VB Blog

Registration for VB2018 now open!

Posted by   Martijn Grooten on   May 8, 2018

Registration for VB2018, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.

Read more  

RSA 2018: the good, the bad, the ugly, the great and the fantastic

Posted by   Martijn Grooten on   May 1, 2018

In April, VB's Martijn Grooten attended the RSA Expo in San Francisco. He shares his views on the expo and the industry.

Read more  

Standalone product test: Kaspersky Security for Microsoft Office 365

Posted by   Martijn Grooten on   Apr 30, 2018

There are a number of security solutions on the market that are designed to increase the default protection provided by Office 365. One such product is the newly launched Kaspersky Security for Microsoft Office 365. Virus Bulletin was commissioned to measure the effectiveness of the Kaspersky product compared to the Office 365 baseline protection.

Read more  

GravityRAT malware takes your system's temperature

Posted by   Martijn Grooten on   Apr 27, 2018

The GravityRAT malware, discovered by Cisco Talos researchers, gives some interesting insight into modern malware development.

Read more  

$150k in cryptocurrency stolen through combined BGP-DNS hijack

Posted by   Martijn Grooten on   Apr 25, 2018

A BGP hijack was used to take over some of Amazon's DNS infrastructure, which was then used to serve a phishing site to users of the MyEtherWallet service.

Read more  

Security-focused routers may help to mitigate IoT threats

Posted by   Martijn Grooten on   Apr 24, 2018

Various security companies are offering security-focused routers. This is a good trend and may help mitigate a lot of the issues that come with the IoT.

Read more  

The road to IPv6 is generally smooth but contains a few potholes

Posted by   Virus Bulletin on   Apr 23, 2018

Most of the switch from IPv4 to IPv6 will happen seamlessly. But we cannot assume it won't introduce new security issues.

Read more  

New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros

Posted by   Martijn Grooten on   Apr 19, 2018

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn downloads the Tesla information-stealing trojan.

Read more  

VB2017 paper: Android reverse engineering tools: not the usual suspects

Posted by   Martijn Grooten on   Apr 18, 2018

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a workshop on Android reverse engineering at VB2018 in Montreal this October. Last year, Axelle presented a paper at VB2017 on some of the less common tools that can be used to reverse engineer Android malware. Today, we publish both the paper and the recording of Axelle's presentation.

Read more  

Patch early, patch often, but don't blindly trust every 'patch'

Posted by   Martijn Grooten on   Apr 16, 2018

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.

Read more  
Previous1...2122232425...215Next

Search blog

May

https://www.virusbulletin.com/blog/2016/05/

To make Tor work better on the web, we need to be honest about it

Many websites put barriers in front of visitors who use the Tor network. If we want to make the web more accessible through Tor, we need to be honest about why this is done, rather than cry wolf about a dislike for privacy, Martijn Grooten says.
If you regularly browse the web through the Tor network, you will have noticed that many websites are either inaccessible, or have strong barriers (in the form of difficult… https://www.virusbulletin.com/blog/2016/05/make-tor-work-better-web-we-need-be-honest-about-it/

Paper: How It Works: Steganography Hides Malware in Image Files

A new paper by CYREN researcher Lordian Mosuela takes a close look at Gatak, or Stegoloader, a piece of malware that was discovered last year and that is controlled via malicious code embedded in a PNG image, a technique known as steganography.
Sometimes a picture says more than a thousand words. And sometimes in computer security, a picture contains a thousand words, or rather a lot of commands, used by malware authors… https://www.virusbulletin.com/blog/2016/04/paper-how-it-works-steganography-hides-malware-image-files/

Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

The current ransomware plague is one of the worst threats the Internet has seen and it is unlikely to go away any time soon. But telling people to never pay the ransom is unhelpful advice.
I'm not usually one to spread panic about security issues, but in the case of the current ransomware plague, I believe that at the very least a sense of great concern is… https://www.virusbulletin.com/blog/2016/04/paying-malware-ransom-bad-telling-people-never-do-it-unhelpful-advice/

VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework.
Given the sheer volume of new malware samples discovered every day, security researchers eagerly make use of tools that will help automate their research and analysis. IBM… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-volatilitybot-malicious-code-extraction-made-and-security-researchers/

VB2016 programme announced, registration opened

We have announced 37 papers (and four reserve papers) that will be presented at VB2016 in Denver, Colorado, USA in October. Registration for the conference has opened; make sure you register before 1 July to benefit from a 10% early bird discount.
We are excited to officially announce the programme for VB2016, the 26th International Virus Bulletin Conference, which will take place in Denver, Colorado, USA 5-7 October this… https://www.virusbulletin.com/blog/2016/04/vb2016-programme-announced-registrations-opened/

New tool helps ransomware victims indentify the malware family

The people behind the MalwareHunterTeam have released a tool that helps victims of ransomware identify which of more than 50 families has infected their system, something which could help them find a tool to decrypt their files.
Malware infections are never fun, but ransomware is particularly nasty and the plague doesn't seem likely to cease any time soon: new families are spotted almost daily. A small… https://www.virusbulletin.com/blog/2016/04/new-tool-helps-ransomware-victims-indentify-malware-family/

