. Surely, those who have warned about the… https://www.virusbulletin.com/blog/2017/02/we-shouldnt-forget-those-most-vulnerable-our-digital-world/

Throwback Thursday: A troubled world

In early 1991, the world was a troubled place and conflict and violence were being reported globally on a daily basis. With this as a backdrop, the world of "indiscriminate" computer viruses which "victimise in a random and unpredictable manner" seemed re…
In early 1991, the world was a troubled place – President George H. W. Bush had just announced the start of military Operation Desert Storm and conflict and violence were being… https://www.virusbulletin.com/blog/2017/02/throwback-thursday-troubled-world/

February

https://www.virusbulletin.com/blog/2017/02/

VB2016 video: Nymaim: the Untold Story

Until very recently, the Nymaim banking trojan was a serious problem in Poland. Today, we publish the video of the VB2016 presentation by CERT Polska researchers Jarosław Jedynak and Maciej Kotowicz, in which they analyse this malware-dropper-turned-banki…
Every year, the Virus Bulletin conference programme includes a number of 'last-minute' papers: presentations on topics that are so hot, they are added to the programme only a few… https://www.virusbulletin.com/blog/2017/02/vb2016-video-nymaim-untold-story/

The Living Dead Anti-Virus

Should users uninstall their anti-virus products, as was recently suggested by a security expert in a widely shared article? In a guest post, security consultant Hendrik Pilz explains why he doesn't think this is a good idea.
A former director of testing at AV-TEST and a one-time VB conference speaker, security consultant Hendrik Pilz is passionate about the quality of security products. In a guest… https://www.virusbulletin.com/blog/2017/01/living-dead-anti-virus/

Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189

In a new paper published by Virus Bulletin, FireEye researchers Ankit Anubhav and Manish Sardiwal analyse the 'God Mode' vulnerability CVE-2016-0189 in Microsoft Internet Explorer.
While avoiding the use of Flash is good advice for helping to fend off exploit kits, some of the vulnerabilities exploited by these kits actually target the browsers themselves.… https://www.virusbulletin.com/blog/2017/01/paper-journey-and-evolution-god-mode-2016-cve-2016-0189/

VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

At VB2016, Peter Kruse gave a presentation detailing the Neverquest trojan, the alleged author of which was arrested in Spain earlier this month. Today, we publish the recording of Peter's presentation.
Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the… https://www.virusbulletin.com/blog/2017/01/vb2016-video-neverquest-crime-service-and-hunt-big-bucks/

VB2016 paper: Great crypto failures

Crypto is hard, and malware authors often make mistakes. At VB2016, Check Point researchers Yaniv Balmas and Ben Herzog discussed the whys and hows of some of the crypto blunders made by malware authors. Today, we publish their paper and the recording of …
"More malware is using cryptography, and more malware is using better cryptography," said Check Point researcher Yaniv Balmas on stage during VB2016. While the increased use of… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-great-crypto-failures/

Call for Papers: VB2017

We have opened the Call for Papers for VB2017. We are particularly interested in receiving submissions from those working outside the security industry itself.
The call for papers for VB2017, which will take place 4-6 October in Madrid, Spain, is now open! Have you analysed a new malware campaign? Tracked an APT actor? Discovered a… https://www.virusbulletin.com/blog/2017/01/call-papers-vb2017/

Ransomware not a problem for half of businesses

According to a report by IBM Security, 70 per cent of businesses that are the victim of a ransomware attack end up paying the ransom. However, the report also suggests that a little over half of businesses manage to avoid getting infected at all, showing …
If you are wondering why ransomware continues to thrive, a recent study from IBM Security provides a simple explanation: 70 per cent of the ransomware-infected businesses they… https://www.virusbulletin.com/blog/2017/01/ransomware-not-problem-half-businesses/

« Previous 1...2122232425...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.