VB Blog

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by Martijn Grooten on Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Posted by Martijn Grooten on Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Posted by Martijn Grooten on Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Posted by Martijn Grooten on Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Posted by Virus Bulletin on Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Posted by Martijn Grooten on Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Posted by Virus Bulletin on Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Posted by Virus Bulletin on Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Posted by Virus Bulletin on Sep 25, 2019

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.

Posted by Martijn Grooten on Sep 18, 2019

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.

Previous1...89101112...215Next

Search blog

Virus Bulletin publishes first web filter test report

After a lot of preparation, Virus Bulletin is proud to have published the first "VBWeb" comparative web filter test report, in which products' ability to block web-based malware and drive-by downloads was tested. Fortinet's FortiGuard appliance was the fi…
Virus Bulletin has been testing security products for more than 18 years, and in recent years, we have had many requests from product developers asking us to test their web… https://www.virusbulletin.com/blog/2016/02/virus-bulletin-published-first-corporate-web-filter-test-report/

VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?

Sophos researchers Rowland Yu and William Lee look at whether recent security enhancements to Android, such as SEAndroid and containerization, will be enough to defeat future malware threats.
Google's Android operating system may have a bit of a bad reputation when it comes to security, but it's worth noting that recent versions of the operating system have been… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-will-android-trojans-worms-or-rootkits-survive-seandroid-and-containerization/

First six VB2016 sponsors announced

Virus Bulletin is excited to announce the first six sponsors for VB2016, the 26th international Virus Bulletin conference, which will take place in Denver, Colorado, USA 5-7 October 2016.
While VB2016, the 26th Virus Bulletin conference, is still more than nine months away, preparations for the event are well under way. Hopefully you will already have seen the call… https://www.virusbulletin.com/blog/2016/02/vb2016-sponsors-announced/

VB2015 paper: Sizing cybercrime: incidents and accidents, hints and allegations

Cybercrime is big. But how big is it really? In a paper presented at VB2015 and together with the presentation video published on our website today, ESET researcher Stephen Cobb looks at previous studies that attempt the size of cybercrime and asks why we…
How big is cybercrime? Various attempts have been made to measure the size of cybercrime around the world, or in individual countries, but how reliable are the methodologies… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-sizing-cybercrime-incidents-and-accidents-hints-and-allegations/

Throwback Thursday: The Thin Blue Line

This Throwback Thursday, VB heads back to 1994 when UK Fraud Squad detectives started making inroads into the most puzzling 'Whodunnit' since the Great Train Robbery. Had an outbreak of computer crime swept Britain? No, it was all part of a police trainin…
This Throwback Thursday, VB heads back to 1994 when UK Fraud Squad detectives started making inroads into the most puzzling 'Whodunnit' since the Great Train Robbery. Had an… https://www.virusbulletin.com/blog/2016/02/throwback-thursday-thin-blue-line/

Welcome to virusbulletin.com

Almost 20 years after Virus Bulletin revealed its first site on the "world wide web", we've redesigned our whole website. And we have a new domain as well.
Virus Bulletin revealed its first website in the spring of 1996, almost 20 years ago. As was common in those days, it was referred to as 'our presence on the "world wide web"' —… https://www.virusbulletin.com/blog/2016/02/welcome-virusbulletincom/

VB2015 video: TurlaSat: The Fault in our Stars

In a presentation at VB2015 in Prague, Kaspersky Lab researcher Kurt Baumgartner talked about Turla's extraplanetary activities: the malware used (and abused) satellite Internet connections for command and control communication.
Kurt Baumgartner talks about Turla's extraplanetary activities. Despite the hype around the subject, the tools used by most so-called APT groups are surprisingly mundane. But… https://www.virusbulletin.com/blog/2016/02/vb2015-video-fault-our-stars/

Security vendors should embrace those hunting bugs in their products

When interviewed by the Risky Business podcast last week, VB Editor Martijn Grooten talked about the security of security products and said that many vendors are embracing the work done by Tavis Ormandy and others - as they should.
Security software is software too — and it will have flaws. Last week, I was interviewed for the Risky Business podcast. I really enjoyed the experience, not just because I've… https://www.virusbulletin.com/blog/2016/02/security-vendors-should-embrace-those-hunting-bugs-their-products/

