VB Blog

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

Posted by   Martijn Grooten on   Jun 29, 2017

Whether you call it Petya, NotPetya, Nyetya or Petna, there are still many mysteries surrounding the malware that has been causing havoc around the world.

Read more  

VB2017 Early Bird discount to expire this week

Posted by   Martijn Grooten on   Jun 28, 2017

This week, the Early Bird discount for VB2017 comes to an end - so, for a 10% saving on the cost of full price registration, make sure you register now!

Read more  

VB2016 paper: Steam stealers: it's all fun and games until someone's account gets hijacked

Posted by   Martijn Grooten on   Jun 23, 2017

Last year, Kaspersky Lab researcher Santiago Pontiroli and PwC's Bart Parys presented a VB2016 paper analysing the malicious threats faced by users of the Steam online gaming platform, and highlighting how organized criminals are making money with these profitable schemes. Today, we publish the paper.

Read more  

Research paper shows it may be possible to distinguish malware traffic using TLS

Posted by   Martijn Grooten on   Jun 22, 2017

Researchers at Cisco have published a paper describing how it may be possible to use machine learning to distinguish malware command-and-control traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic.

Read more  

Is CVE-2017-0199 the new CVE-2012-0158?

Posted by   Martijn Grooten on   Jun 20, 2017

After five years of exploitation in a wide variety of attacks, CVE-2012-0158 may have found a successor in CVE-2017-0199, which is taking the Office exploit scene by storm.

Read more  

Review: BSides London 2017

Posted by   Martijn Grooten on   Jun 19, 2017

Virus Bulletin was a proud sponsor of BSides London 2017 - Martijn Grooten reports on a great event.

Read more  

VB2017: one of the most international security conferences

Posted by   Martijn Grooten on   Jun 15, 2017

It is well known that the problem of cybersecurity is a global one that affects users worldwide - but it's also one that has some unique local flavours. With speakers representing at least 24 countries, VB2017 is one of the most international security conferences on the circuit, allowing attendees to hear the viewpoints of experts from around the world. Register before 1 July and receive a 10% Early Bird discount.

Read more  

VB2016 paper: Diving into Pinkslipbot's latest campaign

Posted by   Martijn Grooten on   Jun 12, 2017

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qakbot trojan and its then latest campaign. Their full paper is now available to download or read online.

Read more  

Book review: Spam: A Shadow History of the Internet

Posted by   Martijn Grooten on   Jun 2, 2017

VB Editor Martijn Grooten reviews Finn Brunton's book 'Spam: A Shadow History of the Internet'.

Read more  

Virus Bulletin to sponsor BSides London

Posted by   Martijn Grooten on   Jun 1, 2017

Virus Bulletin is proud to be a Silver sponsor of BSides London next week; we look forward to the event and to meeting many security professionals.

Read more  
Previous1...3435363738...215Next

Search blog

May

https://www.virusbulletin.com/blog/2016/05/

To make Tor work better on the web, we need to be honest about it

Many websites put barriers in front of visitors who use the Tor network. If we want to make the web more accessible through Tor, we need to be honest about why this is done, rather than cry wolf about a dislike for privacy, Martijn Grooten says.
If you regularly browse the web through the Tor network, you will have noticed that many websites are either inaccessible, or have strong barriers (in the form of difficult… https://www.virusbulletin.com/blog/2016/05/make-tor-work-better-web-we-need-be-honest-about-it/

Paper: How It Works: Steganography Hides Malware in Image Files

A new paper by CYREN researcher Lordian Mosuela takes a close look at Gatak, or Stegoloader, a piece of malware that was discovered last year and that is controlled via malicious code embedded in a PNG image, a technique known as steganography.
Sometimes a picture says more than a thousand words. And sometimes in computer security, a picture contains a thousand words, or rather a lot of commands, used by malware authors… https://www.virusbulletin.com/blog/2016/04/paper-how-it-works-steganography-hides-malware-image-files/

Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

The current ransomware plague is one of the worst threats the Internet has seen and it is unlikely to go away any time soon. But telling people to never pay the ransom is unhelpful advice.
I'm not usually one to spread panic about security issues, but in the case of the current ransomware plague, I believe that at the very least a sense of great concern is… https://www.virusbulletin.com/blog/2016/04/paying-malware-ransom-bad-telling-people-never-do-it-unhelpful-advice/

VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework.
Given the sheer volume of new malware samples discovered every day, security researchers eagerly make use of tools that will help automate their research and analysis. IBM… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-volatilitybot-malicious-code-extraction-made-and-security-researchers/

VB2016 programme announced, registration opened

We have announced 37 papers (and four reserve papers) that will be presented at VB2016 in Denver, Colorado, USA in October. Registration for the conference has opened; make sure you register before 1 July to benefit from a 10% early bird discount.
We are excited to officially announce the programme for VB2016, the 26th International Virus Bulletin Conference, which will take place in Denver, Colorado, USA 5-7 October this… https://www.virusbulletin.com/blog/2016/04/vb2016-programme-announced-registrations-opened/

New tool helps ransomware victims indentify the malware family

The people behind the MalwareHunterTeam have released a tool that helps victims of ransomware identify which of more than 50 families has infected their system, something which could help them find a tool to decrypt their files.
Malware infections are never fun, but ransomware is particularly nasty and the plague doesn't seem likely to cease any time soon: new families are spotted almost daily. A small… https://www.virusbulletin.com/blog/2016/04/new-tool-helps-ransomware-victims-indentify-malware-family/

