VB Blog

VB2020 localhost call for last minute papers: a unique opportunity

Posted by Virus Bulletin on Aug 10, 2020

Why VB2020 localhost presents a unique opportunity for you to share your research with security experts around the globe.

Posted by Virus Bulletin on Jul 31, 2020

The call for last-minute papers for VB2020 localhost is now open. Submit before 17 August to have your paper considered for one of the nine slots reserved for 'hot' research!

Posted by Virus Bulletin on Jul 29, 2020

Announcing VB2020 localhost: the carbon neutral, budget neutral VB conference!

Posted by Virus Bulletin on May 4, 2020

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their presentation.

Posted by Helen Martin on Apr 30, 2020

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request forgery (SSRF) by instrumenting web applications.

Posted by Virus Bulletin on Apr 16, 2020

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.

Posted by Virus Bulletin on Apr 2, 2020

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.

Posted by Virus Bulletin on Mar 24, 2020

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.

Posted by Virus Bulletin on Mar 20, 2020

Often unbeknownst to network administrators, many company networks are used to download child sexual abuse material. In a paper presented at VB2019 in London, NetClean’s Richard Matti and Anna Creutz looked at this problem and what companies can do, ultimately, to help safeguard children. Today we publish their full paper.

Posted by Virus Bulletin on Mar 16, 2020

Here at VB we are keeping a close eye on the global situation regarding the COVID-19 outbreak and the various travel restrictions and health advice, but in the meantime planning and arrangements for VB2020 are going ahead as usual, including the selection of papers.

Previous1234567...215Next

Search blog

August 2016

Blog posts for August 2016.
https://www.virusbulletin.com/blog/2016/08/

VB2016 call for last-minute papers opened, discounts announced

Announcing the VB2016 call for last-minute papers and a number of discounts on the conference registration rate.
Today, we opened the call for last-minute papers for VB2016. The VB2016 conference programme is already chock-a-block with more than 40 talks on a wide range of security… https://www.virusbulletin.com/blog/2016/08/vb2016-call-last-minute-papers-opened-discounts-announced/

Guest Blog: Malicious Scripts Gaining Prevalence in Brazil

In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the second of this series, ESET's Matías Porolli writes about malicious Visual Basic and JavaScript gaining prevalence in Brazil.
In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the second of this series, ESET's Matías Porolli writes about malicious Visual… https://www.virusbulletin.com/blog/2016/07/malicious-scripts-gaining-prevalence-brazil/

Romanian university website compromised to serve Neutrino exploit kit

The website of the Carol Davila University of Medicine and Pharmacy has been compromised to inject a hidden iframe into the site's source code that serves the Neutrino exploit kit and may infect visitors with ransomware.
This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the… https://www.virusbulletin.com/blog/2016/07/romanian-university-website-compromised-serve-neutrino-exploit-kit/

It's 2016. Can we stop using MD5 in malware analyses?

While there are no actually risks involved in using MD5s in malware analyses, it reinforces bad habits and we should all start using SHA-256 instead.
When a security researcher comes across a new piece of malware, the first thing he (or she) does is check the file hash to see if it has been seen, or maybe even analysed, before.… https://www.virusbulletin.com/blog/2016/07/its-2016-can-we-stop-using-md5-malware-analyses/

Throwback Thursday: Holding the Bady

In 2001, ‘Code Red’ caused White House administrators to change the IP address of the official White House website, and even penetrated Microsoft’s own IIS servers.
Last week saw the 15th anniversary of the appearance of 'Code Red' (also known as 'Bady') - the first fileless worm, which spread by exploiting a vulnerability in Microsoft IIS,… https://www.virusbulletin.com/blog/2016/07/throwback-thursday-holding-bady/

Paper: The Journey of Evasion Enters Behavioural Phase

A new paper by FireEye researcher Ankit Anubhav provides an overview of evasion techniques applied by recently discovered malware.
Anti-detection techniques are almost as old as malware itself and have developed well beyond hash busting techniques. As security products adapt their detection tools, malware… https://www.virusbulletin.com/blog/2016/07/paper-journey-evasion-enters-behavioural-phase/

Guest blog: Espionage toolkit uncovered targeting Central and Eastern Europe

Recently, ESET researchers uncovered a new espionage toolkit targeting targeting Central and Eastern Europe. They provide some details in a guest post.
In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the first of this series, ESET writes about the SBDH toolkit. Over the course… https://www.virusbulletin.com/blog/2016/07/guest-blog-espionage-toolkit-targeting-central-and-eastern-europe-uncovered/

Avast acquires AVG for $1.3bn

Anti-virus vendor Avast has announced the acquisition of its rival AVG for 1.3 billion US dollars.
There was interesting news in the anti-virus world yesterday, as Avast announced the acquisition of its competitor AVG. Both companies were founded in the Czech Republic and… https://www.virusbulletin.com/blog/2016/07/avast-acquires-avg-13bn/

Throwback Thursday: You Are the Weakest Link, Goodbye!

