VB Blog

VB2017 paper: Nine circles of Cerber

Posted by   Martijn Grooten on   Dec 15, 2017

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked; we have also uploaded the video of the presentation of this paper, by Or Eshed and Yaniv Balmas.

Read more  

Attack on Fox-IT shows how a DNS hijack can break multiple layers of security

Posted by   Martijn Grooten on   Dec 14, 2017

Dutch security firm Fox-IT deserves praise for being open about an attack on its client network. There are some important lessons to be learned about DNS security from its post-mortem.

Read more  

Throwback Thursday: BGP - from route hijacking to RPKI: how vulnerable is the Internet?

Posted by   Martijn Grooten on   Dec 14, 2017

For this week's Throwback Thursday, we look back at the video of a talk Level 3's Mike Benjamin gave at VB2016 in Denver, on BGP and BGP hijacks.

Read more  

Security Planner gives security advice based on your threat model

Posted by   Martijn Grooten on   Dec 13, 2017

Citizen Lab's Security Planner helps you improve your online safety, based on the specific threats you are facing.

Read more  

VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week

Posted by   Martijn Grooten on   Dec 11, 2017

Today, we publish the video of the VB2017 presentation by Avast researcher Jakub Kroustek and his former colleague Előd Kironský, now at ESET, who told the story of Spora, one of of the most prominent ransomware families of 2017.

Read more  

VB2017 paper: Modern reconnaissance phase on APT – protection layer

Posted by   Martijn Grooten on   Dec 7, 2017

During recent research, Cisco Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. At VB2017 in Madrid, two of those researchers, Paul Rascagneres and Warren Mercer, presented a paper detailing five case studies that demonstrate how the infection vector is evolving. Today we publish both Paul and Warren's paper and the recording of their presentation.

Read more  

VB2017 paper: Peering into spam botnets

Posted by   Martijn Grooten on   Dec 1, 2017

At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.

Read more  

Throwback Thursday: Anti-malware testing undercover

Posted by   Martijn Grooten on   Nov 30, 2017

We look back at the VB2016 presentation by Righard Zwienenberg (ESET) and Luis Corrons (Panda Security), in which they discussed various issues relating to anti-malware testing.

Read more  

Virus Bulletin relaunches VB Security Jobs Market for both employers and job seekers

Posted by   Martijn Grooten on   Nov 30, 2017

As an independent body in the IT security industry, Virus Bulletin is in an ideal position to act as a global source of information both about jobs currently available in the field and about those candidates currently seeking to start or progress their career in the industry - which is why we have relaunched the VB Security Jobs Market.

Read more  

VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

Posted by   Martijn Grooten on   Nov 29, 2017

At VB2017 in Madrid, macOS malware researcher Patrick Wardle presented the details of a specific piece of Mac malware, FruitFly, which he analysed through a custom C&C server - a technique that will also be of interest for researchers of malware on other platforms. Today we publish both Patrick's paper and the recording of his presentation.

Read more  
Previous1...2627282930...215Next

Search blog

You are your own threat model

For most people, the biggest security threat is that of themselves doing something they shouldn't do.
For most people, the biggest security threat is that of themselves doing something they shouldn't do. Last week, Microsoft wrote about the return of macro malware where, now that… https://www.virusbulletin.com/blog/2015/05/you-are-your-own-threat-model/

May

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/05/

Report: six anti-virus solutions pass annual Linux test

Clean sweep of passes in VB100 test on Red Hat Enterprise Linux.
Clean sweep of passes in VB100 test on Red Hat Enterprise Linux. 2015 will yet again not be the 'Year of the Linux Desktop', yet behind the scenes' Linux plays an important role in… https://www.virusbulletin.com/blog/2015/05/report-six-anti-virus-solutions-pass-annual-linux-test/

Throwback Thursday: Regina v Christopher Pile: The Inside Story & Off with his Head!

This Throwback Thursday, we bring you not one but two (related) pieces from the archives as VB heads back to 1996 to look at events surrounding the issuing of the UK's first custodial sentence for writing and distributing computer viruses.
This Throwback Thursday, we bring you not one but two (related) pieces from the archives as VB heads back to 1996 to look at events surrounding the issuing of the UK's first… https://www.virusbulletin.com/blog/2015/04/throwback-thursday-regina-v-christopher-pile-inside-story-amp-his-head/

POODLE is the brown M&Ms of security

Just because it won't be exploited, doesn't mean you shouldn't patch it.
Just because it won't be exploited, doesn't mean you shouldn't patch it. There is a famous story about the rock band Van Halen whose lists of requirements when performing a show… https://www.virusbulletin.com/blog/2015/04/poodle-brown-m-amp-ms-security/

