VB Blog

VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

Posted by   Martijn Grooten on   Nov 3, 2017

Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical Trickbot infection process, and its aftermath, as seen through the lens of a tool used to perform man-in-the-middle decryption. Today, we publish both Andrew's slides and the recording of his presentation.

Read more  

Paper: FAME - Friendly Malware Analysis Framework

Posted by   Martijn Grooten on   Nov 2, 2017

Today, we publish a short paper in which CERT Société Générale presents FAME, its open source malware analysis framework.

Read more  

Ebury and Mayhem server malware families still active

Posted by   Martijn Grooten on   Oct 31, 2017

Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.

Read more  

VB2017 paper: Crypton - exposing malware's deepest secrets

Posted by   Martijn Grooten on   Oct 27, 2017

Crypton, a tool developed by F5 Networks researchers Julia Karpin and Anna Dorfman, aims to speed up the reverse engineering process by decrypting encrypted content found in a (malicious) binary. The researchers described the tool in a paper which they presented at VB2017 in Madrid. Today, we publish both the paper and the recording of their presentation.

Read more  

VB2017 paper: The sprawling market of consumer spyware

Posted by   Martijn Grooten on   Oct 25, 2017

For many people, the threat of an abusive partner or ex-partner is very real - and the market for consumer spyware worryingly large. Today, we publish the recording of a presentation on the subject of consumer spyware given at VB2017 by The Daily Beast reporter Joseph Cox.

Read more  

Gábor Szappanos wins fourth Péter Szőr Award

Posted by   Martijn Grooten on   Oct 23, 2017

At the VB2017 gala dinner, the fourth Péter Szőr Award was presented to Sophos researcher Gábor Szappanos for his paper "AKBuilder – the crowdsourced exploit kit".

Read more  

VB2017 paper: Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Posted by   Martijn Grooten on   Oct 20, 2017

We publish the VB2017 paper and video by Kaspersky Lab researchers Juan Andres Guerrero-Saade and Costin Raiu, in which they look at fourth-party collection (spies spying on other spies' campaigns) and its implications for attribution.

Read more  

Didn't come to VB2017? Tell us why!

Posted by   Martijn Grooten on   Oct 11, 2017

Virus Bulletin is a company - and a conference - with a mission: to further the research in and facilitate the fight against digital threats. To help us in this mission, we want to hear from those who didn't come to Madrid. What is your impression of the VB Conference? What did you think of this year's programme? And why couldn't you come to Madrid?

Read more  

Montreal will host VB2018

Posted by   Martijn Grooten on   Oct 10, 2017

Last week, we announced the full details of VB2018, which will take place 3-5 October 2018 at the Fairmont The Queen Elizabeth hotel in Montreal, Quebec, Canada.

Read more  

VB2017 preview: Beyond lexical and PDNS (guest blog)

Posted by   Virus Bulletin on   Oct 5, 2017

In a special guest blog post, VB2017 Silver sponsor Cisco Umbrella writes about a paper that researchers Dhia Mahjoub and David Rodriguez will present at the conference this Friday.

Read more  
Previous1...2829303132...215Next

Search blog

“Cybersecurity is, at its core, a people problem,” says VB2016 keynote speaker

An interview with VB2016’s keynote speaker Christine Whalley - Director, Governance and IT Risk Management at Pfizer
  Christine Whalley is the director of governance and IT risk management at Pfizer, the American global pharmaceutical corporation headquartered in New York City. Not only does… https://www.virusbulletin.com/blog/2016/september/cybersecurity-its-core-people-problem-says-vb2016-keynote-speaker/

Throwback Thursday: Following the Breadcrumbs

In 1999, Christine Orshesky described how one large organization decided to find out how and where the viruses within it were being obtained so it could do more to protect its networks.
In just under two weeks' time, Christine Whalley, Director of Information Security at Pfizer, will deliver the opening keynote address at VB2016 in Denver. Christine is no… https://www.virusbulletin.com/blog/2016/september/throwback-thursday-following-breadcrumbs1/

