VB Blog

WordPress users urged to manually update to fix bug that prevents automatic updating

Posted by   Martijn Grooten on   Feb 8, 2018

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.

Read more  

New paper: A review of the evolution of Andromeda over the years

Posted by   Martijn Grooten on   Feb 7, 2018

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by Fortinet researchers Bahare Sabouri and He Xu, we look back at the evolution of Andromeda from version 2.06 to 2.10 and demonstrate both how it improved its loader to evade automatic analysis/detection and how the payload varied among the different versions.

Read more  

There is no evidence in-the-wild malware is using Meltdown or Spectre

Posted by   Martijn Grooten on   Feb 2, 2018

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.

Read more  

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

Posted by   Martijn Grooten on   Feb 1, 2018

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.

Read more  

First time speaker? Don't be afraid of submitting to the VB2018 CFP

Posted by   Martijn Grooten on   Jan 31, 2018

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others have been working on.

Read more  

VB2017 paper: VirusTotal tips, tricks and myths

Posted by   Martijn Grooten on   Jan 25, 2018

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.

Read more  

Healthcare CERTs highlight the need for security guidance for specific sectors

Posted by   Martijn Grooten on   Jan 24, 2018

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.

Read more  

VB2018 call for papers now open!

Posted by   Martijn Grooten on   Jan 23, 2018

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!

Read more  

Book review: Serious Cryptography

Posted by   Martijn Grooten on   Jan 22, 2018

VB Editor Martijn Grooten recommends Jean-Philippe Aumasson's 'Serious Cryptography' as a very solid but practically focused introduction to cryptography.

Read more  

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

Posted by   Martijn Grooten on   Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Read more  

Search blog

VB2013 speaker spotlight

We speak to VB2013 presenters Ilya Rabinovich and Randy Abrams about their research, Windows 8 security, and what they aim to bring to VB2013.
We speak to VB2013 presenters Ilya Rabinovich and Randy Abrams about their research, Windows 8 security, and what they aim to bring to VB2013. The VB2013 conference takes place… https://www.virusbulletin.com/blog/2013/08/speaker-spotlight-rabinovich-abrams/

Are Gmail's new advertisements in breach of CAN-SPAM?

Marketers upset about 'emails' that you can't unsubscribe from.
Marketers upset about 'emails' that you can't unsubscribe from. A debate is happening among (anti-)spam experts on whether Gmail's new way of displaying advertisements is in breach… https://www.virusbulletin.com/blog/2013/08/are-gmail-s-new-advertisements-breach-can-spam/

Thousands of websites affected by nameserver hijack redirecting visitors to malware

DNS caching causes attack to have a long tail.
DNS caching causes attack to have a long tail. Yesterday, visitors to thousands of Dutch websites were served an 'under construction' page that, through a hidden iframe, was… https://www.virusbulletin.com/blog/2013/08/thousands-websites-affected-nameserver-hijack-redirecting-visitors-malware/

Firefox 17 zero-day exploit targets users of Tor network

Visitors to child abuse websites likely target of operation, but will there be collateral damage?
Visitors to child abuse websites likely target of operation, but will there be collateral damage? A zero-day exploit in Firefox 17 that was probably used to track the visitors to… https://www.virusbulletin.com/blog/2013/08/firefox-17-zero-day-exploit-targets-users-tor-network/

There is no 'I know what I am doing' trump card in security

NSA activities could make millions avoid US-based services.
NSA activities could make millions avoid US-based services. We have all been there. To continue the product you're working on, you need to get some extra permission: a port needs… https://www.virusbulletin.com/blog/2013/08/there-no-i-know-what-i-am-doing-trump-card-security/

VB2013 speaker spotlight

We speak to VB2013 presenters Mark Kennedy and Igor Muttik about their research interests and what they aim to bring to VB2013.
We speak to VB2013 presenters Mark Kennedy and Igor Muttik about their research interests and what they aim to bring to VB2013. The VB2013 conference takes place this autumn (2-4… https://www.virusbulletin.com/blog/2013/08/speaker-spotlight-kennedy-muttik/

