VB Blog

VB2018 paper: Little Brother is watching – we know all your secrets!

Posted by Martijn Grooten on Feb 1, 2019

At VB2018 in Montreal, researchers from Fraunhofer SIT looked at privacy vulnerabilities in legitimate Android family-tracking apps that leaked location data. Today, we publish both their paper and the video of their presentation.

Posted by Martijn Grooten on Jan 29, 2019

Threat intelligence teams would do well to recruit journalists, whose experience is crucial in today's threat landscape.

Posted by Martijn Grooten on Jan 28, 2019

Using data from our VBSpam lab, we looked at the malicious emails that have been missed recently by a large number of email security products.

Posted by Martijn Grooten on Jan 25, 2019

The Formbook information-stealing trojan may not be APT-grade malware, but its continuing spread means it can still be effective. At VB2018 in Montreal, Gabriela Nicolao, a researcher from Deloitte in Argentina, presented a short paper in which she looked at Formbook's background and history and analysed a sample of the malware. Today, we publish Gabriela's paper.

Posted by Martijn Grooten on Jan 24, 2019

With the VB2019 Call for Papers having opened last week, we explain how the selection procedure works, which may help you during your abstract submission.

Posted by Martijn Grooten on Jan 18, 2019

Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.

Posted by Martijn Grooten on Jan 17, 2019

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Worryingly, it is often the emails with a malicious attachment or a phishing link that are most likely to be missed.

Posted by Helen Martin on Jan 17, 2019

Mydoom turns 15 this month, and is still being seen in email attachments. This Throwback Thursday we look back to March 2004, when Gabor Szappanos tracked the rise of W32/Mydoom.

Posted by Martijn Grooten on Jan 15, 2019

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2019 is now open and we want to hear from you!

Posted by Martijn Grooten on Jan 14, 2019

Today, we publish a VB2018 paper by Google researcher Maddie Stone in which she looks at one of the most interesting anti-analysis native libraries in the Android ecosystem. We also release the recording of Maddie's presentation.

Previous1...1314151617...215Next

Search blog

VB tests the web security products that play an important role in fending off web-based threats

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.
The web continues to be a major infection vector for individuals and organisations alike. Though the number of drive-by download attacks (often through exploit kits) is down from… https://www.virusbulletin.com/blog/2019/10/vb-tests-web-security-products-play-important-role-fending-web-based-threats/

VB2019 papers: Emotet and Ryuk

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.
Shinigami’s revenge: the long tail of the Ryuk malware Read the paper (HTML) Download the paper (PDF) Exploring Emotet, an elaborate everyday enigma Read the paper… https://www.virusbulletin.com/blog/2019/10/vb2019-papers-emotet-and-ryuk/

Responsible madness?

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to han…
The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all… https://www.virusbulletin.com/blog/2019/10/responsible-madness/

VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botn…
Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error Read the paper (HTML) Download the paper (PDF) OpSec mistakes… https://www.virusbulletin.com/blog/2019/10/vb2019-paper-geost-botnet-story-discovery-new-android-banking-trojan-opsec-error/

Analysis of malware responsible for sextortion spam that mines for Monero on the side

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.
Reason Cybersecurity was one of the Platinum partners of VB2019. After a guest blog post published earlier this month, their researchers have written an analysis of malware they… https://www.virusbulletin.com/blog/2019/10/analysis-malware-responsible-sextortion-spam-mines-monero-side/

Guest blog: Threat intelligence – a unifying force of the future

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.
In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence. The advent of the Internet and Internet-enabled technologies… https://www.virusbulletin.com/blog/2019/10/guest-blog-threat-intelligence-unifying-force-future/

October

https://www.virusbulletin.com/blog/2019/10/

Guest blog: Why we should be paying more attention to Linux threats

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.
In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying more attention to Linux threats. In a previous blog post written for the Retail and… https://www.virusbulletin.com/blog/2019/09/guest-blog-why-we-should-be-paying-more-attention-linux-threats/

New Emotet spam campaign continues to bypass email security products

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.
Following the resumption of activity by Emotet's C&C servers in August, it was only a matter of time before the botnet started sending out spam again. This did indeed happen on… https://www.virusbulletin.com/blog/2019/09/new-emotet-spam-campaign-continues-bypass-email-security-products/