VB2016 preview: Cryptography mistakes in malware

At VB2016, two talks will discuss mistakes made by malware authors in cryptographic implementations. Ben Herzog and Yaniv Balmas will present a paper in which they look at a number of these mistakes, while Malwarebytes researcher hasherezade will present …
"Don't roll your own crypto", software developers are often told: cryptography is hard and thus it is always safer to use a well-tested public library rather than writing your own… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-presentations-cryptography-mistakes-malware/

GPS technology is more at risk from cyber attack than ever before, security expert demonstrates at VB2016

Next month at VB2016, HPE Security's Oleg Petrovsky will speak about attacks on GPS. We conducted a short interview with Oleg and asked him about GPS, about the conference, and about his ultimate dinner party.
An interview with VB2016 presenter Oleg Petrovsky of HPE Security research. Meeting Oleg Petrovsky, a senior anti-malware researcher at HPE Security research, is an experience.… https://www.virusbulletin.com/blog/2016/september/turns-out-gps-technology-more-vulnerable-cyberattack-ever-security-expert-demonstrates/

BSides Denver: Join and Support the Security Community

If you are coming to VB2016 in Denver, why not spend an extra day in the Mile-High City and join the free BSides Denver conference, which takes place on Saturday?
I sometimes catch myself talking about "the security industry" and then quickly correct myself to say "the security community". For, despite the presence of big businesses and… https://www.virusbulletin.com/blog/2016/september/bsides-denver-join-and-support-security-community/

VB2016 'Last-Minute' Papers Announced

We are excited to announce the addition of the "last-minute" papers to the VB2016 programme: nine presentations covering hot research topics, from OS X attacks to exotic APTs, breaking ransomware and the current state of BGP.
With a little over three weeks to go until VB2016, the conference programme is almost complete. We have a great selection of talks on the main programme, half a dozen Small Talks… https://www.virusbulletin.com/blog/2016/september/vb2016-last-minute-papers-announced/

VB2016 preview: Debugging and Monitoring Malware Network Activities with Haka

In a VB2016 paper, Stormshield researchers Benoit Ancel and Mehdi Talbi will present a paper on Haka, a tool that can be used to monitor and debug malware's network communications.
Although some inventive (and often quite impractical) non-network-based ways to remotely control malware have been presented, most botnets use the normal Internet connection of… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-debugging-and-monitoring-malware-network-activities-haka/

Paper: Behavioural Detection and Prevention of Malware on OS X

In a new paper published through Virus Bulletin, Vincent Van Mieghem presents a novel method for detecting malware on Mac OS X, based on the system calls used by malicious software.
Though still well behind that of Windows malware, the prevalence of malware targeting OS X has increased in the past year to the point where Mac users can't assume they are safe… https://www.virusbulletin.com/blog/2016/september/paper-behavioural-detection-and-prevention-malware-os-x/

VB2016 preview: Smart Outlets. Why We Need Responsible Disclosure!

At VB2016, four researcher from Bitdefender will present a paper in which they look at vulnerabilities in four "smart" power outlets.
If you are wondering whether you really live in the future: we need to be concerned about the security of Internet-connected power outlets. Such devices are the subject of a… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-smart-outlets-why-we-need-responsible-disclosure/

VB2016 preview: Uncovering the Secrets of Malvertising

Malvertising, in which legitimate ad networks are abused to silently infect users with malware, has become a real plague in recent years. A VB2016 paper by Malwarebytes researchers Jérôme Segura and Chris Boyd will look at the issue.
Two years ago, at VB2014, Bromium researcher Vadim Kotov presented a paper in which he looked at various possibilities for cybercriminals to leverage ad networks to spread… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-uncovering-secrets-malvertising/

