VB Blog

DMARC: an imperfect solution that can make a big difference

Posted by Martijn Grooten on Jul 24, 2017

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.

Posted by Martijn Grooten on Jul 20, 2017

Unsurprisingly given today's threat landscape, the VB2017 programme contains several talks on various advanced persistent threats - but also a talk on what may be the polar opposite of such threats: an inept persistent threat.

Posted by Martijn Grooten on Jul 18, 2017

Password security advice focuses too much on password strength and too little on avoiding password reuse, Martijn Grooten argues.

Posted by Martijn Grooten on Jul 17, 2017

Though the location will remain a secret for a few more months, we are pleased to announce the dates for VB2018, the 28th Virus Bulletin International Conference.

Posted by Martijn Grooten on Jul 10, 2017

The second edition of BSides Athens saw a great and varied programme presented in the Greek capital. VB's Martijn Grooten was pleased to attend.

Posted by Martijn Grooten on Jul 7, 2017

Spreading 'FUD' in the wake of cyber-attacks is never a good idea. But it's even worse when this might be one of the attackers' implicit goals.

Posted by Martijn Grooten on Jul 7, 2017

For the third year in a row, we have set aside a limited number of student tickets for the Virus Bulletin conference, to allow 'next-generation' security researchers to experience one of the most important gatherings of security researchers around the world.

Posted by Martijn Grooten on Jul 4, 2017

Virus Bulletin has opened nominations for the fourth annual Péter Szőr Award, for the best piece of technical security research published between 1 July 2016 and 30 June 2017.

Posted by Martijn Grooten on Jul 3, 2017

According to some researchers, there is some evidence linking the recent (Not)Petya attacks with the BlackEnergy group - which became infamous for its targeted attacks against the Ukraine. At VB2016, ESET researchers Anton Cherepanov and Robert Lipovsky spoke about BlackEnergy, providing an overview of the group's attacks. Today, we publish their paper.

Posted by Martijn Grooten on Jun 30, 2017

As WannaCry and (Not)Petya have shown, malware attacks can do a lot of damage. So is staying safe just a case of following good security advice?

Previous1...3334353637...215Next

Search blog

Phishers phishing phishers' phishes

Scam software secretly sending stolen data to creators.
Scam software secretly sending stolen data to creators.Phishing researchers have uncovered code buried in phishing software kits, sold by developers to less technically aware… https://www.virusbulletin.com/blog/2008/02/phishers-phishing-phishers-phishes/

M&S joins high-street AV retail crowd

Upmarket store to match rivals in security software selling.
Upmarket store to match rivals in security software selling. Leading UK retailer Marks & Spencer (M&S) has joined fellow high-street chain Woolworths and supermarket leviathan… https://www.virusbulletin.com/blog/2008/02/m-amp-s-joins-high-street-av-retail-crowd/

Bumper Patch Tuesday short of one patch

Excel remains vulnerable as expected fix is dropped.
Excel remains vulnerable as expected fix is dropped.Microsoft has issued its monthly 'Patch Tuesday' set of security updates, with a larger than usual crop of patches for a variety… https://www.virusbulletin.com/blog/2008/02/bumper-patch-tuesday-short-one-patch/

Trend vs. ClamAV patent row hots up

Free software advocates call for boycott of Trend.
Free software advocates call for boycott of Trend. With legal proceedings ongoing between Trend Micro and gateway appliance specialist Barracuda Networks, concerning Barracuda's… https://www.virusbulletin.com/blog/2008/02/trend-vs-clamav-patent-row-hots/

Over 1 per cent of search results include malicious sites

Google research paper confirms significant increase in number of malware-serving websites.
Google research paper confirms significant increase in number of malware-serving websites. Recent reports of increasing numbers of websites serving malicious content have been… https://www.virusbulletin.com/blog/2008/02/over-1-cent-search-results-include-malicious-sites/

Storm Valentines run under way

Seasonal spam and malware barrage gets going.
Seasonal spam and malware barrage gets going. The expected run of 'Storm' spams, pushing links to their latest line of malware disguised as Valentine's messages, has begun, with… https://www.virusbulletin.com/blog/2008/02/storm-valentines-run-under-way/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Live Mail CAPTCHA system bypassed

