VB Blog

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Posted by Martijn Grooten on Jan 7, 2019

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.

Posted by Martijn Grooten on Dec 19, 2018

VB Editor Martijn Grooten reviews Charles Arthur's Cyber Wars, which looks at seven prominent hacks and attacks, and the lessons we can learn from them.

Posted by Martijn Grooten on Dec 14, 2018

At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.

Posted by Martijn Grooten on Dec 12, 2018

Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.

Posted by Martijn Grooten on Dec 11, 2018

VB calls on organisations and individuals involved in threat intelligence from around the world to participate in next year's Virus Bulletin conference.

Posted by Martijn Grooten on Dec 7, 2018

Today, we publish the VB2018 paper by Qihoo 360 researchers Ya Liu and Hui Wang, on extracting data from variants of the Mirai botnet to classify and track variants.

Posted by Martijn Grooten on Dec 6, 2018

2018 has seen an increase in the variety of botnets living on the Internet of Things - such as Hide'N'Seek, which is notable for its use of peer-to-peer for command-and-control communication. Today, we publish the VB2018 paper by Bitdefender researchers Adrian Șendroiu and Vladimir Diaconescu, who studied the Hide'N'Seek IoT botnet. We also release the recording of their presentation.

Posted by Martijn Grooten on Dec 4, 2018

In a new paper, Avast researchers Jan Sirmer and Adolf Streda look at how a spam campaign sent via the Necurs botnet was delivering the Flawed Ammyy RAT. As well as publishing the paper, we have also released the video of the reseachers' VB2018 presentation on the same topic.

Posted by Martijn Grooten on Nov 29, 2018

Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.

Posted by Martijn Grooten on Nov 28, 2018

Today, we publish the video of the VB2018 presentation by CitizenLab researchers Masashi Nishihata and John Scott Railton, on threats faced by civil society.

Previous1...1415161718...215Next

Search blog

Virus Bulletin publishes first web filter test report

After a lot of preparation, Virus Bulletin is proud to have published the first "VBWeb" comparative web filter test report, in which products' ability to block web-based malware and drive-by downloads was tested. Fortinet's FortiGuard appliance was the fi…
Virus Bulletin has been testing security products for more than 18 years, and in recent years, we have had many requests from product developers asking us to test their web… https://www.virusbulletin.com/blog/2016/02/virus-bulletin-published-first-corporate-web-filter-test-report/

VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?

Sophos researchers Rowland Yu and William Lee look at whether recent security enhancements to Android, such as SEAndroid and containerization, will be enough to defeat future malware threats.
Google's Android operating system may have a bit of a bad reputation when it comes to security, but it's worth noting that recent versions of the operating system have been… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-will-android-trojans-worms-or-rootkits-survive-seandroid-and-containerization/

First six VB2016 sponsors announced

Virus Bulletin is excited to announce the first six sponsors for VB2016, the 26th international Virus Bulletin conference, which will take place in Denver, Colorado, USA 5-7 October 2016.
While VB2016, the 26th Virus Bulletin conference, is still more than nine months away, preparations for the event are well under way. Hopefully you will already have seen the call… https://www.virusbulletin.com/blog/2016/02/vb2016-sponsors-announced/

VB2015 paper: Sizing cybercrime: incidents and accidents, hints and allegations

Cybercrime is big. But how big is it really? In a paper presented at VB2015 and together with the presentation video published on our website today, ESET researcher Stephen Cobb looks at previous studies that attempt the size of cybercrime and asks why we…
How big is cybercrime? Various attempts have been made to measure the size of cybercrime around the world, or in individual countries, but how reliable are the methodologies… https://www.virusbulletin.com/blog/2016/02/vb2015-paper-sizing-cybercrime-incidents-and-accidents-hints-and-allegations/

Throwback Thursday: The Thin Blue Line

This Throwback Thursday, VB heads back to 1994 when UK Fraud Squad detectives started making inroads into the most puzzling 'Whodunnit' since the Great Train Robbery. Had an outbreak of computer crime swept Britain? No, it was all part of a police trainin…
This Throwback Thursday, VB heads back to 1994 when UK Fraud Squad detectives started making inroads into the most puzzling 'Whodunnit' since the Great Train Robbery. Had an… https://www.virusbulletin.com/blog/2016/02/throwback-thursday-thin-blue-line/

Welcome to virusbulletin.com

Almost 20 years after Virus Bulletin revealed its first site on the "world wide web", we've redesigned our whole website. And we have a new domain as well.
Virus Bulletin revealed its first website in the spring of 1996, almost 20 years ago. As was common in those days, it was referred to as 'our presence on the "world wide web"' —… https://www.virusbulletin.com/blog/2016/02/welcome-virusbulletincom/

