VB Blog

VB2019 paper: Defeating APT10 compiler-level obfuscations

Posted by   Virus Bulletin on   Mar 13, 2020

At VB2019 in London, Carbon Black researcher Takahiro Haruyama presented a paper on defeating compiler-level obfuscations used by the APT10 group. Today we publish both Takahiro's paper and the recording of his presentation.

Read more  

VB2019 paper: Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers

Posted by   Virus Bulletin on   Mar 12, 2020

At VB2019 in London Michael Raggi (Proofpoint) and Ghareeb Saad (Anomali) presented a paper on the 'Royal Road' exploit builder (or weaponizer) and how the properties of RTF files can be used to track weaponizers and their users. Today we publish both their paper and the recording of their presentation.

Read more  

VB2019 presentation: Nexus between OT and IT threat intelligence

Posted by   Virus Bulletin on   Mar 11, 2020

Operational technology, the mission critical IT in ICS, shares many similarities with traditional IT systems, but also some crucial differences. During the Threat Intelligence Practitioners’ Summit at VB2019, Dragos cyber threat intelligence analyst Selena Larson gave a keynote on these similarities and differences. Today we release the recording of her presentation.

Read more  

VB2019 paper: Kimsuky group: tracking the king of the spear-phishing

Posted by   Virus Bulletin on   Mar 10, 2020

In a paper presented at VB2019 in London, researchers fron the Financial Security Institute detailed the tools and activities used by the APT group 'Kimsuky', some of which they were able to analyse through OpSec failures by the group. Today, we publish their paper.

Read more  

VB2019 paper: Play fuzzing machine - hunting iOS and macOS kernel vulnerabilities automatically and smartly

Posted by   Virus Bulletin on   Mar 9, 2020

In a paper presented at VB2019 in London, Trend Micro researchers Lilang Wu and Moony Li explained how the hunt for vulnerabilities in MacOS and iOS operating systems can be made both smarter and more automatic. Today we publish both their paper and the recording of their presentation.

Read more  

VB2019 paper: Finding drive-by rookies using an automated active observation platform

Posted by   Virus Bulletin on   Mar 6, 2020

In a last-minute paper presented at VB2019 in London, Rintaro Koike (NTT Security) and Yosuke Chubachi (Active Defense Institute, Ltd) discussed the platform they have built to automatically detect and analyse exploit kits. Today we publish the recording of their presentation.

Read more  

VB2019 paper: Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation state adversary

Posted by   Virus Bulletin on   Feb 28, 2020

The activities of China-based threat actor PKPLUG were detailed in a VB2019 paper by Palo Alto Networks researcher Alex Hinchliffe, who described the playbook of this long-standing adversary. Today we publish both Alex's paper and the recording of his presentation.

Read more  

VB2019 paper: Static analysis methods for detection of Microsoft Office exploits

Posted by   Virus Bulletin on   Feb 25, 2020

Today we publish the VB2019 paper and presentation by McAfee researcher Chintan Shah in which he described static analysis methods for the detection of Microsoft Office exploits.

Read more  

New paper: LokiBot: dissecting the C&C panel deployments

Posted by   Helen Martin on   Feb 17, 2020

First advertised as an information stealer and keylogger when it appeared in underground forums in 2015, LokiBot has added various capabilities over the years and has affected many users worldwide. In a new paper researcher Aditya Sood analyses the URL structure of the LokiBot C&C panels and how they have evolved over time.

Read more  

VB2019 presentation: Building secure sharing systems that treat humans as features not bugs

Posted by   Helen Martin on   Feb 14, 2020

In a presentation at VB2019 in London, Virtru's Andrea Limbago described how, by exploring data sharing challenges through a socio-technical lens, it is possible to make significant gains toward the secure sharing systems and processes that are vital for innovation and collaboration. Today we release the recording of her presentation.

Read more  

Search blog

Russian ATM hackers arrested

Gang used customized malware bought on hacker forum.
Gang used customized malware bought on hacker forum. Police in the Siberian city of Yakutsk have arrested a gang of hackers who had installed malware on ATMs throughout the city.… https://www.virusbulletin.com/blog/2010/12/russian-atm-hackers-arrested/

December

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2010/12/

December issue of VB published

The December issue of Virus Bulletin is now available for subscribers to download.
The December issue of Virus Bulletin is now available for subscribers to download. The December 2010 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2010/12/december-issue-vb-published/

18 months for member of m00p gang

Hacker receives prison sentence.
Hacker receives prison sentence. A Scottish man who pleaded guilty last month to 'causing unauthorized modification to the content of computers' as part of his involvement in the… https://www.virusbulletin.com/blog/2010/11/18-months-member-m00p-gang/