Report: 15 solutions achieve VBSpam award

Test process also uncovers job spam illustrative of trend.
Test process also uncovers job spam illustrative of trend. Last week, we published our 36th comparative anti-spam test. All but one of the 16 participating full solutions achieved… https://www.virusbulletin.com/blog/2015/04/report-15-solutions-achieve-vbspam-award/

Throwback Thursday: Through the Administrator's Eye

This Throwback Thursday, VB heads back to 1997 with 'Through the Administrator's Eye'.
This Throwback Thursday, VB heads back to 1997 with 'Through the Administrator's Eye'. Over the last couple of years, the 'Throwback Thursday' trend has taken the Internet by… https://www.virusbulletin.com/blog/2015/04/throwback-thursday-through-administrator-s-eye/

VB2015 offer for new security companies

Write an article for the Bulletin, get a half-price ticket for the conference.
Write an article for the Bulletin, get a half-price ticket for the conference. Things are going well for the security industry. That may, of course, be because of the poor state of… https://www.virusbulletin.com/blog/2015/04/offer-new-security-companies/

Registration for VB2015 has opened

Early bird discounts available for registrations made before 30 June.
Early bird discounts available for registrations made before 30 June. Today, we have opened registration for VB2015, the 25th Virus Bulletin International Conference. 'VB' is… https://www.virusbulletin.com/blog/2015/04/registration-has-opened/

Ross Anderson awarded BCS Lovelace Medal

Cambridge professor to deliver VB2015 keynote.
Cambridge professor to deliver VB2015 keynote. Yesterday, the British Computer Society (BCS) announced that the 2015 Lovelace Medal has been awarded to Prof. Ross Anderson. Named… https://www.virusbulletin.com/blog/2015/04/ross-anderson-awarded-bcs-lovelace-medal/

Does it matter if my banking password is 'Prague'?

Users do choose weak passwords, but they aren't as big a problem as we think.
Users do choose weak passwords, but they aren't as big a problem as we think. This week, I spent a few days at the Cyber Security Summit Financial Services conference in Prague,… https://www.virusbulletin.com/blog/2015/04/does-it-matter-if-my-banking-password-prague/

Throwback Thursday: The Unbearable Lightness of Testing

VB gets in on the Throwback Thursday act, delving into the archives.
VB gets in on the Throwback Thursday act, delving into the archives. Over the last couple of years, the 'Throwback Thursday' trend has taken the Internet by storm, with social… https://www.virusbulletin.com/blog/2015/04/throwback-thursday-unbearable-lightness-testing/

Google 'suspends' CNNIC from Chrome's certificate store

Chinese certificate authority told to re-apply.
Chinese certificate authority told to re-apply. When a web client, such as a browser, attempts to make an HTTPS connection, it needs to know that no man-in-the-middle attack is… https://www.virusbulletin.com/blog/2015/04/google-suspends-cnnic-chrome-s-certificate-store/

Volatile Cedar campaign - cyber espionage isn't just for large nation states

Details of malware to be discussed at VB2015.
Details of malware to be discussed at VB2015. Researchers at Check Point have revealed details of a cyber-espionage campaign, dubbed 'Volatile Cedar', that has been active since at… https://www.virusbulletin.com/blog/2015/04/volatile-cedar-campaign-cyber-espionage-isn-t-just-large-nation-states/

VB2014 paper: Swipe away, we're watching you

Hong Kei Chan and Liang Huang describe the various aspects and the evolution of point-of-sale malware.
Hong Kei Chan and Liang Huang describe the various aspects and the evolution of point-of-sale malware.Since the close of the VB2014 conference in Seattle in October, we have been… https://www.virusbulletin.com/blog/2015/04/paper-swipe-away-we-re-watching-you/

Virus Bulletin announces two VB2015 keynotes

Ross Anderson and Costin Raiu to deliver keynote addresses at 25th Virus Bulletin conference.
Ross Anderson and Costin Raiu to deliver keynote addresses at 25th Virus Bulletin conference. Two days after we published the programme for VB2015, we are excited to announce that… https://www.virusbulletin.com/blog/2015/04/announces-two-keynotes/

April

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/04/

VB2015 conference programme announced

From drones to elephants: an exciting range of topics will be covered in Prague.
From drones to elephants: an exciting range of topics will be covered in Prague. In six months' time, security researchers from around the world will gather in Prague for the 25th… https://www.virusbulletin.com/blog/2015/03/conference-programme-announced/

Paper: a timeline of mobile botnets

Ruchna Nigam provides an overview of more than 60 mobile malware families.
Ruchna Nigam provides an overview of more than 60 mobile malware families. The rise of mobile malware is still a relatively recent thing, with the first actual mobile botnets not… https://www.virusbulletin.com/blog/2015/03/paper-timeline-mobile-botnets/

Paper: Dylib hijacking on OS X

Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks.
Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had… https://www.virusbulletin.com/blog/2015/03/paper-dylib-hijacking-os-x/

« Previous 1...3132333435...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.