VB Blog

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

Posted by Martijn Grooten on Jun 29, 2017

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.

Posted by Martijn Grooten on Jun 28, 2017

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!

Posted by Martijn Grooten on Jun 23, 2017

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these profitable schemes. Today, we publish the paper.

Posted by Martijn Grooten on Jun 22, 2017

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic.

Posted by Martijn Grooten on Jun 20, 2017

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.

Posted by Martijn Grooten on Jun 19, 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.

Posted by Martijn Grooten on Jun 15, 2017

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security conferences on the circuit, allowing attendees to hear the viewpoints of experts from around the world. Register before 1 July and receive a 10% Early Bird discount.

Posted by Martijn Grooten on Jun 12, 2017

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qakbot trojan and its then latest campaign. Their full paper is now available to download or read online.

Posted by Martijn Grooten on Jun 2, 2017

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.

Posted by Martijn Grooten on Jun 1, 2017

Virus Bulletin is proud to be a Silver sponsor of BSides London next week; we look forward to the event and to meeting many security professionals.

Previous1...3435363738...215Next

Search blog

Ransomware would be much worse if it wasn't for email security solutions

The latest VBSpam test brings good news: at least 199 out of every 200 emails containing a malicious attachment were blocked by email security solutions. All of the full solutions tested achieved a VBSpam award, with five earning a VBSpam+ award.
Many experts believe that ransomware is set to become an even worse problem in 2017 than it was in 2016 — which is rather bad news, given the damage it has already done. Still,… https://www.virusbulletin.com/blog/2017/01/ransomware-would-be-so-much-worse-if-it-wasnt-email-security-solutions/

Throwback Thursday: The malware battle: reflections and forecasts

"Another year has come to its end and the malware battle still rages on." In January 2004, Jamz Yaneza reflected on the year just ended and pondered what the coming year would have in store for the AV industry.
"Another year has come to its end and the malware battle still rages on. It seems to be a never-ending uphill struggle to secure digital information." This could have been written… https://www.virusbulletin.com/blog/2017/01/throwback-thursday-malware-battle-reflections-and-forecasts/

January

https://www.virusbulletin.com/blog/2017/01/

2017

https://www.virusbulletin.com/blog/2017/

VB2016 paper: Open Source Malware Lab

At VB2016, ThreatConnect Director of Research Innovation Robert Simmons presented a paper on setting up an open source malware lab. Today, we share the accompanying paper and video.
Security experts aren't necessarily known for being skilled at predicting the future, but if there's one prediction they are guaranteed to get right, it's that there will be a lot… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-open-source-malware-lab/

A Christmas present for the security community

As a Christmas present for the security community, we have uploaded most of the papers and videos from the VB2015 conference which took place in Prague almost 15 months ago. The Virus Bulletin crew wishes you all the best for 2017!
A botnet of Internet-connected cameras causing the largest DDoS ever; the ransomware threat that appears to get worse every day; a state-sponsored hacker group that attempted to… https://www.virusbulletin.com/blog/2016/december/christmas-present-security-community/

Paper: Spreading techniques used by malware

In a new paper published by Virus Bulletin, Acalvio researcher Abhishek Singh discusses some of the techniques used by malware to increase its impact by spreading further.
Malware infections usually start with a user opening an attachment, visiting a link, or simply accessing an infected site with a vulnerable browser. But once malware has infected… https://www.virusbulletin.com/blog/2016/december/paper-spreading-techniques-used-malware/

VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users

At VB2016, Kaspersky Lab researcher Kurt Baumgartner delivered a presentation on the StrongPity watering hole attacks that targeted users of encryption technologies, and which were recently featured in a report by Microsoft. Today, we share the video of K…
Last week, Microsoft published a paper on two attack groups, dubbed PROMETHIUM and NEODYMIUM, that targeted individuals in Europe and that both used the then unknown and unpatched… https://www.virusbulletin.com/blog/2016/december/vb2016-video-strongpity-waterhole-attacks-targeting-italian-and-belgian-encryption-users/

Conference review: Botconf 2016

Three members of the Virus Bulletin team attended the Botconf 2016 conference in Lyon, France last month, enjoying talks on subjects that ranged from state-sponsored attacks to exploit kits, and from banking trojans to cyber insurance.
This review was written by Martijn Grooten, Adrian Luca and Ionuț Răileanu. Though still only in its fourth year, Botconf has become one of the Virus Bulletin team's favourite… https://www.virusbulletin.com/blog/2016/december/conference-review-botconf-2016/

Throwback Thursday: Adjust Your Attitude!