Survey reveals apathy surrounding anti-malware protection

Inconvenient subscription models preventing UK consumers from protecting their PCs adequately.
Inconvenient subscription models preventing UK consumers from protecting their PCs adequately. A survey conducted in the UK by security firm GFI Software has revealed that 40% of… https://www.virusbulletin.com/blog/2010/11/survey-reveals-apathy-surrounding-anti-malware-protection/

Royal engagement search results poisoned

Hackers take the shine off Royal couple's news.
Hackers take the shine off Royal couple's news. It will come as little surprise to those in the IT security industry to hear that within minutes of yesterday's announcement of the… https://www.virusbulletin.com/blog/2010/11/royal-engagement-search-results-poisoned/

Security fixes from Apple and Microsoft

100 security fixes in latest OS X update; three MS security updates in this month's patch release.
100 security fixes in latest OS X update; three MS security updates in this month's patch release. The latest release of Mac operating system OS X (Mac OS X v10.6.5) contains over… https://www.virusbulletin.com/blog/2010/11/security-fixes-apple-and-microsoft/

Site launched for anonymous sharing of information about security breaches

Verizon aims to foster cooperation and provide more readily available information for risk management.
Verizon aims to foster cooperation and provide more readily available information for risk management. It is well known in the security industry that one of the biggest barriers to… https://www.virusbulletin.com/blog/2010/11/site-launched-anonymous-sharing-information-about-security-breaches/

More than 1 million Chinese phones infected with malware

Mobile botnet sending out SMS spam.
Mobile botnet sending out SMS spam. Over one million mobile phones in China have been infected with malware and are sending out SMS spam, the Shanghai Daily reports. Masquerading… https://www.virusbulletin.com/blog/2010/11/more-1-million-chinese-phones-infected-malware/

Malicious applications target Orkut

Visitors to infected social network profiles redirected to phishing sites.
Visitors to infected social network profiles redirected to phishing sites. Users of the social networking site Orkut have found themselves targeted by malicious applications that… https://www.virusbulletin.com/blog/2010/11/malicious-applications-target-orkut/

AVG to acquire DroidSecurity

Security firm set to expand solutions to mobile devices.
Security firm set to expand solutions to mobile devices. Czech security firm AVG has announced the acquisition of Tel Aviv-based DroidSecurity, a specialist in cloud-based… https://www.virusbulletin.com/blog/2010/11/avg-acquire-droidsecurity/

Eight Zeus-related money mules arrested

Arrests in US and Moldova show that cybercriminals aren't immune to the law.
Arrests in US and Moldova show that cybercriminals aren't immune to the law. Police in the US state of Wisconsin have arrested two Moldovan citizens who they believe have worked as… https://www.virusbulletin.com/blog/2010/11/eight-zeus-related-money-mules-arrested/

TrustPort lends support to UNICEF

Season of giving comes early for Czech security firm.
Season of giving comes early for Czech security firm. Czech security firm TrustPort has made a financial donation to international children's charity UNICEF which will enable the… https://www.virusbulletin.com/blog/2010/11/trustport-lends-support-unicef/

Almost three quarters use same password for different sites

User continues to be the weakest link.
User continues to be the weakest link. 73% of computer users use the same password across multiple different accounts according to survey results released by security firm… https://www.virusbulletin.com/blog/2010/11/almost-three-quarters-use-same-password-different-sites/

AV-Test.org unveils latest results

Trend Micro achieves pass; Microsoft and McAfee fail to reach certification standards.
Trend Micro achieves pass; Microsoft and McAfee fail to reach certification standards. Independent testing body AV-Test.org has released its latest set of quarterly test results,… https://www.virusbulletin.com/blog/2010/11/av-test-org-unveils-latest-results/

Success in anti-botnet operation

VB Seminar speaker describes how m00p gang member exploited computer users.
VB Seminar speaker describes how m00p gang member exploited computer users. A Scottish man pleaded guilty last month to 'causing unauthorized modification to the content of… https://www.virusbulletin.com/blog/2010/11/success-anti-botnet-operation/

Facebook targeted by Boonana

Windows, Mac and Linux users affected by new social networking threat.
Windows, Mac and Linux users affected by new social networking threat. Another malware family has been discovered targeting popular social networking site Facebook. Boonana, which… https://www.virusbulletin.com/blog/2010/11/facebook-targeted-boonana/

Sophos joins free home AV crowd with Mac release

Business-focused firm takes first step into home-user arena.
Business-focused firm takes first step into home-user arena.Sophos has announced the release of a home-user edition of its Mac anti-malware solution, which is being given away free… https://www.virusbulletin.com/blog/2010/11/sophos-joins-free-home-av-crowd-mac-release/

November issue of VB published

The November issue of Virus Bulletin is now available for subscribers to download.
The November issue of Virus Bulletin is now available for subscribers to download. The November 2010 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2010/11/november-issue-vb-published/

November

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2010/11/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.