VB Blog

VB2019 presentation: A deep dive into iPhone exploit chains

Posted by   Virus Bulletin on   Jan 10, 2020

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recording of John's presentation.

Read more  

Latest VBWeb report describes current state of the web-based threat landscape

Posted by   Helen Martin on   Jan 8, 2020

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.

Read more  

VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity

Posted by   Virus Bulletin on   Jan 6, 2020

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of their presentation.

Read more  

Virus Bulletin says a fond farewell and thank you to Martijn Grooten

Posted by   Helen Martin on   Dec 31, 2019

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.

Read more  

VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)

Posted by   Martijn Grooten on   Dec 27, 2019

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.

Read more  

Parting thoughts 5: bringing the good news

Posted by   Martijn Grooten on   Dec 23, 2019

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.

Read more  

Parting thoughts 4: the big picture

Posted by   Virus Bulletin on   Dec 20, 2019

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.

Read more  

Parting thoughts 3: taking security seriously

Posted by   Martijn Grooten on   Dec 19, 2019

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.

Read more  

VB2019 paper: Exploring the Chinese DDoS landscape

Posted by   Martijn Grooten on   Dec 19, 2019

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.

Read more  

Parting thoughts 2: the need for education in security

Posted by   Martijn Grooten on   Dec 18, 2019

In the second of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes cybersecurity professionals need to educate themselves on the complexities of the real-world situations in which security is applied.

Read more  
Previous1...56789...215Next

Search blog

May

https://www.virusbulletin.com/blog/2016/05/

To make Tor work better on the web, we need to be honest about it

Many websites put barriers in front of visitors who use the Tor network. If we want to make the web more accessible through Tor, we need to be honest about why this is done, rather than cry wolf about a dislike for privacy, Martijn Grooten says.
If you regularly browse the web through the Tor network, you will have noticed that many websites are either inaccessible, or have strong barriers (in the form of difficult… https://www.virusbulletin.com/blog/2016/05/make-tor-work-better-web-we-need-be-honest-about-it/

Paper: How It Works: Steganography Hides Malware in Image Files

A new paper by CYREN researcher Lordian Mosuela takes a close look at Gatak, or Stegoloader, a piece of malware that was discovered last year and that is controlled via malicious code embedded in a PNG image, a technique known as steganography.
Sometimes a picture says more than a thousand words. And sometimes in computer security, a picture contains a thousand words, or rather a lot of commands, used by malware authors… https://www.virusbulletin.com/blog/2016/04/paper-how-it-works-steganography-hides-malware-image-files/

Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

The current ransomware plague is one of the worst threats the Internet has seen and it is unlikely to go away any time soon. But telling people to never pay the ransom is unhelpful advice.
I'm not usually one to spread panic about security issues, but in the case of the current ransomware plague, I believe that at the very least a sense of great concern is… https://www.virusbulletin.com/blog/2016/04/paying-malware-ransom-bad-telling-people-never-do-it-unhelpful-advice/

VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework.
Given the sheer volume of new malware samples discovered every day, security researchers eagerly make use of tools that will help automate their research and analysis. IBM… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-volatilitybot-malicious-code-extraction-made-and-security-researchers/

VB2016 programme announced, registration opened

We have announced 37 papers (and four reserve papers) that will be presented at VB2016 in Denver, Colorado, USA in October. Registration for the conference has opened; make sure you register before 1 July to benefit from a 10% early bird discount.
We are excited to officially announce the programme for VB2016, the 26th International Virus Bulletin Conference, which will take place in Denver, Colorado, USA 5-7 October this… https://www.virusbulletin.com/blog/2016/04/vb2016-programme-announced-registrations-opened/

New tool helps ransomware victims indentify the malware family

The people behind the MalwareHunterTeam have released a tool that helps victims of ransomware identify which of more than 50 families has infected their system, something which could help them find a tool to decrypt their files.
Malware infections are never fun, but ransomware is particularly nasty and the plague doesn't seem likely to cease any time soon: new families are spotted almost daily. A small… https://www.virusbulletin.com/blog/2016/04/new-tool-helps-ransomware-victims-indentify-malware-family/

It's fine for vulnerabilities to have names — we just need not to take them too seriously

The PR campaign around the Badlock vulnerability backfired when it turned out that the vulnerability wasn't as serious as had been suggested. But naming vulnerabilities can actually be helpful and certainly shouldn't hurt.
“What's in a name? That which we call Heartbleed by any other name would be just as malicious.” — William Shakespeare (paraphrased) When OpenSSL vulnerability… https://www.virusbulletin.com/blog/2016/04/it-fine-vulnerabilities-have-names-we-just-need-not-take-them-too-seriously/