August

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2013/08/

August issue of VB published

The August issue of Virus Bulletin is now available for subscribers to download.
The August issue of Virus Bulletin is now available for subscribers to download. The August 2013 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2013/08/august-issue-vb-published/

VB2013 speaker spotlight

We speak to VB2013 presenters Axelle Apvrille and Karine de Pontevès about their research interests and what they aim to bring to VB2013.
We speak to VB2013 presenters Axelle Apvrille and Karine de Pontevès about their research interests and what they aim to bring to VB2013. The VB2013 conference takes place this… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-apvrille-de-ponteves/

Is publishing your employees' email addresses such a big deal?

Beware of a false sense of security.
Beware of a false sense of security. Security blogger Graham Cluley points to hypocrisy in a KPMG press release in which it criticises FTSE 350 companies for 'leaking data that can… https://www.virusbulletin.com/blog/2013/07/publishing-your-employees-email-addresses-such-big-deal/

VB2013 speaker spotlight

We speak to VB2013 presenters Carsten Willems and Ralf Hund about their research interests and what they aim to bring to VB2013.
We speak to VB2013 presenters Carsten Willems and Ralf Hund about their research interests and what they aim to bring to VB2013. The VB2013 conference takes place this autumn (2-4… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-willems-hund/

VB2013 speaker spotlight

We speak to James Wyke about his research interests and what he aims to bring to VB2013.
We speak to James Wyke about his research interests and what he aims to bring to VB2013.The VB2013 conference takes place this autumn (2-4 October) in Berlin, with an exciting… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-wyke/

IETF discusses deprecation of IPv6 fragmentation

Little-used feature could have unintended security consequences.
Little-used feature could have unintended security consequences. As the Internet is (very) slowly migrating towards IPv6, researchers are reconsidering a little-used feature that… https://www.virusbulletin.com/blog/2013/07/ietf-discusses-deprecation-ipv6-fragmentation/

VB2013 speaker spotlight

We speak to VB2013 presenter Samir Mody about his research interests and what he aims to bring to VB2013.
We speak to VB2013 presenter Samir Mody about his research interests and what he aims to bring to VB2013. The VB2013 conference takes place this autumn (2-4 October) in Berlin,… https://www.virusbulletin.com/blog/2013/07/speaker-spotlight-mody/

July issue of VB published

The July issue of Virus Bulletin is now available for subscribers to download.
The July issue of Virus Bulletin is now available for subscribers to download. The July 2013 issue of Virus Bulletin is now available for subscribers to browse online or download… https://www.virusbulletin.com/blog/2013/07/july-issue-vb-published/

July

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2013/07/

VB2013 speaker spotlight

We speak to VB2013 presenter Andreas Lindh about his research interests and what he aims to bring to VB2013.
We speak to VB2013 presenter Andreas Lindh about his research interests and what he aims to bring to VB2013.The VB2013 conference takes place this autumn (2-4 October) in Berlin,… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-lindh/

Compromised Yahoo! accounts continue to spread Android malware

Problem likely to be on Yahoo!'s side.
Problem likely to be on Yahoo!'s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the… https://www.virusbulletin.com/blog/2013/06/compromised-yahoo-accounts-continue-spread-android-malware/

VB2013 speaker spotlight

We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn… https://www.virusbulletin.com/blog/2013/06/speaker-spotlight-harley-myers/

Facebook temporarily blocks access from Tor

Malicious activity triggered automatic lockdown.
Malicious activity triggered automatic lockdown. A 'high volume of malicious activity across Tor exit nodes' is believed to have been the reason why Facebook temporarily blocked… https://www.virusbulletin.com/blog/2013/06/facebook-temporarily-blocks-access-tor/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.