Book review: Cyberdanger: Understanding and Guarding Against Cybercrime

Security researcher Paul Baccas reviews Eddy Willems' book 'Cyberdanger'.
Security researcher Paul Baccas reviews 'Cyberdanger: Understanding and Guarding Against Cybercrime' by Eddy Willems Title: Cyberdanger: Understanding and… https://www.virusbulletin.com/blog/2019/09/book-review-cyberdanger-understanding-and-guarding-against-cybercrime/

Programme for VB2019 Threat Intelligence Practitioners' Summit announced

In the mini-summit, which forms part of VB2019 (the 29th Virus Bulletin International Conference), eight sessions will focus on all aspects of threat intelligence collecting, using and sharing.
In its almost 30-year history, the Virus Bulletin Conference has evolved to become perhaps the most international threat intelligence event of the year. This is yet again… https://www.virusbulletin.com/blog/2019/09/programme-vb2019-threat-intelligence-practitioners-summit-announced/

Guest blog: TotalAV uncovers the world’s first ransomware

In a guest blog post by VB2019 Silver partner TotalAV, Matthew Curd, the software’s Technical Expert, considers the changes in the cybersecurity landscape.
In a guest blog post by VB2019 Silver partner TotalAV, Matthew Curd, the software’s Technical Expert, considers the changes in the cybersecurity landscape. Rediscovered in an… https://www.virusbulletin.com/blog/2019/09/guest-blog-totalav-uncovers-worlds-first-ransomware/

VB2019 preview: Small Talks

We preview the five Small Talks on the VB2019 programme in which important topics are discussed in a less formal atmosphere.
Those who attend security conferences know the importance of 'hallcon': the conversations that take place in the corridors in between sessions or sometimes between people who have… https://www.virusbulletin.com/blog/2019/09/vb2019-preview-small-talks/

Guest blog: Targeted attacks with public tools

Over the last few years SE Labs has tested more than 50 different security products against over 5,000 targeted attacks. In this guest blog post Stefan Dumitrascu, Chief Technical Officer at SE Labs, looks at the different attack tools available, how effe…
Over the last few years, SE Labs has tested more than 50 different security products against over 5,000 targeted attacks. In this guest blog post Stefan Dumitrascu, Chief… https://www.virusbulletin.com/blog/2019/09/guest-blog-targeted-attacks-public-tools/

September

https://www.virusbulletin.com/blog/2019/09/

VB2019 preview: Problem child: common patterns in malicious parent-child relationships

We preview the VB2019 paper by Endgame researcher Bobby Filar, who created a graph-based framework designed to detect malicious use of legitimate binaries through parent-child relationships.
Living-off-the-land binaries, often referred to as LOLbins, are legitimate (Windows) binaries used for malicious purposes. Their use has increased in malware campaigns in recent… https://www.virusbulletin.com/blog/2019/09/vb2019-preview-problem-child-common-patterns-malicious-parent-child-relationships/

VB2019 preview: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

We preview the VB2019 paper by RiskIQ researcher Yonathan Klijnsma on the Magecart web skimming attacks.
Half a decade ago, breaches of point-of-sale (POS) systems were a real plague, especially in North America, with the 2013 Target breach perhaps the best known example. Though… https://www.virusbulletin.com/blog/2019/08/vb2019-preview-inside-magecart-history-behind-covert-card-skimming-assault-e-commerce-industry/

VB2019 call for last-minute papers closes on Sunday (1 Sept)

Your last chance to get a speaking slot on the VB2019 programme with a talk on hot research!
The majority of the VB2019 programme was announced in April, and though we like to see VB as a conference that looks beyond the hype, we are more than a little proud that several… https://www.virusbulletin.com/blog/2019/08/vb2019-call-last-minute-papers-closes-sunday-1st-sept/

21 organisations partner with VB2019

Record number of partner organisations for the Virus Bulletin Conference reflects very broad and international event.
Three months after we announced the first 14 partners and supporting organisations for VB2019, the 29th Virus Bulletin Conference, seven more organisations have signed up to… https://www.virusbulletin.com/blog/2019/08/21-organisations-partner-vb2019/

VB2019 preview: Exploring Emotet, an elaborate everyday enigma

We preview the VB2019 paper by Sophos researcher Luca Nagy, who dives deeply into the notorious Emotet malware.
Active since 2014, initially as a banking trojan, Emotet has been a plague on the Internet in recent years. Emotet's core strength is its ability to download other malware, thus… https://www.virusbulletin.com/blog/2019/08/vb2019-preview-exploring-emotet-elaborate-everyday-enigma/

« Previous 1...56789...120 Next »