VB Blog

Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

Posted by   Martijn Grooten on   Apr 26, 2016

The current ransomware plague is one of the worst threats the Internet has seen and it is unlikely to go away any time soon. But telling people to never pay the ransom is unhelpful advice.

Read more  

VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

Posted by   Martijn Grooten on   Apr 22, 2016

In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework.

Read more  

VB2016 programme announced, registration opened

Posted by   Martijn Grooten on   Apr 21, 2016

We have announced 37 papers (and four reserve papers) that will be presented at VB2016 in Denver, Colorado, USA in October. Registration for the conference has opened; make sure you register before 1 July to benefit from a 10% early bird discount.

Read more  

New tool helps ransomware victims indentify the malware family

Posted by   Martijn Grooten on   Apr 15, 2016

The people behind the MalwareHunterTeam have released a tool that helps victims of ransomware identify which of more than 50 families has infected their system, something which could help them find a tool to decrypt their files.

Read more  

It's fine for vulnerabilities to have names — we just need not to take them too seriously

Posted by   Martijn Grooten on   Apr 13, 2016

The PR campaign around the Badlock vulnerability backfired when it turned out that the vulnerability wasn't as serious as had been suggested. But naming vulnerabilities can actually be helpful and certainly shouldn't hurt.

Read more  

Throwback Thursday: The Number of the Beasts

Posted by   Helen Martin on   Apr 7, 2016

The Virus Bulletin Virus Prevalence Table, which ran from 1992 until 2013, gave users a regular snapshot of what was really going on in the virus (and later malware) world, recording the number of incidents of each virus reported to VB in the preceding month. In August 2000, Denis Zenkin, a self-confessed virus prevalence table junkie, shared his findings following a study of the virus prevalence tables over the preceding few years, allowing him to determine the top ten viruses of the period, the top viruses by type and the viruses of the year.

Read more  

Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

Posted by   Martijn Grooten on   Mar 30, 2016

Security researcher Andreas Lindh recently found a vulnerability in Apache OpenMeetings that could allow remote code execution on a vulnerable server. Andreas reported the vulnerability to the OpenMeetings developers and, once it had been patched, he wrote up the details.

Read more  

Throwback Thursday: 'In the Beginning was the Word...'

Posted by   Helen Martin on   Mar 24, 2016

Word and Excel’s internal file formats used to be something in which few were interested – until macro viruses came along and changed all that. In 1996, Andrew Krukov provided an overview of the new breed of viruses.

Read more  

VB2016 Call for Papers Deadline

Posted by   Martijn Grooten on   Mar 18, 2016

You have until the early hours (GMT) of Monday 21 March to submit an abstract for VB2016! The VB2016 programme will be announced in the first week of April.

Read more  

How broken is SHA-1 really?

Posted by   Martijn Grooten on   Mar 15, 2016

SHA-1 collisions may be found in the next few months, but that doesn't mean that fake SHA-1-based certificates will be created in the near future. Nevertheless, it is time for everyone, and those working in security in particular, to move away from outdated hash functions.

Read more  
Previous1...4445464748...215Next

Search blog

VB2014 paper: Duping the machine - malware strategies, post sandbox detection

James Wyke looks at malware that takes extra steps to frustrate researchers.
James Wyke looks at malware that takes extra steps to frustrate researchers.Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference… https://www.virusbulletin.com/blog/2015/01/paper-duping-machine-malware-strategies-post-sandbox-detection/

Microsoft no longer publishes advance notifications for its Patch Tuesdays

Company unhappy with Google going full disclosure on privilege escalation vulnerability.
Company unhappy with Google going full disclosure on privilege escalation vulnerability. Tomorrow is the second Tuesday of the month and, as most people reading this blog will… https://www.virusbulletin.com/blog/2015/01/microsoft-no-longer-publishes-advance-notifications-its-patch-tuesdays/

VB2014 Paper: Attack surface analysis of Tizen devices

Irfan Asrar looks at the security of the operating system used in many IoT devices.
Irfan Asrar looks at the security of the operating system used in many IoT devices.Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014… https://www.virusbulletin.com/blog/2015/01/paper-attack-surface-analysis-tizen-devices/

VB2014 paper: Unveiling the kernel: rootkit discovery using selective automated kernel memory differencing

Ahmed Zaki and Benjamin Humphrey describe a system they built for the automated detection of rootkit behaviour.
Ahmed Zaki and Benjamin Humphrey describe a system they built for the automated detection of rootkit behaviour.Since the close of the VB2014 conference in Seattle in October, we… https://www.virusbulletin.com/blog/2015/01/paper-unveiling-kernel-rootkit-discovery-using-selective-automated-kernel-memory-differencing/

