VB Blog

VB2017 paper: Nine circles of Cerber

Posted by   Martijn Grooten on   Dec 15, 2017

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more  

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Posted by   Martijn Grooten on   Dec 14, 2017

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more  

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Posted by   Martijn Grooten on   Dec 14, 2017

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more  

Security Planner gives security advice based on your threat model

Posted by   Martijn Grooten on   Dec 13, 2017

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more  

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Posted by   Martijn Grooten on   Dec 11, 2017

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more  

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Posted by   Martijn Grooten on   Dec 7, 2017

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more  

VB2017 paper: Peering into spam botnets

Posted by   Martijn Grooten on   Dec 1, 2017

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more  

Throwback Thursday: Anti-malware testing undercover

Posted by   Martijn Grooten on   Nov 30, 2017

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more  

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Posted by   Martijn Grooten on   Nov 30, 2017

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more  

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more  
Previous1...2627282930...215Next

Search blog

Paper: Hype heuristics, signatures and the death of AV (again)

David Harley responds to anti-malware's many criticasters.
David Harley responds to anti-malware's many criticasters. Anti-virus is dead. After all, in the current threat landscape, who would use a system that relies on signatures of… https://www.virusbulletin.com/blog/2015/08/paper-hype-heuristics-signatures-and-death-av-again/

Throwback Thursday: Palm Breach

This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant.
This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant. In the 1980s, no one left… https://www.virusbulletin.com/blog/2015/08/throwback-thursday-palm-breach/

August

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/08/

Compromised site serves Nuclear exploit kit together with fake BSOD

Support scammers not lying about a malware infection for a change.
Support scammers not lying about a malware infection for a change. During our work on the development of the VBWeb tests, which will be started soon, we came across an interesting… https://www.virusbulletin.com/blog/2015/07/compromised-site-serves-nuclear-exploit-kit-together-fake-bsod/

Throwback Thursday: Riotous Assembly

This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel.
This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel. Today, malware… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-riotous-assembly/

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.
The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code… https://www.virusbulletin.com/blog/2015/07/stagefright-vulnerability-leaves-950-million-android-devices-vulnerable-remote-code-execution/

Throwback Thursday: Sizewell B: Fact or Fiction?

This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants?
This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants? 2010 saw the… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-sizewell-b-fact-or-fiction/

Call for last-minute papers for VB2015 announced

Ten speaking slots waiting to be filled with presentations on 'hot' security topics.
Ten speaking slots waiting to be filled with presentations on 'hot' security topics. There's never a dull moment in the world of IT security. Whether you think the breach of… https://www.virusbulletin.com/blog/2015/07/call-last-minute-papers-announced/

Spam levels fall below 50% for the first time in 12 years

Decline not necessarily good news for spam filters.
Decline not necessarily good news for spam filters. For the first time in 12 years, less than half of email traffic is spam, Symantec reports in the latest issue of its monthly… https://www.virusbulletin.com/blog/2015/07/spam-levels-fall-below-50-first-time-12-years/

'NOMORE' attack makes RC4 a little weaker again

No good reason to continue using the stream cipher, yet attacks remain impractical.
No good reason to continue using the stream cipher, yet attacks remain impractical. Researchers from the KU Leuven have presented a new attack against the RC4 stream cipher called… https://www.virusbulletin.com/blog/2015/07/nomore-attack-makes-rc4-little-weaker-again/

Throwback Thursday: What You Pay For...

This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge.
This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge. Today, the 'freemium' business model is a… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-what-you-pay/

Paper: Dridex in the Wild

Meng Su explains how Dridex works and how it communicates with its C&C server.
Meng Su explains how Dridex works and how it communicates with its C&C server. A descendant of Cridex, Dridex was first written about a little less than a year ago, by S21sec and… https://www.virusbulletin.com/blog/2015/07/paper-dridex-wild/

Those doing bad things deserve privacy too

Hacking Team leakers should have taken a leaf out of Snowden's book.
Hacking Team leakers should have taken a leaf out of Snowden's book. I can understand, at least in principle, that targeted malware could be used by law enforcement agencies for… https://www.virusbulletin.com/blog/2015/07/those-doing-bad-things-deserve-privacy-too/

Throwback Thursday: Cabirn Fever

This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared.
This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared. Since it first appeared almost exactly 11 years… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-cabirn-fever/

Little sympathy for breached Hacking Team

Lists of customers, source code and zero-day vulnerabilities made public.
Lists of customers, source code and zero-day vulnerabilities made public. The biggest security story of this week, and probably one of the biggest of the year, is the hack of… https://www.virusbulletin.com/blog/2015/07/little-sympathy-breached-hacking-team/

Throwback Thursday: The Updating Game

This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm.
This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm. We all know that the malware scene has changed almost beyond… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-updating-game/

July

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/07/

Nominations opened for second Péter Ször Award

'Brilliant mind and a true gentleman' commemorated through annual award for technical security research.
'Brilliant mind and a true gentleman' commemorated through annual award for technical security research. During VB2014 in Seattle, we presented the first annual Péter Ször Award to… https://www.virusbulletin.com/blog/2015/06/nominations-opened-second-p-ter-sz-r-award/

Latest spam filter test sees significant drop in catch rates

Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award.
Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award. Spam is notoriously volatile and thus, while we like to make the news headlines… https://www.virusbulletin.com/blog/2015/06/latest-spam-filter-test-sees-significant-drop-catch-rates/

VB2014 paper: Quantifying maliciousness in Alexa top-ranked domains

Paul Royal looks at malware served through the most popular websites.
Paul Royal looks at malware served through the most popular websites. Though VB2014 took place nine months ago, most of the papers presented during the conference remain very… https://www.virusbulletin.com/blog/2015/06/paper-quantifying-maliciousness-alexa-top-ranked-domains/

« Previous 1...2930313233...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.