VB Blog

VB2019 presentation: A deep dive into iPhone exploit chains

Posted by Virus Bulletin on Jan 10, 2020

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recording of John's presentation.

Posted by Helen Martin on Jan 8, 2020

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.

Posted by Virus Bulletin on Jan 6, 2020

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of their presentation.

Posted by Helen Martin on Dec 31, 2019

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.

Posted by Martijn Grooten on Dec 27, 2019

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.

Posted by Martijn Grooten on Dec 23, 2019

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.

Posted by Virus Bulletin on Dec 20, 2019

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.

Posted by Martijn Grooten on Dec 19, 2019

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.

Posted by Martijn Grooten on Dec 19, 2019

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.

Posted by Martijn Grooten on Dec 18, 2019

In the second of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes cybersecurity professionals need to educate themselves on the complexities of the real-world situations in which security is applied.

Previous1...56789...215Next

Search blog

August 2016

Blog posts for August 2016.
https://www.virusbulletin.com/blog/2016/08/

VB2016 call for last-minute papers opened, discounts announced

Announcing the VB2016 call for last-minute papers and a number of discounts on the conference registration rate.
Today, we opened the call for last-minute papers for VB2016. The VB2016 conference programme is already chock-a-block with more than 40 talks on a wide range of security… https://www.virusbulletin.com/blog/2016/08/vb2016-call-last-minute-papers-opened-discounts-announced/

Guest Blog: Malicious Scripts Gaining Prevalence in Brazil

In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the second of this series, ESET's Matías Porolli writes about malicious Visual Basic and JavaScript gaining prevalence in Brazil.
In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the second of this series, ESET's Matías Porolli writes about malicious Visual… https://www.virusbulletin.com/blog/2016/07/malicious-scripts-gaining-prevalence-brazil/

Romanian university website compromised to serve Neutrino exploit kit

The website of the Carol Davila University of Medicine and Pharmacy has been compromised to inject a hidden iframe into the site's source code that serves the Neutrino exploit kit and may infect visitors with ransomware.
This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the… https://www.virusbulletin.com/blog/2016/07/romanian-university-website-compromised-serve-neutrino-exploit-kit/

It's 2016. Can we stop using MD5 in malware analyses?

While there are no actually risks involved in using MD5s in malware analyses, it reinforces bad habits and we should all start using SHA-256 instead.
When a security researcher comes across a new piece of malware, the first thing he (or she) does is check the file hash to see if it has been seen, or maybe even analysed, before.… https://www.virusbulletin.com/blog/2016/07/its-2016-can-we-stop-using-md5-malware-analyses/

Throwback Thursday: Holding the Bady

In 2001, ‘Code Red’ caused White House administrators to change the IP address of the official White House website, and even penetrated Microsoft’s own IIS servers.
Last week saw the 15th anniversary of the appearance of 'Code Red' (also known as 'Bady') - the first fileless worm, which spread by exploiting a vulnerability in Microsoft IIS,… https://www.virusbulletin.com/blog/2016/07/throwback-thursday-holding-bady/

Paper: The Journey of Evasion Enters Behavioural Phase

A new paper by FireEye researcher Ankit Anubhav provides an overview of evasion techniques applied by recently discovered malware.
Anti-detection techniques are almost as old as malware itself and have developed well beyond hash busting techniques. As security products adapt their detection tools, malware… https://www.virusbulletin.com/blog/2016/07/paper-journey-evasion-enters-behavioural-phase/

Guest blog: Espionage toolkit uncovered targeting Central and Eastern Europe

Recently, ESET researchers uncovered a new espionage toolkit targeting targeting Central and Eastern Europe. They provide some details in a guest post.
In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the first of this series, ESET writes about the SBDH toolkit. Over the course… https://www.virusbulletin.com/blog/2016/07/guest-blog-espionage-toolkit-targeting-central-and-eastern-europe-uncovered/

Avast acquires AVG for $1.3bn

Anti-virus vendor Avast has announced the acquisition of its rival AVG for 1.3 billion US dollars.
There was interesting news in the anti-virus world yesterday, as Avast announced the acquisition of its competitor AVG. Both companies were founded in the Czech Republic and… https://www.virusbulletin.com/blog/2016/07/avast-acquires-avg-13bn/

Throwback Thursday: You Are the Weakest Link, Goodbye!