April

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/04/

Throwback Thursday: The Number of the Beasts

The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, recording the number of incidents of each virus reported to VB in the preceding mo…
The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, each… https://www.virusbulletin.com/blog/2016/04/throwback-thursday-number-beasts1/

Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

Security researcher Andreas Lindh recently found a vulnerability in Apache OpenMeetings that could allow remote code execution on a vulnerable server. Andreas reported the vulnerability to the OpenMeetings developers and, once it had been patched, he wrot…
The rise of bug bounties in recent years has created an incentive for hackers to hunt for vulnerabilities in a lot of software and services. But what about those software projects… https://www.virusbulletin.com/blog/2016/03/paper-all-your-meetings-are-belong-us-remote-code-execution-apache-openmeetings/

Throwback Thursday: 'In the Beginning was the Word...'

Word and Excel’s internal file formats used to be something in which few were interested – until macro viruses came along and changed all that. In 1996, Andrew Krukov provided an overview of the new breed of viruses.
Microsoft has recently introduced a new feature to Office 2016: the ability to block macros,in an attempt to curb the spread of macro malware, which is once again on the rise.… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-beginning-was-word/

VB2016 Call for Papers Deadline

You have until the early hours (GMT) of Monday 21 March to submit an abstract for VB2016! The VB2016 programme will be announced in the first week of April.
If you read our blog or follow us on social media, you can't have missed the fact that the deadline for submissions for VB2016 is 18 March. That's today! If you haven't… https://www.virusbulletin.com/blog/2016/03/vb2016-call-papers-deadline/

How broken is SHA-1 really?

SHA-1 collisions may be found in the next few months, but that doesn't mean that fake SHA-1-based certificates will be created in the near future. Nevertheless, it is time for everyone, and those working in security in particular, to move away from outdat…
Earlier this month, I gave a talk entitled "How Broken Is Our Crypto Really?" at the RSA Conference in San Francisco. In the presentation, I looked at vulnerabilities found in… https://www.virusbulletin.com/blog/2016/03/how-broken-sha-1-really/

VB2016 Call for Papers - Frequently Asked Questions

Are you interested in submitting an abstract for VB2016? We've answered some frequently asked questions about the Call for Papers, which closes next week.
The call for papers for VB2016, the 26th Virus Bulletin conference, which takes place 5 to 7 October in Denver, CO, USA, is currently open. We've had some excellent… https://www.virusbulletin.com/blog/2016/03/vb2016-call-papers-frequently-asked-questions/

Throwback Thursday: Hash Woes

This Throwback Thursday we go back to 2004, when the entire crypto community was abuzz with the news that a group of Chinese researchers had demonstrated flaws in a whole set of hash functions - VB took a closer look to clarify the situation and draw less…
Just last week, VB Editor Martijn Grooten addressed an audience at the RSA Conference in San Francisco on the topic of cryptographic protocols that have supposedly been broken in… https://www.virusbulletin.com/blog/2016/03/throwback-thursday-hash-woes/

March

VB Blog posts published in March 2016
https://www.virusbulletin.com/blog/2016/03/

VB2015 paper: Mobile Banking Fraud via SMS in North America: Who's Doing it and How

Though SMS may have been claimed dead many time, it is still very much alive, and quite popular among mobile phishers. At VB2015, Adaptive Mobile researcher Cathal Mc Daid presented a paper various mobile phishing campaigns targeting North American banks.
While SMS has been declared dead many times, the service remains frequently used - and abused. In a paper presented at VB2015 in Prague, Adaptive Mobile researcher Cathal Mc… https://www.virusbulletin.com/blog/2016/03/vb2015-paper-mobile-banking-fraud-sms-north-america-whos-doing-it-and-how/

Throwback Thursday: Viruses on the Internet

This Throwback Thursday VB heads back to 1996 when - long before the days of driveby downloads and exploit kits - VB published a report on the state of viruses on the Internet.
This Throwback Thursday VB heads back to 1996 when VB published a report on the state of viruses on the Internet. In the mid-1990s, long before the days of driveby downloads… https://www.virusbulletin.com/blog/2016/02/throwback-thursday-viruses-internet-blog/

RSA and BSides San Francisco

Next week, Virus Bulletin Editor Martijn Grooten will attend the RSA conference in San Francisco, where he will give a talk entitled "How Broken Is Our Crypto Really?" He will also speak at BSides San Francisco, where he will give a talk entitled "Ellipti…
Next week, almost everyone with a stake in or an opinion on IT security will be in San Francisco for the annual RSA Conference. I will be there as well, and although Virus… https://www.virusbulletin.com/blog/2016/02/rsa-and-bsides-san-francisco/

« Previous 1...2526272829...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.