VB Blog

VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

Posted by   Martijn Grooten on   Nov 3, 2017

Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical Trickbot infection process, and its aftermath, as seen through the lens of a tool used to perform man-in-the-middle decryption. Today, we publish both Andrew's slides and the recording of his presentation.

Read more  

Paper: FAME - Friendly Malware Analysis Framework

Posted by   Martijn Grooten on   Nov 2, 2017

Today, we publish a short paper in which CERT Société Générale presents FAME, its open source malware analysis framework.

Read more  

Ebury and Mayhem server malware families still active

Posted by   Martijn Grooten on   Oct 31, 2017

Ebury and Mayhem, two families of Linux server malware, about which VB published papers back in 2014, are still active and have received recent updates.

Read more  

VB2017 paper: Crypton - exposing malware's deepest secrets

Posted by   Martijn Grooten on   Oct 27, 2017

Crypton, a tool developed by F5 Networks researchers Julia Karpin and Anna Dorfman, aims to speed up the reverse engineering process by decrypting encrypted content found in a (malicious) binary. The researchers described the tool in a paper which they presented at VB2017 in Madrid. Today, we publish both the paper and the recording of their presentation.

Read more  

VB2017 paper: The sprawling market of consumer spyware

Posted by   Martijn Grooten on   Oct 25, 2017

For many people, the threat of an abusive partner or ex-partner is very real - and the market for consumer spyware worryingly large. Today, we publish the recording of a presentation on the subject of consumer spyware given at VB2017 by The Daily Beast reporter Joseph Cox.

Read more  

Gábor Szappanos wins fourth Péter Szőr Award

Posted by   Martijn Grooten on   Oct 23, 2017

At the VB2017 gala dinner, the fourth Péter Szőr Award was presented to Sophos researcher Gábor Szappanos for his paper "AKBuilder – the crowdsourced exploit kit".

Read more  

VB2017 paper: Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Posted by   Martijn Grooten on   Oct 20, 2017

We publish the VB2017 paper and video by Kaspersky Lab researchers Juan Andres Guerrero-Saade and Costin Raiu, in which they look at fourth-party collection (spies spying on other spies' campaigns) and its implications for attribution.

Read more  

Didn't come to VB2017? Tell us why!

Posted by   Martijn Grooten on   Oct 11, 2017

Virus Bulletin is a company - and a conference - with a mission: to further the research in and facilitate the fight against digital threats. To help us in this mission, we want to hear from those who didn't come to Madrid. What is your impression of the VB Conference? What did you think of this year's programme? And why couldn't you come to Madrid?

Read more  

Montreal will host VB2018

Posted by   Martijn Grooten on   Oct 10, 2017

Last week, we announced the full details of VB2018, which will take place 3-5 October 2018 at the Fairmont The Queen Elizabeth hotel in Montreal, Quebec, Canada.

Read more  

VB2017 preview: Beyond lexical and PDNS (guest blog)

Posted by   Virus Bulletin on   Oct 5, 2017

In a special guest blog post, VB2017 Silver sponsor Cisco Umbrella writes about a paper that researchers Dhia Mahjoub and David Rodriguez will present at the conference this Friday.

Read more  
Previous1...2829303132...215Next

Search blog

Call for Papers: VB2016 Denver

VB seeks submissions for the 26th Virus Bulletin Conference.
VB seeks submissions for the 26th Virus Bulletin Conference.Virus Bulletin is seeking submissions from those wishing to present papers at VB2016, which will take place 5 to 7… https://www.virusbulletin.com/blog/2015/12/call-papers-denver/

VB2015 video: Making a dent in Russian mobile banking phishing

Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks.
Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly… https://www.virusbulletin.com/blog/2015/12/video-making-dent-russian-mobile-banking-phishing/

Conference review: Botconf 2015

Third botnet fighting conference another big success.
Third botnet fighting conference another big success. Though only in its third year, Botconf has already become a regular fixture in my schedule. And thus, after having attended… https://www.virusbulletin.com/blog/2015/12/conference-review-botconf-2015/

High spam catch rates continue in latest spam filter test

US presidential candidates regularly see their emails blocked by spam filters.
US presidential candidates regularly see their emails blocked by spam filters. Yet again, there was good news for most participants in the bi-monthly VBSpam spam filters tests:… https://www.virusbulletin.com/blog/2015/12/high-spam-catch-rates-continue-latest-spam-filter-test/

Throwback Thursday: A View from the Lab

This Throwback Thursday, VB heads back to 1997 with 'A View from the Lab'.
This Throwback Thursday, VB heads back to 1997 with 'A View from the Lab'. According to its website, the AV-TEST Institute currently registers over 390,000 new malicious programs… https://www.virusbulletin.com/blog/2015/12/throwback-thursday-view-lab/