Passwords have long been a weak point in the security chain, despite efforts to encourage users to pick strong ones. 13 years ago, Martin Overton wrote an article highlighting the weakness and explaining why it is the human element that presents the bigge…
A recent survey by mobile ID provider TeleSign revealed that 72% of security professionals believe that passwords will be phased out by 2025 - in favour of behavioural biometrics… https://www.virusbulletin.com/blog/2016/07/throwback-thursday-you-are-weakest-link-goodbye/

July 2016

https://www.virusbulletin.com/blog/2016/07/

Paper: New Keylogger on the Block

In a new paper published by Virus Bulletin, Sophos researcher Gabor Szappanos takes a look at the KeyBase keylogger, sold as a commercial product and popular among cybercriminals who use it in Office exploit kits.
Keyloggers have long been a popular tool for cybercriminals, something made worse by the fact that many of them are sold commercially. Today, we publish a paper (here as a PDF)… https://www.virusbulletin.com/blog/2016/07/paper-new-keylogger-block/

BSides Denver to take place the day after VB2016

VB2016, the 26th International Virus Bulletin conference, is an excellent reason to go to Denver, Colorado in the first week of October. But there is another reason to come to Denver: BSides Denver, which will take place the day after VB2016, on Saturday …
VB2016, the 26th International Virus Bulletin conference, is an excellent reason to visit Denver, Colorado in the first week of October this year. Of course, we are biased, but a… https://www.virusbulletin.com/blog/2016/06/bsides-denver-take-place-day-after-vb2016/

VB2015 paper: DDoS Trojan: A Malicious Concept that Conquered the ELF Format

In their VB2015 paper, Peter Kálnai and Jaromír Hořejší look at the current state of DDoS trojans forming covert botnets on unsuspecting systems. The paper provides a technical analysis of the most important malware families, focusing on infection methods…
Recently, a new trend has emerged in non-Windows DDoS attacks. Malware has evolved into complex and relatively sophisticated pieces of code, employing compression, advanced… https://www.virusbulletin.com/blog/2016/06/vb2015-paper-ddos-trojan-malicious-concept-conquered-elf-format1/

Throwback Thursday: Hyppönen, that Data Fellow / Finnish Sprayer

This week, well known and universally respected industry guru Mikko Hyppönen celebrates his 25th anniversary of working at F-Secure (formerly known as Data Fellows). VB takes a look back in the archives at two articles published in 1994: an "insight" into…
This week, well known and universally respected industry guru Mikko Hyppönen celebrates his 25th anniversary of working at F-Secure (formerly known as Data Fellows). In… https://www.virusbulletin.com/blog/2016/06/throwback-thursday-hypponen-data-fellow-finnish-sprayer/

June 2016

https://www.virusbulletin.com/blog/2016/06/

VB2015 paper: Economic Sanctions on Malware

Financial pressure can be a proactive and potentially very effective tool in making our computer ecosystems safer. By cleverly employing various trust metrics and technologies such as digital signing, watermarking, and public-key infrastructure in strateg…
Financial pressure can be a proactive and potentially very effective tool in making our computer ecosystems safer: making attackers spend real money before they can deploy malware… https://www.virusbulletin.com/blog/2016/06/economic-sanctions-malware/

Virus Bulletin's job site for recruiters and job seekers

Virus Bulletin has relaunched its security job vacancy service and added a new section, in which job seekers can advertise their skills and experience.
Security is doing well. Not necessarily the security of your personal devices, corporate networks and critical infrastructure, but as an area to work in, IT security seems to be a… https://www.virusbulletin.com/blog/2016/05/looking-job-or-fill-vacancy-virus-bulletin-here-help/

Throwback Thursday: One_Half: The Lieutenant Commander?

In October 1994, a new multi-partite virus appeared, using some of the techniques developed by the Dark Avenger in Commander_Bomber. As if this were not enough, the One_Half virus could also encrypt vital parts of the fixed disk. Eugene Kaspersky provided…
The recently encountered Petya trojan comes as something of a blast from the past: it infects the Master Boot Record (MBR) and encrypts the Master File Table (MFT). Kaspersky… https://www.virusbulletin.com/blog/2016/05/throwback-thursday-one-half-lieutenant-commander/

Advertisements on Blogspot sites lead to support scam

Support scam pop-ups presented through malicious advertisements show that, next to vulnerable end points, gullible users remain an easy source of money for online criminals.
In our research for the VBWeb tests, in which we measure the ability of security products to block malicious web traffic, we recently noticed some sites hosted on Google's… https://www.virusbulletin.com/blog/2016/05/advertisements-blogspot-sites-lead-support-scam/

« Previous 1...2425262728...120 Next »