New VB100 and VBSpam test results published

See which anti-malware and anti-spam solutions achieved certification.
See which anti-malware and anti-spam solutions achieved certification. Shortly before the Christmas holidays, we published a new VB100 anti-malware test report as well as a new… https://www.virusbulletin.com/blog/2015/01/new-and-vbspam-test-results-published/

Virus Bulletin wishes you a great 2015

See you in Prague - and on the Internet!
See you in Prague - and on the Internet! 2014 was an exciting year for Virus Bulletin: we made all of our content free, ran a successful and well-attended conference in Seattle,… https://www.virusbulletin.com/blog/2015/01/wishes-you-great-2015/

January

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2015/01/

2015

Latest news from the anti-virus industry provided by independent anti-virus advisors, Virus Bulletin
NewsCall for Papers: VB2016 DenverVB seeks submissions for the 26th Virus Bulletin Conference. 22 December 2015VB2015 video: Making a dent in Russian mobile banking… https://www.virusbulletin.com/blog/2015/

Conference review: Botconf 2014

Second edition of 'botnet fighting conference' another great success.
Second edition of 'botnet fighting conference' another great success. I had been looking forward to the second edition of the Botconf conference ever since I came back from the… https://www.virusbulletin.com/blog/2014/12/conference-review-botconf-2014/

Call for Papers: VB2015 Prague

VB seeks submissions for the 25th Virus Bulletin Conference.
VB seeks submissions for the 25th Virus Bulletin Conference.Virus Bulletin is seeking submissions from those wishing to present papers at VB2015, which will take place 30 September… https://www.virusbulletin.com/blog/2014/12/call-papers-prague/

Book review: Countdown to Zero Day

Kim Zetter's book on Stuxnet is a must-read for anyone interested in malware - or in 21st century geopolitics.
Kim Zetter's book on Stuxnet is a must-read for anyone interested in malware - or in 21st century geopolitics. There is a tendency among the media to call every hack 'advanced', to… https://www.virusbulletin.com/blog/2014/12/book-review-countdown-zero-day/

Virus Bulletin announces platinum sponsors for VB2015

More sponsorship opportunities available.
More sponsorship opportunities available. While the opening of VB2015 in Prague is still more than nine months away, we have already started with the preparations for what will be… https://www.virusbulletin.com/blog/2014/12/announces-platinum-sponsors/

VB2014 paper: Smart home appliance security and malware

Jeongwook Oh demonstrates how to hack a Samsung smart TV.
Jeongwook Oh demonstrates how to hack a Samsung smart TV.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/12/paper-smart-home-appliance-security-and-malware/

Virus Bulletin is hiring

VB seeks a Perl Developer / Security Engineer.
VB seeks a Perl Developer / Security Engineer. 2014 has been an exciting year for Virus Bulletin: we went through some personnel changes, made all of our content freely available,… https://www.virusbulletin.com/blog/2014/12/hiring/

December

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/12/

Conference report: VB2014

The biggest and broadest ranging Virus Bulletin conference ever was a great success.
The biggest and broadest ranging Virus Bulletin conference ever was a great success. There is a Dutch expression that says that you shouldn't trust a butcher who judges his own… https://www.virusbulletin.com/blog/2014/11/conference-report/

VB2014 paper: Labelling spam through the analysis of protocol patterns

What do your IP packet sizes say about whether you're a spammer?
What do your IP packet sizes say about whether you're a spammer?Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the… https://www.virusbulletin.com/blog/2014/11/paper-labelling-spam-through-analysis-protocol-patterns/

Detekt tool searches PCs for traces of surveillance spyware

Second opinion essential in circumstances under which likely victims operate.
Second opinion essential in circumstances under which likely victims operate. Last week, the release of the free 'Detekt' tool was announced. Developed by Claudio Guarnieri and… https://www.virusbulletin.com/blog/2014/11/detekt-tool-searches-pcs-traces-surveillance-spyware/

Multi-staged, modular Regin tool enables stealthy surveillance

Nation state likely behind campaign that goes back many years.
Nation state likely behind campaign that goes back many years. Few terms are misused in a security context as often as the term 'advanced', perhaps in part because the industry… https://www.virusbulletin.com/blog/2014/11/multi-staged-modular-regin-tool-enables-stealthy-surveillance/

VB2014 paper: Sweeping the IP space: the hunt for evil on the Internet

Dhia Mahjoub explains how the topology of the AS graph can be used to uncover hotspots of maliciousness.
Dhia Mahjoub explains how the topology of the AS graph can be used to uncover hotspots of maliciousness.Over the next few months, we will be sharing VB2014 conference papers as… https://www.virusbulletin.com/blog/2014/11/paper-sweeping-ip-space-hunt-evil-internet/

« Previous 1...3435363738...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.