VB2016: Important Information About the Hotel

Many people have already registered for VB2016 and the conference hotel is rapidly filling up - registration for the event will remain open right up until the start of the conference, but here, we provide some advice about booking accommodation.
We are delighted that many people have already registered for VB2016, and registration for VB2016 will remain open right up until the start of the conference. However, the large… https://www.virusbulletin.com/blog/2016/september/vb2016-important-information-about-hotel/

VB2016 preview: Detecting Man-in-the-Middle Attacks With Canary Requests

At VB2016, Cylance researcher Brian Wallace will reveal a multi-platform tool that runs on the endpoint and uses various techniques to detect ongoing man-in-the-middle attacks.
While man-in-the-middle attacks are relatively rare (especially among those not attending hacker conferences), it is quite common for computer users to be in a situation where an… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-detecting-man-middle-attacks-canary-requests/

A look at the VB2016 sponsors

More than a dozen companies and organizations are lending their support to VB2016 as conference sponsors and supporting organizations.
Today, we are exactly one month away from the start of VB2016, the 26th Virus Bulletin International Conference, which is to take place 5-7 October in Denver, Colorado. We thought… https://www.virusbulletin.com/blog/2016/september/look-vb2016-sponsors/

Guest blog: Nemucod ransomware analysis

In a guest blog, Webroot researcher Jesse Lopez looks at another variant in the massive crop of malware that takes users’ files hostage: Nemucod ransomware.
In the run up to VB2016, we invited the sponsors of the conference to write guest posts for our blog. In the third of this series, Webroot's Jesse Lopez writes about the Nemucod… https://www.virusbulletin.com/blog/2016/september/guest-blog-nemucod-ransomware-analysis/

September

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/september/

VB2016 preview: Mobile Applications: a Backdoor into Internet of Things?

At VB2016 in Denver, Fortinet researcher Axelle Apvrille will discuss how analysing a device's complementary mobile app can help a great deal in understanding the architecture of a smart device.
The recent discovery of a one-million-device IoT botnet used for DDoS attacks should be ample proof that concerns over the security of the Internet of Things are not merely… https://www.virusbulletin.com/blog/2016/september/vb2016-preview-mobile-applications-backdoor-internet-things/

VB2016 preview: Wild Android Collusions

Full technical details of the first in-the-wild Android app 'collusion' attack, where multiple apps perform an attack in collaboration, will be shared with the public in at VB2016 in Denver on 5 October.
Most research into and protection against malicious apps focuses on single apps. This makes it interesting for malware authors to use app 'collusion': the ability of two (or more)… https://www.virusbulletin.com/blog/2016/08/vb2016-preview-wild-android-collusions/

Small Talks return to the Virus Bulletin Conference

Following their success last year, this year a series of "Small Talks" return to the VB2016 conference programme. We are pleased to announce the details of six of these talks, covering subjects that range from the Chinese cybercriminal underground to Andr…
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on… https://www.virusbulletin.com/blog/2016/08/small-talks-return-virus-bulletin-conference/

Research shows web security products perform well against exploit kits

Research by Virus Bulletin, in which five web security products were served 54 live exploit kits, shows that the products blocked between 87 and 100 per cent of the kits.
Among the security community a lot of research effort is dedicated to analysing exploit kits and their constantly evolving methods of frustrating researchers while infecting… https://www.virusbulletin.com/blog/2016/08/research-shows-web-security-products-perform-well-against-exploit-kits/

Throwback Thursday: Olympic Games

In 1994, along with the Olympic Games came an Olympic virus, from a group of Swedish virus authors calling themselves ‘Immortal Riot’. We look back at Mikko Hyppönen's analysis in the VB archive.
As the world of sport awaits the official opening of the 2016 Olympic Games in Rio tomorrow, any talk of viruses is restricted to concerns surrounding the mosquito-borne,… https://www.virusbulletin.com/blog/2016/08/throwback-thursday-olympic-games/

« Previous 1...2324252627...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.