Spammers use botnet to register accounts on popular free webmail service.
Spammers use botnet to register accounts on popular free webmail service.Spammers have written a program that cracks the CAPTCHAS used by the Windows Live Mail registration system.… https://www.virusbulletin.com/blog/2008/02/live-mail-captcha-system-bypassed/

Complex attack targets Better Business Bureau

Sophisticated scam uses personalised mails, real site redirects.
Sophisticated scam uses personalised mails, real site redirects. A highly sophisticated email phishing scam is using a redirection flaw in the website of the Better Business Bureau… https://www.virusbulletin.com/blog/2008/02/complex-attack-targets-better-business-bureau/

Yahoo! jukebox flaw exploits in wild

Zero day vulnerability in music system rapidly targeted.
Zero day vulnerability in music system rapidly targeted.Vulnerabilities in Yahoo! Jukebox, a free music-management system provided by Yahoo!, have been exploited by in-the-wild… https://www.virusbulletin.com/blog/2008/02/yahoo-jukebox-flaw-exploits-wild/

FTC fines spammers over $2.5 million

Drug pushers busted for phony claims and CAN-SPAM breaches.
Drug pushers busted for phony claims and CAN-SPAM breaches. After a successful case brought by the US Federal Trade Commission (FTC), a pharmaceuticals firm and its head have been… https://www.virusbulletin.com/blog/2008/02/ftc-fines-spammers-over-2-5-million/

419 scammers plead guilty in US

African trio admit attempts to defraud via spam.
African trio admit attempts to defraud via spam. Three men, two from Nigeria and a third from Senegal, entered guilty pleas in a Brooklyn, New York, courtroom last week after being… https://www.virusbulletin.com/blog/2008/02/419-scammers-plead-guilty-us/

Fake security blogs lead to malware

Blogger sites play on fears to draw victims to porn, trojans.
Blogger sites play on fears to draw victims to porn, trojans. According to a report from Aladdin, numerous fake security blogs have been set up on the Google-owned Blogger blogging… https://www.virusbulletin.com/blog/2008/02/fake-security-blogs-lead-malware/

New security software testing standards body formed

AMTSO to promote cross-industry debate and higher standards in testing.
AMTSO to promote cross-industry debate and higher standards in testing. A collaborative group from across the security industry has officially been founded this week, aiming to… https://www.virusbulletin.com/blog/2008/02/new-security-software-testing-standards-body-formed/

February

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2008/02/

February issue of VB published

The February issue of Virus Bulletin is now available for subscribers to download.
The February issue of Virus Bulletin is now available for subscribers to download. The February 2008 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2008/02/february-issue-vb-published/

Barracuda battles Trend Micro patent claims

Trend demands licensing for gateway virus scanning idea.
Trend demands licensing for gateway virus scanning idea.Barracuda Networks has announced it is fighting a legal battle against Trend Micro, who has claimed US patent rights to the… https://www.virusbulletin.com/blog/2008/01/barracuda-battles-trend-micro-patent-claims/

First virus-writing arrests in Japan

Winny worm authors brought to book - for copyright violation.
Winny worm authors brought to book - for copyright violation. Japan has seen its first ever arrests of virus writers, with three men taken into custody in Kyoto last week and… https://www.virusbulletin.com/blog/2008/01/first-virus-writing-arrests-japan/

Ledger poisons Google

Actor's death exploited by malware writers to infect computers.
Actor's death exploited by malware writers to infect computers. The death of actor Heath Ledger on Tuesday had barely been confirmed a few hours when malicious websites started… https://www.virusbulletin.com/blog/2008/01/ledger-poisons-google/

Polyglot worm spreads through MSN

Worm changes language to target wide audience.
Worm changes language to target wide audience. A new worm has been discovered that spreads through MSN Messenger. Once active, the worm opens random TCP ports to connect to an IRC… https://www.virusbulletin.com/blog/2008/01/polyglot-worm-spreads-through-msn/

« Previous 1...7172737475...120 Next »