VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by   Martijn Grooten on   Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Read more  

Virus Bulletin to attend AMTSO, AVAR and Botconf

Posted by   Martijn Grooten on   Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Read more  

VB2017 video: FinFisher: New techniques and infection vectors revealed

Posted by   Martijn Grooten on   Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Read more  

Throwback Thursday: The beginning of the end(point): where we are now and where we'll be in five years

Posted by   Martijn Grooten on   Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Read more  

VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale

Posted by   Martijn Grooten on   Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Read more  

Firefox 59 to make it a lot harder to use data URIs in phishing attacks

Posted by   Martijn Grooten on   Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Read more  

Standalone product test: FireEye Endpoint

Posted by   Martijn Grooten on   Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Read more  

VB2017 video: Consequences of bad security in health care

Posted by   Martijn Grooten on   Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Read more  

Vulnerabilities play only a tiny role in the security risks that come with mobile phones

Posted by   Martijn Grooten on   Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Read more  

VB2017 paper: The (testing) world turned upside down

Posted by   Martijn Grooten on   Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Read more  
Previous1...2728293031...215Next

Search blog

VB2019 preview: A study of Machete cyber espionage operations in Latin America

Researchers from the Czech Technical University in Prague will present a very comprehensive overview of the Machete APT group.
The US government considers China, Russia, Iran and North Korea to be the most prominent nation-state actors in cyber space. Apart from conveniently ignoring activities by the US… https://www.virusbulletin.com/blog/2019/08/vb2019-preview-study-machete-cyber-espionage-operations-latin-america/

AfricaHackon 2019: a great event and a reminder that security is global

Last week, VB Editor Martijn Grooten travelled to the Kenyan capital Nairobi to speak at the 6th edition of the AfricaHackon event.
It was a few years ago that I first learned of AfricaHackon, Africa's premier IT security conference. It led me to invite Tyrus Kamau, one of the event's organisers, to speak at… https://www.virusbulletin.com/blog/2019/08/africahackon-2019-reminder-security-global/

August

https://www.virusbulletin.com/blog/2019/08/

Virus Bulletin researcher discovers new Lord exploit kit

Still in-development kit thus far only targets Flash Player vulnerabilities
The number of active exploit kits is very small: the recently published summer 2019 edition of Malwarebytes' quarterly round-up lists the seven then known active exploit kits. To… https://www.virusbulletin.com/blog/2019/08/virus-bulletin-researcher-discovers-new-lord-exploit-kit/

VB2019 call for last-minute papers opened

The call for last-minute papers for VB2019 is now open. Submit before 1 September to have your abstract considered for one of the nine slots reserved for 'hot' research.
Virus Bulletin has opened the call for last-minute papers for VB2019.  The VB2019 programme already boasts some 40 talks that were announced more than three months ago. Though… https://www.virusbulletin.com/blog/2019/07/vb2019-call-last-minute-papers-opened/

July

https://www.virusbulletin.com/blog/2019/07/

Nominations opened for sixth Péter Szőr Award

Virus Bulletin is seeking nominations for the sixth annual Péter Szőr Award.
Virus Bulletin is seeking nominations for the sixth annual Péter Szőr Award. The award was inaugurated during the VB2014 conference, in honour of late security researcher and… https://www.virusbulletin.com/blog/2019/07/nominations-opened-sixth-peter-szor-award/

Haroon Meer and Adrian Sanabria to deliver VB2019 closing keynote

New additions to the VB2019 conference programme include a closing keynote address from Thinkst duo Haroon Meer and Adrian Sanabria and a talk on attacks against payment systems.
We are very excited to announce that the closing keynote for VB2019 will be delivered by Haroon Meer and Adrian Sanabria of Thinkst, the company that was founded by Haroon and… https://www.virusbulletin.com/blog/2019/06/haroon-meer-and-adrian-sanabria-deliver-vb2019-closing-keynote/

Free VB2019 tickets for students

Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we are able to offer 20 free tickets to students who want to attend VB2019.
Update 02 August 2019: Applications for free student tickets have now closed. Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we… https://www.virusbulletin.com/blog/2019/06/free-vb2019-tickets-students/