December

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/12/

Paper: Optimizing ssDeep for use at scale

Brian Wallace presents tool to optimize ssDeep comparisons.
Brian Wallace presents tool to optimize ssDeep comparisons. Malware rarely comes as a single file, and to avoid having to analyse each sample in a set individually, a fuzzy hashing… https://www.virusbulletin.com/blog/2015/11/paper-optimizing-ssdeep-use-scale/

Throwback Thursday: Legal attempts to reduce spam. A UK perspective

This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'.
This Throwback Thursday, we turn the clock back to November 2003, when spam was such a hot topic that VB decided to launch a dedicated 'VB Spam Supplement'. While, today, spam is a… https://www.virusbulletin.com/blog/2015/11/throwback-thursday-legal-attempts-reduce-spam-uk-perspective/

Paper: 3ROS exploit framework kit — one more for the infection road

Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit.
Aditya K. Sood and Rohit Bansal highlight a different side of an exploit kit. Exploit kits are a serious plague on the Internet, made worse by the fact that the online… https://www.virusbulletin.com/blog/2015/11/paper-3ros-exploit-framework-kit-one-more-infection-road/

Throwback Thursday: What DDoS it all Mean?

This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace.
This Throwback Thursday, we turn the clock back to March 2000, when DDoS attacks were a newly emerging menace. Today, DDoS attacks are a well-known form of cyber abuse — indeed,… https://www.virusbulletin.com/blog/2015/11/throwback-thursday-what-ddos-it-all-mean/

The Internet of Bad Things, Observed

In his VB2015 keynote address, Ross Anderson described attacks against EMV cards.
In his VB2015 keynote address, Ross Anderson described attacks against EMV cards. The VB2015 opening keynote by Ross Anderson could hardly have been more timely. In his talk "The… https://www.virusbulletin.com/blog/2015/11/internet-bad-things-observed/

Full house in VB's latest spam filter test

All participating full solutions earn VBSpam certification, while little delay is observed in spam filters.
All participating full solutions earn VBSpam certification, while little delay is observed in spam filters. There is good news for those who rely on spam filters — which means… https://www.virusbulletin.com/blog/2015/11/full-house-vb-s-latest-spam-filter-test/

Throwback Thursday: Inside Sony's rootkit

This Throwback Thursday, we turn the clock back ten years, when the discovery of a rootkit ignited a firestorm of criticism for Sony.
This Throwback Thursday, we turn the clock back ten years, when the discovery of a rootkit ignited a firestorm of criticism for Sony. Rootkits are common among modern malware, and… https://www.virusbulletin.com/blog/2015/11/throwback-thursday-inside-sony-s-rootkit/

Paper: Shifu — the rise of a self-destructive banking trojan

Thorough analysis of this new kid on the malware block.
Thorough analysis of this new kid on the malware block. Times are changing rapidly for banking trojans. Some prominent arrests and at least partially successful takedowns have left… https://www.virusbulletin.com/blog/2015/11/paper-shifu-rise-self-destructive-banking-trojan/

Hack.lu 2015

Great research presented in a stimulating environment.
Great research presented in a stimulating environment. I had heard many good stories about previous Hack.lu conferences, so I was excited this year to finally be able to make it… https://www.virusbulletin.com/blog/2015/11/hack-lu-2015/

November

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/11/

Throwback Thursday: Memetic Mass Mailers: Time to Classify Hoaxes as Malware?

This Throwback Thursday, we turn the clock back to July 2002, when virus hoaxes were wreaking havoc in homes and organizations worldwide.
This Throwback Thursday, we turn the clock back to July 2002, when virus hoaxes were wreaking havoc in homes and organizations worldwide. Virus hoaxes — false reports or warnings… https://www.virusbulletin.com/blog/2015/10/throwback-thursday-memetic-mass-mailers-time-classify-hoaxes-malware/

Throwback Thursday: The real virus problem

Anti-virus and security related articles provided by independent anti-virus advisors, Virus Bulletin
This Throwback Thursday, we turn the clock back to February 2004 when, in order to get a gauge of the "real" virus problem, Jim Bates presented the findings of a survey of UK… https://www.virusbulletin.com/blog/2015/10/throwback-thursday-real-virus-problem/

Paper: MWI-5: Operation HawkEye

Gabor Szappanos looks at how macro malware campaigns spread a commercial keylogger to harvest banking details.
Gabor Szappanos looks at how macro malware campaigns spread a commercial keylogger to harvest banking details. Macro malware was a plague in the late 1990s, when Microsoft Office… https://www.virusbulletin.com/blog/2015/10/paper-mwi-5-operation-hawkeye/

Throwback Thursday: Misguided or malevolent? New trends in virus writing

This Throwback Thursday, we turn the clock back to February 2004 when Stuart Taylor wondered whether there was truly a criminal element entering virus writing.
This Throwback Thursday, we turn the clock back to February 2004 when Stuart Taylor wondered whether there was truly a criminal element entering virus writing. These days, no one… https://www.virusbulletin.com/blog/2015/10/throwback-thursday-misguided-or-malevolent-new-trends-virus-writing/

« Previous 1...2728293031...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.