VB Blog

WordPress users urged to manually update to fix bug that prevents automatic updating

Posted by   Martijn Grooten on   Feb 8, 2018

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.

Read more  

New paper: A review of the evolution of Andromeda over the years

Posted by   Martijn Grooten on   Feb 7, 2018

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by Fortinet researchers Bahare Sabouri and He Xu, we look back at the evolution of Andromeda from version 2.06 to 2.10 and demonstrate both how it improved its loader to evade automatic analysis/detection and how the payload varied among the different versions.

Read more  

There is no evidence in-the-wild malware is using Meltdown or Spectre

Posted by   Martijn Grooten on   Feb 2, 2018

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.

Read more  

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

Posted by   Martijn Grooten on   Feb 1, 2018

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.

Read more  

First time speaker? Don't be afraid of submitting to the VB2018 CFP

Posted by   Martijn Grooten on   Jan 31, 2018

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others have been working on.

Read more  

VB2017 paper: VirusTotal tips, tricks and myths

Posted by   Martijn Grooten on   Jan 25, 2018

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.

Read more  

Healthcare CERTs highlight the need for security guidance for specific sectors

Posted by   Martijn Grooten on   Jan 24, 2018

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.

Read more  

VB2018 call for papers now open!

Posted by   Martijn Grooten on   Jan 23, 2018

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!

Read more  

Book review: Serious Cryptography

Posted by   Martijn Grooten on   Jan 22, 2018

VB Editor Martijn Grooten recommends Jean-Philippe Aumasson's 'Serious Cryptography' as a very solid but practically focused introduction to cryptography.

Read more  

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

Posted by   Martijn Grooten on   Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Read more  
Previous1...2425262728...215Next

Search blog

Paper: Hype heuristics, signatures and the death of AV (again)

David Harley responds to anti-malware's many criticasters.
David Harley responds to anti-malware's many criticasters. Anti-virus is dead. After all, in the current threat landscape, who would use a system that relies on signatures of… https://www.virusbulletin.com/blog/2015/08/paper-hype-heuristics-signatures-and-death-av-again/

Throwback Thursday: Palm Breach

This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant.
This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant. In the 1980s, no one left… https://www.virusbulletin.com/blog/2015/08/throwback-thursday-palm-breach/

August

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/08/

Compromised site serves Nuclear exploit kit together with fake BSOD

Support scammers not lying about a malware infection for a change.
Support scammers not lying about a malware infection for a change. During our work on the development of the VBWeb tests, which will be started soon, we came across an interesting… https://www.virusbulletin.com/blog/2015/07/compromised-site-serves-nuclear-exploit-kit-together-fake-bsod/

Throwback Thursday: Riotous Assembly

This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel.
This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel. Today, malware… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-riotous-assembly/

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.
The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code… https://www.virusbulletin.com/blog/2015/07/stagefright-vulnerability-leaves-950-million-android-devices-vulnerable-remote-code-execution/

Throwback Thursday: Sizewell B: Fact or Fiction?

This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants?
This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants? 2010 saw the… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-sizewell-b-fact-or-fiction/

Call for last-minute papers for VB2015 announced

Ten speaking slots waiting to be filled with presentations on 'hot' security topics.
Ten speaking slots waiting to be filled with presentations on 'hot' security topics. There's never a dull moment in the world of IT security. Whether you think the breach of… https://www.virusbulletin.com/blog/2015/07/call-last-minute-papers-announced/

Spam levels fall below 50% for the first time in 12 years

Decline not necessarily good news for spam filters.
Decline not necessarily good news for spam filters. For the first time in 12 years, less than half of email traffic is spam, Symantec reports in the latest issue of its monthly… https://www.virusbulletin.com/blog/2015/07/spam-levels-fall-below-50-first-time-12-years/

'NOMORE' attack makes RC4 a little weaker again

No good reason to continue using the stream cipher, yet attacks remain impractical.
No good reason to continue using the stream cipher, yet attacks remain impractical. Researchers from the KU Leuven have presented a new attack against the RC4 stream cipher called… https://www.virusbulletin.com/blog/2015/07/nomore-attack-makes-rc4-little-weaker-again/

Throwback Thursday: What You Pay For...

This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge.
This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge. Today, the 'freemium' business model is a… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-what-you-pay/

Paper: Dridex in the Wild

Meng Su explains how Dridex works and how it communicates with its C&C server.
Meng Su explains how Dridex works and how it communicates with its C&C server. A descendant of Cridex, Dridex was first written about a little less than a year ago, by S21sec and… https://www.virusbulletin.com/blog/2015/07/paper-dridex-wild/

Those doing bad things deserve privacy too

Hacking Team leakers should have taken a leaf out of Snowden's book.
Hacking Team leakers should have taken a leaf out of Snowden's book. I can understand, at least in principle, that targeted malware could be used by law enforcement agencies for… https://www.virusbulletin.com/blog/2015/07/those-doing-bad-things-deserve-privacy-too/

Throwback Thursday: Cabirn Fever

This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared.
This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared. Since it first appeared almost exactly 11 years… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-cabirn-fever/

Little sympathy for breached Hacking Team

Lists of customers, source code and zero-day vulnerabilities made public.
Lists of customers, source code and zero-day vulnerabilities made public. The biggest security story of this week, and probably one of the biggest of the year, is the hack of… https://www.virusbulletin.com/blog/2015/07/little-sympathy-breached-hacking-team/

Throwback Thursday: The Updating Game

This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm.
This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm. We all know that the malware scene has changed almost beyond… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-updating-game/

July

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/07/

Nominations opened for second Péter Ször Award

'Brilliant mind and a true gentleman' commemorated through annual award for technical security research.
'Brilliant mind and a true gentleman' commemorated through annual award for technical security research. During VB2014 in Seattle, we presented the first annual Péter Ször Award to… https://www.virusbulletin.com/blog/2015/06/nominations-opened-second-p-ter-sz-r-award/

Latest spam filter test sees significant drop in catch rates

Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award.
Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award. Spam is notoriously volatile and thus, while we like to make the news headlines… https://www.virusbulletin.com/blog/2015/06/latest-spam-filter-test-sees-significant-drop-catch-rates/

VB2014 paper: Quantifying maliciousness in Alexa top-ranked domains

Paul Royal looks at malware served through the most popular websites.
Paul Royal looks at malware served through the most popular websites. Though VB2014 took place nine months ago, most of the papers presented during the conference remain very… https://www.virusbulletin.com/blog/2015/06/paper-quantifying-maliciousness-alexa-top-ranked-domains/

« Previous 1...2930313233...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.