"Most of you reading this article have the technical skill but do you have the people skills?" In 2000, James Wolfe urged security experts to sell themselves and their services.
At the VB2016 conference in Denver earlier this year, ESET researcher Stephen Cobb spoke about the cybersecurity skills shortage, providing an overview of existing efforts to… https://www.virusbulletin.com/blog/2016/december/throwback-thursday-adjust-your-attitude/

VB2016 paper: Modern attacks on Russian financial institutions

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.
Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-modern-attacks-russian-financial-institutions/

More on the Moose botnet at Botconf

At Botconf 2016 this week, GoSecure researchers Masarah Paquet-Clouston and Olivier Bilodeau presented their research on the Moose botnet - something Olivier Bilodeau previously spoke about at VB2015.
This week, several members of the Virus Bulletin team are attending Botconf 2016 in Lyon, France. Security conferences provide good opportunities to meet fellow researchers and to… https://www.virusbulletin.com/blog/2016/december/more-moose-botnet-botconf/

VB2016 paper: Defeating sandbox evasion: how to increase successful emulation rate in your virtualized environment

Today, we publish the VB2016 paper and presentation (recording) by Check Point Software researchers Alexander Chailytko and Stanislav Skuratovich, which focuses on the techniques used by malware to detect virtual environments, and provides detailed techni…
In order to analyse a potentially malicious binary, an important first step is to run it in a specialised virtual environment, or sandbox environment, and see what it does – if it… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-defeating-sandbox-evasion-how-increase-successful-emulation-rate-your-virtualized-environment/

December

https://www.virusbulletin.com/blog/2016/december/

VB2016 paper: Mobile applications: a backdoor into the Internet of Things?

While the Internet of Things blossoms with newly connected objects every day, the security and privacy of these objects is often overlooked, making the IoT a major security concern. Unfortunately, reverse-engineering so-called smart devices is not an easy…
The meteoric rise of the Mirai botnet in recent months has led to the Internet of Things (IoT) becoming a major and actual security concern. To assess the effective security… https://www.virusbulletin.com/blog/2016/november/vb2016-paper-mobile-applications-backdoor-internet-things/

VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks

Today, we publish the VB2016 paper and presentation (recording) by Kaspersky Lab researchers Juan Andrés Guerrero-Saade and Brian Bartholomew, in which they look at some of the deception tactics used in targeted attacks.
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn't matter whether an attack was performed by a Bear, a… https://www.virusbulletin.com/blog/2016/november/vb2016-paper-wave-your-false-flags-deception-tactics-muddying-attribution-targeted-attacks/

November

https://www.virusbulletin.com/blog/2016/november/

Throwback Thursday: The Politics of Anti-Virus

President-elect of the United States Donald Trump made a number of promises about cybersecurity during his electoral campaign. What comes of those pledges remains to be seen, but one thing is certain: there will be a team of hard-working, dedicated indivi…
The United States has a new president-elect, and now both the citizens of the US and the rest of the world wait with bated breath to find out what changes the Trump presidency… https://www.virusbulletin.com/blog/2016/november/throwback-thursday-politics-anti-virus/

October

https://www.virusbulletin.com/blog/2016/october/

VB2016 paper: The TAO of Automated Iframe Injectors - Building Drive-by Platforms For Fun

We publish Aditya K. Sood's VB2016 paper on the use of iframe injectors by cybercriminals to deliver drive-by downloads.
VB2016 took place almost two weeks ago, since when we have had many requests to publish the papers presented at the conference, as well as the videos of those presentations. Virus… https://www.virusbulletin.com/blog/2016/october/vb2016-paper-tao-automated-iframe-injectors-building-drive-platforms-fun/

« Previous 1...2223242526...120 Next »