VB2015 video: TurlaSat: The Fault in our Stars

In a presentation at VB2015 in Prague, Kaspersky Lab researcher Kurt Baumgartner talked about Turla's extraplanetary activities: the malware used (and abused) satellite Internet connections for command and control communication.
Kurt Baumgartner talks about Turla's extraplanetary activities. Despite the hype around the subject, the tools used by most so-called APT groups are surprisingly mundane. But… https://www.virusbulletin.com/blog/2016/02/vb2015-video-fault-our-stars/

Security vendors should embrace those hunting bugs in their products

When interviewed by the Risky Business podcast last week, VB Editor Martijn Grooten talked about the security of security products and said that many vendors are embracing the work done by Tavis Ormandy and others - as they should.
Security software is software too — and it will have flaws. Last week, I was interviewed for the Risky Business podcast. I really enjoyed the experience, not just because I've… https://www.virusbulletin.com/blog/2016/02/security-vendors-should-embrace-those-hunting-bugs-their-products/

February

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/02/

Throwback Thursday: Peter-II - Three Questions of The Sphinx

This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia.
This Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced things up with a bit of pop trivia. Over recent years we have… https://www.virusbulletin.com/blog/2016/01/throwback-thursday-peter-ii-three-questions-sphinx/

VB2015 paper: Effectively testing APT defences

Simon Edwards discusses how to test the potentially untestable.
Simon Edwards discusses how to test the potentially untestable. Like the term or loathe it, APTs have given rise to a new generation of security products that protect against these… https://www.virusbulletin.com/blog/2016/01/paper-effectively-testing-apt-defences/

VB2015 paper: The ethics and perils of APT research: an unexpected transition into intelligence brokerage

Juan Andrés Guerrero-Saade discusses the perils and ethical conundrums that arise as the industry enters a new playing field.
Juan Andrés Guerrero-Saade discusses the perils and ethical conundrums that arise as the industry enters a new playing field. Many security researchers have been part of the… https://www.virusbulletin.com/blog/2016/01/paper-ethics-and-perils-apt-research-unexpected-transition-intelligence-brokerage/

VB2015 paper: Digital 'Bian Lian' (face changing): the Skeleton Key malware

Microsoft, Dell SecureWorks researchers analyse malware targeting Active Directory servers.
Microsoft, Dell SecureWorks researchers analyse malware targeting Active Directory servers. A year ago, researchers from Dell SecureWorks discovered a new kind of malware, dubbed… https://www.virusbulletin.com/blog/2016/01/paper-digital-bian-lian-face-changing-skeleton-key-malware/

Throwback Thursday: I say Virus, You say Trojan

This Throwback Thursday, VB heads back to 1998 — a time when anti-virus vendors avoided tackling non-replicating trojans, worms, jokes and corrupted files.
This Throwback Thursday, VB heads back to 1998 — a time when anti-virus vendors avoided tackling non-replicating trojans, worms, jokes and corrupted files. Today, the idea of… https://www.virusbulletin.com/blog/2016/01/throwback-thursday-i-say-virus-you-say-trojan/

Let's Encrypt certificate used in malversiting

We'd better get used to a world where malicious traffic is encrypted too.
We'd better get used to a world where malicious traffic is encrypted too. According to some people, myself included, Let's Encrypt was one of the best things that happened to the… https://www.virusbulletin.com/blog/2016/01/let-s-encrypt-certificate-used-malversiting/

When it comes to online banking, sub-optimal encryption isn't our biggest concern

Malware authors and scammers won't attack the crypto.
Malware authors and scammers won't attack the crypto. Under the headline "no zero-day necessary", Xiphos has published a rather scary blog post on the state of SSL security within… https://www.virusbulletin.com/blog/2016/01/when-it-comes-online-banking-sub-optimal-encryption-isn-t-our-biggest-concern/

Malware likely cause of power cut in Ukraine

BlackEnergy malware previously linked to targeted attacks in the country.
BlackEnergy malware previously linked to targeted attacks in the country. When in late December hundreds of thousands of homes in Western Ukraine suffered power outages, many… https://www.virusbulletin.com/blog/2016/01/malware-likely-cause-power-cut-ukraine/

2016

Latest news from the anti-virus industry provided by independent anti-virus advisors, Virus Bulletin
NewsThrowback Thursday: Peter-II - Three Questions of The SphinxThis Throwback Thursday, VB heads back to 1993, when an ordinary memory-resident master boot sector virus spiced… https://www.virusbulletin.com/blog/2016/

January

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2016/01/

« Previous 1...2627282930...120 Next »

VB Blog

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Book Review: Cyber Wars

VB2018 paper: Office bugs on the rise

VB2018 video: The Big Bang Theory by APT-C-23

VB2019 London - join us for the most international threat intelligence conference!

VB2018 paper: Tracking Mirai variants

VB2018 paper: Hide'n'Seek: an adaptive peer-to-peer IoT botnet

New paper: Botception: botnet distributes script with bot capabilities

VB2018 video: Behind the scenes of the SamSam investigation

VB2018 video: Foreverdays: tracking and mitigating threats targeting civil society orgs