VB Blog

DMARC: an imperfect solution that can make a big difference

Posted by   Martijn Grooten on   Jul 24, 2017

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.

Read more  

Advanced and inept persistent threats to be discussed at VB2017

Posted by   Martijn Grooten on   Jul 20, 2017

Unsurprisingly given today's threat landscape, the VB2017 programme contains several talks on various advanced persistent threats - but also a talk on what may be the polar opposite of such threats: an inept persistent threat.

Read more  

Password security is 1% choosing a half-decent password, 99% not using it anywhere else

Posted by   Martijn Grooten on   Jul 18, 2017

Password security advice focuses too much on password strength and too little on avoiding password reuse, Martijn Grooten argues.

Read more  

Save the dates: VB2018 to take place 3-5 October 2018

Posted by   Martijn Grooten on   Jul 17, 2017

Though the location will remain a secret for a few more months, we are pleased to announce the dates for VB2018, the 28th Virus Bulletin International Conference.

Read more  

Review: BSides Athens 2017

Posted by   Martijn Grooten on   Jul 10, 2017

The second edition of BSides Athens saw a great and varied programme presented in the Greek capital. VB's Martijn Grooten was pleased to attend.

Read more  

Let's not help attackers by spreading fear, uncertainty and doubt

Posted by   Martijn Grooten on   Jul 7, 2017

Spreading 'FUD' in the wake of cyber-attacks is never a good idea. But it's even worse when this might be one of the attackers' implicit goals.

Read more  

Calling next-gen security researchers: student discount for VB2017 announced

Posted by   Martijn Grooten on   Jul 7, 2017

For the third year in a row, we have set aside a limited number of student tickets for the Virus Bulletin conference, to allow 'next-generation' security researchers to experience one of the most important gatherings of security researchers around the world.

Read more  

Nominations opened for fourth Péter Szőr Award

Posted by   Martijn Grooten on   Jul 4, 2017

Virus Bulletin has opened nominations for the fourth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2016 and 30 June 2017.

Read more  

VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks

Posted by   Martijn Grooten on   Jul 3, 2017

According to some researchers, there is some evidence linking the recent (Not)Petya attacks with the BlackEnergy group - which became infamous for its targeted attacks against the Ukraine. At VB2016, ESET researchers Anton Cherepanov and Robert Lipovsky spoke about BlackEnergy, providing an overview of the group's attacks. Today, we publish their paper.

Read more  

Security advice in the wake of WannaCry and Not(Petya)

Posted by   Martijn Grooten on   Jun 30, 2017

As WannaCry and (Not)Petya have shown, malware attacks can do a lot of damage. So is staying safe just a case of following good security advice?

Read more  
Previous1...3334353637...215Next

Search blog

Paper: Hype heuristics, signatures and the death of AV (again)

David Harley responds to anti-malware's many criticasters.
David Harley responds to anti-malware's many criticasters. Anti-virus is dead. After all, in the current threat landscape, who would use a system that relies on signatures of… https://www.virusbulletin.com/blog/2015/08/paper-hype-heuristics-signatures-and-death-av-again/

Throwback Thursday: Palm Breach

This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant.
This Throwback Thursday, we turn the clock back to July 2000, when concerns were growing about malicious threats to the Palm Personal Digital Assistant. In the 1980s, no one left… https://www.virusbulletin.com/blog/2015/08/throwback-thursday-palm-breach/

August

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/08/

Compromised site serves Nuclear exploit kit together with fake BSOD

Support scammers not lying about a malware infection for a change.
Support scammers not lying about a malware infection for a change. During our work on the development of the VBWeb tests, which will be started soon, we came across an interesting… https://www.virusbulletin.com/blog/2015/07/compromised-site-serves-nuclear-exploit-kit-together-fake-bsod/

Throwback Thursday: Riotous Assembly

This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel.
This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel. Today, malware… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-riotous-assembly/

Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

The operating system has been patched, but it is unclear whether users will receive those patches.
The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code… https://www.virusbulletin.com/blog/2015/07/stagefright-vulnerability-leaves-950-million-android-devices-vulnerable-remote-code-execution/

Throwback Thursday: Sizewell B: Fact or Fiction?