Passwords have long been a weak point in the security chain, despite efforts to encourage users to pick strong ones. 13 years ago, Martin Overton wrote an article highlighting the weakness and explaining why it is the human element that presents the bigge…
A recent survey by mobile ID provider TeleSign revealed that 72% of security professionals believe that passwords will be phased out by 2025 - in favour of behavioural biometrics… https://www.virusbulletin.com/blog/2016/07/throwback-thursday-you-are-weakest-link-goodbye/

July 2016

https://www.virusbulletin.com/blog/2016/07/

Paper: New Keylogger on the Block

In a new paper published by Virus Bulletin, Sophos researcher Gabor Szappanos takes a look at the KeyBase keylogger, sold as a commercial product and popular among cybercriminals who use it in Office exploit kits.
Keyloggers have long been a popular tool for cybercriminals, something made worse by the fact that many of them are sold commercially. Today, we publish a paper (here as a PDF)… https://www.virusbulletin.com/blog/2016/07/paper-new-keylogger-block/

BSides Denver to take place the day after VB2016

VB2016, the 26th International Virus Bulletin conference, is an excellent reason to go to Denver, Colorado in the first week of October. But there is another reason to come to Denver: BSides Denver, which will take place the day after VB2016, on Saturday …
VB2016, the 26th International Virus Bulletin conference, is an excellent reason to visit Denver, Colorado in the first week of October this year. Of course, we are biased, but a… https://www.virusbulletin.com/blog/2016/06/bsides-denver-take-place-day-after-vb2016/

VB2015 paper: DDoS Trojan: A Malicious Concept that Conquered the ELF Format

In their VB2015 paper, Peter Kálnai and Jaromír Hořejší look at the current state of DDoS trojans forming covert botnets on unsuspecting systems. The paper provides a technical analysis of the most important malware families, focusing on infection methods…
Recently, a new trend has emerged in non-Windows DDoS attacks. Malware has evolved into complex and relatively sophisticated pieces of code, employing compression, advanced… https://www.virusbulletin.com/blog/2016/06/vb2015-paper-ddos-trojan-malicious-concept-conquered-elf-format1/

Throwback Thursday: Hyppönen, that Data Fellow / Finnish Sprayer

This week, well known and universally respected industry guru Mikko Hyppönen celebrates his 25th anniversary of working at F-Secure (formerly known as Data Fellows). VB takes a look back in the archives at two articles published in 1994: an "insight" into…
This week, well known and universally respected industry guru Mikko Hyppönen celebrates his 25th anniversary of working at F-Secure (formerly known as Data Fellows). In… https://www.virusbulletin.com/blog/2016/06/throwback-thursday-hypponen-data-fellow-finnish-sprayer/

June 2016

https://www.virusbulletin.com/blog/2016/06/

VB2015 paper: Economic Sanctions on Malware

Financial pressure can be a proactive and potentially very effective tool in making our computer ecosystems safer. By cleverly employing various trust metrics and technologies such as digital signing, watermarking, and public-key infrastructure in strateg…
Financial pressure can be a proactive and potentially very effective tool in making our computer ecosystems safer: making attackers spend real money before they can deploy malware… https://www.virusbulletin.com/blog/2016/06/economic-sanctions-malware/

Virus Bulletin's job site for recruiters and job seekers

Virus Bulletin has relaunched its security job vacancy service and added a new section, in which job seekers can advertise their skills and experience.
Security is doing well. Not necessarily the security of your personal devices, corporate networks and critical infrastructure, but as an area to work in, IT security seems to be a… https://www.virusbulletin.com/blog/2016/05/looking-job-or-fill-vacancy-virus-bulletin-here-help/

Throwback Thursday: One_Half: The Lieutenant Commander?

In October 1994, a new multi-partite virus appeared, using some of the techniques developed by the Dark Avenger in Commander_Bomber. As if this were not enough, the One_Half virus could also encrypt vital parts of the fixed disk. Eugene Kaspersky provided…
The recently encountered Petya trojan comes as something of a blast from the past: it infects the Master Boot Record (MBR) and encrypts the Master File Table (MFT). Kaspersky… https://www.virusbulletin.com/blog/2016/05/throwback-thursday-one-half-lieutenant-commander/

Advertisements on Blogspot sites lead to support scam

Support scam pop-ups presented through malicious advertisements show that, next to vulnerable end points, gullible users remain an easy source of money for online criminals.
In our research for the VBWeb tests, in which we measure the ability of security products to block malicious web traffic, we recently noticed some sites hosted on Google's… https://www.virusbulletin.com/blog/2016/05/advertisements-blogspot-sites-lead-support-scam/

« Previous 1...2425262728...120 Next »