It's fine for vulnerabilities to have names — we just need not to take them too seriously

The PR campaign around the Badlock vulnerability backfired when it turned out that the vulnerability wasn't as serious as had been suggested. But naming vulnerabilities can actually be helpful and certainly shouldn't hurt.
“What's in a name? That which we call Heartbleed by any other name would be just as malicious.” — William Shakespeare (paraphrased) When OpenSSL vulnerability… https://www.virusbulletin.com/blog/2016/04/it-fine-vulnerabilities-have-names-we-just-need-not-take-them-too-seriously/

April

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/04/

Throwback Thursday: The Number of the Beasts

The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, recording the number of incidents of each virus reported to VB in the preceding mo…
The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, each… https://www.virusbulletin.com/blog/2016/04/throwback-thursday-number-beasts1/

Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

Security researcher Andreas Lindh recently found a vulnerability in Apache OpenMeetings that could allow remote code execution on a vulnerable server. Andreas reported the vulnerability to the OpenMeetings developers and, once it had been patched, he wrot…
The rise of bug bounties in recent years has created an incentive for hackers to hunt for vulnerabilities in a lot of software and services. But what about those software projects… https://www.virusbulletin.com/blog/2016/03/paper-all-your-meetings-are-belong-us-remote-code-execution-apache-openmeetings/

Throwback Thursday: 'In the Beginning was the Word...'

Word and Excel’s internal file formats used to be something in which few were interested – until macro viruses came along and changed all that. In 1996, Andrew Krukov provided an overview of the new breed of viruses.
Microsoft has recently introduced a new feature to Office 2016: the ability to block macros,in an attempt to curb the spread of macro malware, which is once again on the rise.… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-beginning-was-word/

VB2016 Call for Papers Deadline

You have until the early hours (GMT) of Monday 21 March to submit an abstract for VB2016! The VB2016 programme will be announced in the first week of April.
If you read our blog or follow us on social media, you can't have missed the fact that the deadline for submissions for VB2016 is 18 March. That's today! If you haven't… https://www.virusbulletin.com/blog/2016/03/vb2016-call-papers-deadline/

How broken is SHA-1 really?

SHA-1 collisions may be found in the next few months, but that doesn't mean that fake SHA-1-based certificates will be created in the near future. Nevertheless, it is time for everyone, and those working in security in particular, to move away from outdat…
Earlier this month, I gave a talk entitled "How Broken Is Our Crypto Really?" at the RSA Conference in San Francisco. In the presentation, I looked at vulnerabilities found in… https://www.virusbulletin.com/blog/2016/03/how-broken-sha-1-really/

VB2016 Call for Papers - Frequently Asked Questions

Are you interested in submitting an abstract for VB2016? We've answered some frequently asked questions about the Call for Papers, which closes next week.
The call for papers for VB2016, the 26th Virus Bulletin conference, which takes place 5 to 7 October in Denver, CO, USA, is currently open. We've had some excellent… https://www.virusbulletin.com/blog/2016/03/vb2016-call-papers-frequently-asked-questions/

Throwback Thursday: Hash Woes

This Throwback Thursday we go back to 2004, when the entire crypto community was abuzz with the news that a group of Chinese researchers had demonstrated flaws in a whole set of hash functions - VB took a closer look to clarify the situation and draw less…
Just last week, VB Editor Martijn Grooten addressed an audience at the RSA Conference in San Francisco on the topic of cryptographic protocols that have supposedly been broken in… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-hash-woes/

March

VB Blog posts published in March 2016
https://www.virusbulletin.com/blog/2016/03/

VB2015 paper: Mobile Banking Fraud via SMS in North America: Who's Doing it and How

Though SMS may have been claimed dead many time, it is still very much alive, and quite popular among mobile phishers. At VB2015, Adaptive Mobile researcher Cathal Mc Daid presented a paper various mobile phishing campaigns targeting North American banks.
While SMS has been declared dead many times, the service remains frequently used - and abused. In a paper presented at VB2015 in Prague, Adaptive Mobile researcher Cathal Mc… https://www.virusbulletin.com/blog/2016/03/vb2015-paper-mobile-banking-fraud-sms-north-america-whos-doing-it-and-how/

Throwback Thursday: Viruses on the Internet

This Throwback Thursday VB heads back to 1996 when - long before the days of driveby downloads and exploit kits - VB published a report on the state of viruses on the Internet.
This Throwback Thursday VB heads back to 1996 when VB published a report on the state of viruses on the Internet. In the mid-1990s, long before the days of driveby downloads… https://www.virusbulletin.com/blog/2016/02/throwback-thursday-viruses-internet-blog/

RSA and BSides San Francisco

Next week, Virus Bulletin Editor Martijn Grooten will attend the RSA conference in San Francisco, where he will give a talk entitled "How Broken Is Our Crypto Really?" He will also speak at BSides San Francisco, where he will give a talk entitled "Ellipti…
Next week, almost everyone with a stake in or an opinion on IT security will be in San Francisco for the annual RSA Conference. I will be there as well, and although Virus… https://www.virusbulletin.com/blog/2016/02/rsa-and-bsides-san-francisco/

« Previous 1...2526272829...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.