June

https://www.virusbulletin.com/blog/2019/06/

VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups seen in recent years. At VB2018 ESET researchers Peter Kálnai and Michal Poslušný presented a paper looking at the group's various campaigns. To…
Lazarus Group: a mahjong game played with different sets of tiles Read the paper (HTML) Download the paper (PDF)       At VB2019 in London, Peter and Michal will… https://www.virusbulletin.com/blog/2019/06/vb2018-paper-lazarus-group-mahjong-game-played-different-sets-tiles/

Book your VB2019 ticket now for a chance to win a ticket for BSides London

Virus Bulletin is proud to sponsor this year's BSides London conference, which will take place next week, and we have a number of tickets to give away.
At Virus Bulletin, we have a particular fondness for the BSides community events, half a dozen of which we have attended in various locations around the world. And because our own… https://www.virusbulletin.com/blog/2019/05/book-your-vb2019-ticket-now-chance-win-ticket-bsides-london/

May

https://www.virusbulletin.com/blog/2019/05/

First 11 partners of VB2019 announced

We are excited to announce the first 11 companies to partner with VB2019, whose support will help ensure a great event.
The Virus Bulletin Conference is all about bringing the security community together to share intelligence and move the industry forward, but we wouldn't be able to do any of this… https://www.virusbulletin.com/blog/2019/05/first-11-vb2019-partners-announced/

Paper: Alternative communication channel over NTP

In a new paper published today, independent researcher Nikolaos Tsapakis writes about the possibilities of malware using NTP as a covert communication channel and how to stop this.
Alternative communication channel over NTP Read the paper (HTML) Download the paper (PDF)   The use of DNS as a covert C&C communication channel has been widely documented… https://www.virusbulletin.com/blog/2019/04/paper-alternative-communication-channel-over-ntp/

April

https://www.virusbulletin.com/blog/2019/04/

VB2019 conference programme announced

VB is excited to reveal the details of an interesting and diverse programme for VB2019, the 29th Virus Bulletin International Conference, which takes place 2-4 October in London, UK.
We are excited to announce the programme for VB2019, the 29th International Virus Bulletin Conference which will take place 2-4 October in London, UK. The conference… https://www.virusbulletin.com/blog/2019/04/vb2019-conference-programme-announced/

VB2018 paper: Under the hood - the automotive challenge

Car hacking has become a hot subject in recent years, and at VB2018 in Montreal, Argus Cyber Security's Inbar Raz presented a paper that provides an introduction to the subject, looking at the complex problem, examples of car hacks, and the challenges ahe…
Under the hood - the automotive challenge Read the paper (HTML) Download the paper (PDF)     During last week's Pwn2Own 2019 hacking contest, a Senegalese-Chinese duo… https://www.virusbulletin.com/blog/2019/03/vb2018-paper-under-hood-automotive-challenge/

VB2018 paper: Fake News, Inc.

A former reporter by profession, Andrew Brandt's curiosity was piqued when he came across what appeared at first glance to be the website of a small-town newspaper based in Illinois, but under scrutiny, things didn’t add up. At VB2018 he presented a paper…
    Andrew Brandt will also speak at VB2019 in London. This time, in a Small Talk session, he will share his experience of analysing "retromalware" – some of the oldest… https://www.virusbulletin.com/blog/2019/04/vb2018-paper-fake-news-inc/

VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation

Static analysis and dynamic analysis each have their shortcomings as methods for analysing potentially malicious files. Today, we publish a VB2018 paper by Check Point researchers Yoni Moses and Yaniv Mordekhay, in which they describe a method that combin…
Android app deobfuscation using static-dynamic cooperation Read the paper (HTML) Download the paper (PDF)   The two most common methods for analysing potentially malicious… https://www.virusbulletin.com/blog/2019/03/vb2018-paper-and-video-android-app-deobfuscation-using-static-dynamic-cooperation/

« Previous 1...678910...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.