February

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/02/

Throwback Thursday: Peter-II - Three Questions of The Sphinx

This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia.
This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia. Over recent years we have… https://www.virusbulletin.com/blog/2016/01/throwback-thursday-peter-ii-three-questions-sphinx/

VB2015 paper: Effectively testing APT defences

Simon Edwards discusses how to test the potentially untestable.
Simon Edwards discusses how to test the potentially untestable. Like the term or loathe it, APTs have given rise to a new generation of security products that protect against these… https://www.virusbulletin.com/blog/2016/01/paper-effectively-testing-apt-defences/

VB2015 paper: The ethics and perils of APT research: an unexpected transition into intelligence brokerage

Juan Andrés Guerrero-Saade discusses the perils and ethical conundrums that arise as the industry enters a new playing field.
Juan Andrés Guerrero-Saade discusses the perils and ethical conundrums that arise as the industry enters a new playing field. Many security researchers have been part of the… https://www.virusbulletin.com/blog/2016/01/paper-ethics-and-perils-apt-research-unexpected-transition-intelligence-brokerage/

VB2015 paper: Digital 'Bian Lian' (face changing): the Skeleton Key malware

Microsoft, Dell SecureWorks researchers analyse malware targeting Active Directory servers.
Microsoft, Dell SecureWorks researchers analyse malware targeting Active Directory servers. A year ago, researchers from Dell SecureWorks discovered a new kind of malware, dubbed… https://www.virusbulletin.com/blog/2016/01/paper-digital-bian-lian-face-changing-skeleton-key-malware/

Throwback Thursday: I say Virus, You say Trojan

This Throwback Thursday, VB heads back to 1998 — a time when anti-virus vendors avoided tackling non-replicating trojans, worms, jokes and corrupted files.
This Throwback Thursday, VB heads back to 1998 — a time when anti-virus vendors avoided tackling non-replicating trojans, worms, jokes and corrupted files. Today, the idea of… https://www.virusbulletin.com/blog/2016/01/throwback-thursday-i-say-virus-you-say-trojan/

Let's Encrypt certificate used in malversiting

We'd better get used to a world where malicious traffic is encrypted too.
We'd better get used to a world where malicious traffic is encrypted too. According to some people, myself included, Let's Encrypt was one of the best things that happened to the… https://www.virusbulletin.com/blog/2016/01/let-s-encrypt-certificate-used-malversiting/

When it comes to online banking, sub-optimal encryption isn't our biggest concern

Malware authors and scammers won't attack the crypto.
Malware authors and scammers won't attack the crypto. Under the headline "no zero-day necessary", Xiphos has published a rather scary blog post on the state of SSL security within… https://www.virusbulletin.com/blog/2016/01/when-it-comes-online-banking-sub-optimal-encryption-isn-t-our-biggest-concern/

Malware likely cause of power cut in Ukraine

BlackEnergy malware previously linked to targeted attacks in the country.
BlackEnergy malware previously linked to targeted attacks in the country. When in late December hundreds of thousands of homes in Western Ukraine suffered power outages, many… https://www.virusbulletin.com/blog/2016/01/malware-likely-cause-power-cut-ukraine/

2016

Latest news from the anti-virus industry provided by independent anti-virus advisors, Virus Bulletin
NewsThrowback Thursday: Peter-II - Three Questions of The SphinxThis Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced… https://www.virusbulletin.com/blog/2016/

January

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/01/

« Previous 1...2627282930...120 Next »

VB Blog

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

VB2019 videos: partner presentations

VB tests the web security products that play an important role in fending off web-based threats

VB2019 papers: Emotet and Ryuk

Responsible madness?

VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error

Analysis of malware responsible for sextortion spam that mines for Monero on the side

Guest blog: Threat intelligence – a unifying force of the future

Guest blog: Why we should be paying more attention to Linux threats

New Emotet spam campaign continues to bypass email security products