This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants?
This Throwback Thursday, we turn the clock back to 1993, when VB asked the key question: could a virus compromise safety at one of Britain's nuclear power plants? 2010 saw the… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-sizewell-b-fact-or-fiction/

Call for last-minute papers for VB2015 announced

Ten speaking slots waiting to be filled with presentations on 'hot' security topics.
Ten speaking slots waiting to be filled with presentations on 'hot' security topics. There's never a dull moment in the world of IT security. Whether you think the breach of… https://www.virusbulletin.com/blog/2015/07/call-last-minute-papers-announced/

'NOMORE' attack makes RC4 a little weaker again

No good reason to continue using the stream cipher, yet attacks remain impractical.
No good reason to continue using the stream cipher, yet attacks remain impractical. Researchers from the KU Leuven have presented a new attack against the RC4 stream cipher called… https://www.virusbulletin.com/blog/2015/07/nomore-attack-makes-rc4-little-weaker-again/

Spam levels fall below 50% for the first time in 12 years

Decline not necessarily good news for spam filters.
Decline not necessarily good news for spam filters. For the first time in 12 years, less than half of email traffic is spam, Symantec reports in the latest issue of its monthly… https://www.virusbulletin.com/blog/2015/07/spam-levels-fall-below-50-first-time-12-years/

Throwback Thursday: What You Pay For...

This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge.
This Throwback Thursday, we turn the clock back to 1996, when VB looked at what was available to protect your computer free of charge. Today, the 'freemium' business model is a… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-what-you-pay/

Paper: Dridex in the Wild

Meng Su explains how Dridex works and how it communicates with its C&C server.
Meng Su explains how Dridex works and how it communicates with its C&C server. A descendant of Cridex, Dridex was first written about a little less than a year ago, by S21sec and… https://www.virusbulletin.com/blog/2015/07/paper-dridex-wild/

Those doing bad things deserve privacy too

Hacking Team leakers should have taken a leaf out of Snowden's book.
Hacking Team leakers should have taken a leaf out of Snowden's book. I can understand, at least in principle, that targeted malware could be used by law enforcement agencies for… https://www.virusbulletin.com/blog/2015/07/those-doing-bad-things-deserve-privacy-too/

Throwback Thursday: Cabirn Fever

This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared.
This Throwback Thursday, we turn the clock back to 2004, when the first worm to spread from mobile phone to mobile phone appeared. Since it first appeared almost exactly 11 years… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-cabirn-fever/

Little sympathy for breached Hacking Team

Lists of customers, source code and zero-day vulnerabilities made public.
Lists of customers, source code and zero-day vulnerabilities made public. The biggest security story of this week, and probably one of the biggest of the year, is the hack of… https://www.virusbulletin.com/blog/2015/07/little-sympathy-breached-hacking-team/

Throwback Thursday: The Updating Game

This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm.
This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm. We all know that the malware scene has changed almost beyond… https://www.virusbulletin.com/blog/2015/07/throwback-thursday-updating-game/

July

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/07/

Nominations opened for second Péter Ször Award

'Brilliant mind and a true gentleman' commemorated through annual award for technical security research.
'Brilliant mind and a true gentleman' commemorated through annual award for technical security research. During VB2014 in Seattle, we presented the first annual Péter Ször Award to… https://www.virusbulletin.com/blog/2015/06/nominations-opened-second-p-ter-sz-r-award/

Latest spam filter test sees significant drop in catch rates

Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award.
Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award. Spam is notoriously volatile and thus, while we like to make the news headlines… https://www.virusbulletin.com/blog/2015/06/latest-spam-filter-test-sees-significant-drop-catch-rates/

VB2014 paper: Quantifying maliciousness in Alexa top-ranked domains

Paul Royal looks at malware served through the most popular websites.
Paul Royal looks at malware served through the most popular websites. Though VB2014 took place nine months ago, most of the papers presented during the conference remain very… https://www.virusbulletin.com/blog/2015/06/paper-quantifying-maliciousness-alexa-top-ranked-domains/

« Previous 1...2930313233...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.