VB Blog

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by   Martijn Grooten on   Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Read more  

VB2019 videos: partner presentations

Posted by   Martijn Grooten on   Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Read more  

VB tests the web security products that play an important role in fending off web-based threats

Posted by   Martijn Grooten on   Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Read more  

VB2019 papers: Emotet and Ryuk

Posted by   Martijn Grooten on   Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Read more  

Responsible madness?

Posted by   Virus Bulletin on   Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Read more  

VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error

Posted by   Martijn Grooten on   Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Read more  

Analysis of malware responsible for sextortion spam that mines for Monero on the side

Posted by   Virus Bulletin on   Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Read more  

Guest blog: Threat intelligence – a unifying force of the future

Posted by   Virus Bulletin on   Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Read more  

Guest blog: Why we should be paying more attention to Linux threats

Posted by   Virus Bulletin on   Sep 25, 2019

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.

Read more  

New Emotet spam campaign continues to bypass email security products

Posted by   Martijn Grooten on   Sep 18, 2019

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.

Read more  
Previous1...89101112...215Next

Search blog

VB2020 TIPS presentation: Business Email Compromise – Scalable Attribution Powering Industry and Law Enforcement Collaboration

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contr…
As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we… https://www.virusbulletin.com/blog/2020/11/vb2020-tips-presentation-business-email-compromise-scalable-attribution-powering-industry-and-law-enforcement-collaboration/

VB2020 TIPS presentation: Collaborating with Competitors: A Better Strategy to Beat Adversaries

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contr…
As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we… https://www.virusbulletin.com/blog/2020/11/vb2020-tips-presentation-collaborating-competitors-better-strategy-beat-adversaries/

November

https://www.virusbulletin.com/blog/2020/11/

VB2020 TIPS presentations: cybercrime in the DACH region and ransomware in LATAM

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contr…
As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we… https://www.virusbulletin.com/blog/2020/10/vb2020-tips-presentations-cybercrime-dach-region-and-ransomware-latam/

VB2020 TIPS presentation: Intelligence Sharing for Supply Chain Security

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contr…
    As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summit (TIPS), put together by the Cyber Threat Alliance. In a series of… https://www.virusbulletin.com/blog/2020/10/vb2020-tips-presentation-intelligence-sharing-supply-chain-security/

October

https://www.virusbulletin.com/blog/2020/10/

VB2020 localhost is over, but the content is still available to view!

VB2020 localhost - VB's first foray into the world of virtual conferences - took place last week, but you can still watch all the presentations.
VB2020 localhost - VB's first virtual, and entirely free to attend VB conference - took place last week and was a great success, with over 2,700 registered delegates from 84… https://www.virusbulletin.com/blog/2020/10/vb2020-localhost-over-theres-still-time-view-content/

New additions complete the VB2020 localhost programme

The programme for VB2020 localhost - the first virtual, and entirely free to attend VB conference - is now complete, with new additions to both the live programme and the on-demand programme.
While many kinds of economic activity have decreased during the pandemic, that is not the case for online threats: they have been as prolific as ever and continue to evolve.… https://www.virusbulletin.com/blog/2020/08/vb2020-localhost-programme-complete/

August

https://www.virusbulletin.com/blog/2020/08/

VB2020 localhost call for last minute papers: a unique opportunity

Why VB2020 localhost presents a unique opportunity for you to share your research with security experts around the globe.
Now in its 30th year, the Virus Bulletin Conference has not only evolved into the annual threat intelligence conference, but also into one of the most international security… https://www.virusbulletin.com/blog/2020/08/vb2020-localhost-call-last-minute-papers-unique-opportunity/

VB2020 localhost call for last-minute papers now open!

The call for last-minute papers for VB2020 localhost is now open. Submit before 17 August to have your paper considered for one of the nine slots reserved for 'hot' research!
Have you analysed a brand new online threat? Are you involved in cutting edge security research? Are you tasked with securing systems and fending off attacks and developing new… https://www.virusbulletin.com/blog/2020/07/vb2020-localhost-call-last-minute-papers-now-open/

July

https://www.virusbulletin.com/blog/2020/07/

Announcing... VB2020 localhost

Announcing VB2020 localhost: the carbon neutral, budget neutral VB conference!
Over the last few months the VB team has been hard at work preparing for the virtual edition of VB2020 and we can now reveal... VB2020 localhost: the carbon neutral, budget… https://www.virusbulletin.com/blog/2020/07/announcing-vb2020-localhost/

May

https://www.virusbulletin.com/blog/2020/05/

VB2019 paper: APT cases exploiting vulnerabilities in region-specific software

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their presentat…
APT cases exploiting vulnerabilities in region-specific software Read the paper (HTML) Download the paper (PDF)       Software that is endemic to a specific country… https://www.virusbulletin.com/blog/2020/05/vb2019-paper-apt-cases-exploiting-vulnerabilities-region-specific-software/

New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request forger…
VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity Read the paper (HTML) Download the paper (PDF)   VB2019 paper:… https://www.virusbulletin.com/blog/2020/04/new-paper-detection-vulnerabilities-web-applications-validating-parameter-integrity-and-data-flow-graphs/

VB2020 programme announced

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.
While VB is keeping a careful eye on the global situation surrounding the COVID-19 pandemic and the various travel and health advice, the planning and arrangements for VB2020 are… https://www.virusbulletin.com/blog/2020/04/vb2020-programme-announced/

VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.
Cyber espionage in the Middle East: unravelling OSX.WindTail Read the paper (HTML) Download the paper (PDF)   The Middle East continues to be a hotbed of APT activity. The… https://www.virusbulletin.com/blog/2020/04/vb2019-paper-cyber-espionage-middle-east-unravelling-osxwindtail/

April

https://www.virusbulletin.com/blog/2020/04/

VB2019 paper: 2,000 reactions to a malware attack – accidental study

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.
2,000 reactions to a malware attack – accidental study Read the paper (HTML) Download the paper (PDF)   In an illuminating study – possible thanks to a unique perspective on… https://www.virusbulletin.com/blog/2020/03/vb2019-paper-2000-reactions-malware-attack-accidental-study/

« Previous 1234567...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.