It's fine for vulnerabilities to have names — we just need not to take them too seriously

The PR campaign around the Badlock vulnerability backfired when it turned out that the vulnerability wasn't as serious as had been suggested. But naming vulnerabilities can actually be helpful and certainly shouldn't hurt.
“What's in a name? That which we call Heartbleed by any other name would be just as malicious.” — William Shakespeare (paraphrased) When OpenSSL vulnerability… https://www.virusbulletin.com/blog/2016/04/it-fine-vulnerabilities-have-names-we-just-need-not-take-them-too-seriously/

April

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/04/

Throwback Thursday: The Number of the Beasts

The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, recording the number of incidents of each virus reported to VB in the preceding mo…
The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, each… https://www.virusbulletin.com/blog/2016/04/throwback-thursday-number-beasts1/

Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

Security researcher Andreas Lindh recently found a vulnerability in Apache OpenMeetings that could allow remote code execution on a vulnerable server. Andreas reported the vulnerability to the OpenMeetings developers and, once it had been patched, he wrot…
The rise of bug bounties in recent years has created an incentive for hackers to hunt for vulnerabilities in a lot of software and services. But what about those software projects… https://www.virusbulletin.com/blog/2016/03/paper-all-your-meetings-are-belong-us-remote-code-execution-apache-openmeetings/

Throwback Thursday: 'In the Beginning was the Word...'

Word and Excel’s internal file formats used to be something in which few were interested – until macro viruses came along and changed all that. In 1996, Andrew Krukov provided an overview of the new breed of viruses.
Microsoft has recently introduced a new feature to Office 2016: the ability to block macros,in an attempt to curb the spread of macro malware, which is once again on the rise.… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-beginning-was-word/

VB2016 Call for Papers Deadline

You have until the early hours (GMT) of Monday 21 March to submit an abstract for VB2016! The VB2016 programme will be announced in the first week of April.
If you read our blog or follow us on social media, you can't have missed the fact that the deadline for submissions for VB2016 is 18 March. That's today! If you haven't… https://www.virusbulletin.com/blog/2016/03/vb2016-call-papers-deadline/

How broken is SHA-1 really?

SHA-1 collisions may be found in the next few months, but that doesn't mean that fake SHA-1-based certificates will be created in the near future. Nevertheless, it is time for everyone, and those working in security in particular, to move away from outdat…
Earlier this month, I gave a talk entitled "How Broken Is Our Crypto Really?" at the RSA Conference in San Francisco. In the presentation, I looked at vulnerabilities found in… https://www.virusbulletin.com/blog/2016/03/how-broken-sha-1-really/

VB2016 Call for Papers - Frequently Asked Questions

Are you interested in submitting an abstract for VB2016? We've answered some frequently asked questions about the Call for Papers, which closes next week.
The call for papers for VB2016, the 26th Virus Bulletin conference, which takes place 5 to 7 October in Denver, CO, USA, is currently open. We've had some excellent… https://www.virusbulletin.com/blog/2016/03/vb2016-call-papers-frequently-asked-questions/

Throwback Thursday: Hash Woes

This Throwback Thursday we go back to 2004, when the entire crypto community was abuzz with the news that a group of Chinese researchers had demonstrated flaws in a whole set of hash functions - VB took a closer look to clarify the situation and draw less…
Just last week, VB Editor Martijn Grooten addressed an audience at the RSA Conference in San Francisco on the topic of cryptographic protocols that have supposedly been broken in… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-hash-woes/

March

VB Blog posts published in March 2016
https://www.virusbulletin.com/blog/2016/03/

VB2015 paper: Mobile Banking Fraud via SMS in North America: Who's Doing it and How

Though SMS may have been claimed dead many time, it is still very much alive, and quite popular among mobile phishers. At VB2015, Adaptive Mobile researcher Cathal Mc Daid presented a paper various mobile phishing campaigns targeting North American banks.
While SMS has been declared dead many times, the service remains frequently used - and abused. In a paper presented at VB2015 in Prague, Adaptive Mobile researcher Cathal Mc… https://www.virusbulletin.com/blog/2016/03/vb2015-paper-mobile-banking-fraud-sms-north-america-whos-doing-it-and-how/

Throwback Thursday: Viruses on the Internet

This Throwback Thursday VB heads back to 1996 when - long before the days of driveby downloads and exploit kits - VB published a report on the state of viruses on the Internet.
This Throwback Thursday VB heads back to 1996 when VB published a report on the state of viruses on the Internet. In the mid-1990s, long before the days of driveby downloads… https://www.virusbulletin.com/blog/2016/02/throwback-thursday-viruses-internet-blog/

RSA and BSides San Francisco

Next week, Virus Bulletin Editor Martijn Grooten will attend the RSA conference in San Francisco, where he will give a talk entitled "How Broken Is Our Crypto Really?" He will also speak at BSides San Francisco, where he will give a talk entitled "Ellipti…
Next week, almost everyone with a stake in or an opinion on IT security will be in San Francisco for the annual RSA Conference. I will be there as well, and although Virus… https://www.virusbulletin.com/blog/2016/02/rsa-and-bsides-san-francisco/

« Previous 1...2526272829...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.