VB Blog

Tizi Android malware highlights the importance of security patches for high-risk users

Posted by Martijn Grooten on Nov 28, 2017

Researchers from Google have taken down 'Tizi', an Android malware family, that used nine already patched vulnerabilities to obtain root on infected devices.

Posted by Martijn Grooten on Nov 27, 2017

Next week, Virus Bulletin researchers will be attending the AMTSO meeting and AVAR conference in Beijing, China, as well as the 5th edition of the Botconf conference in Montpellier, France.

Posted by Martijn Grooten on Nov 24, 2017

Today, we publish the video of the VB2017 presentation by ESET researcher Filip Kafka, who looked at recent changes in the FinFisher government malware, including its infection vectors.

Posted by Martijn Grooten on Nov 23, 2017

We look back at the VB2016 presentation by Adrian Sanabria on the state of endpoint security, both now and in the future.

Posted by Martijn Grooten on Nov 22, 2017

At VB2017 in Madrid, Cisco Umbrella (OpenDNS) researchers Dhia Mahjoub and David Rodriguez presented a new approach to detecting infected machines using graphs to detect botnet traffic at scale. Today we publish both Dhia and David's paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 21, 2017

Firefox developer Mozilla has announced that, as of version 59 of the browser, many kinds of data URIs, which provide a way to create "domainless web content", will not be rendered in the browser, thus making this trick - used in various phishing campaigns - a lot less attractive.

Posted by Martijn Grooten on Nov 16, 2017

Virus Bulletin ran a standalone test on FireEye's Endpoint Security solution.

Posted by Martijn Grooten on Nov 13, 2017

Jelena Milosevic, a nurse with a passion for IT security, is uniquely placed to witness poor security practices in the health care sector, and to fully understand the consequences. Today, we publish the recording of a presentation given by Jelena at VB2017 in Madrid, in which she shared her inside view of security in hospitals.

Posted by Martijn Grooten on Nov 9, 2017

Both bad news (all devices were pwnd) and good news (pwning is increasingly difficult) came from the most recent mobile Pwn2Own competition. But the practical security risks that come with using mobile phones have little to do with vulnerabilities.

Posted by Martijn Grooten on Nov 8, 2017

At VB2017 in Madrid, industry veteran and ESET Senior Research Fellow David Harley presented a paper on the state of security software testing. Today we publish David's paper in both HTML and PDF format.

Previous1...2728293031...215Next

Search blog

Another Windows zero-day exploit seen in wild

Trojans sneaking in through animated cursor flaw.
Trojans sneaking in through animated cursor flaw. A vulnerability has been discovered in the handling of .ani files, used for animated cursors on web pages and in HTML emails, and… https://www.virusbulletin.com/blog/2007/03/another-windows-zero-day-exploit-seen-wild/

Major companies hosting spam bots

Zombies in corporate networks spotted pumping out spam.
Zombies in corporate networks spotted pumping out spam. Network security company Support Intelligence has found evidence of bot-infected zombies sending spam from within many of… https://www.virusbulletin.com/blog/2007/03/major-companies-hosting-spam-bots/

Genuine sites hacked by spammers

PHP flaws used to lend legitimate air to spam content.
PHP flaws used to lend legitimate air to spam content. Webmasters are being warned to ensure their sites are properly protected, after a wave of spams have been spotted using links… https://www.virusbulletin.com/blog/2007/03/genuine-sites-hacked-spammers/

Woolworths to join UK AV market

Retail chain set to issue own-label software range.
Retail chain set to issue own-label software range. Major UK high street retailer Woolworths is set to follow supermarket giant Tesco in releasing its own-brand range of software… https://www.virusbulletin.com/blog/2007/03/woolworths-join-uk-av-market/

Huge haul of ID data stolen by trojan

Smart Russian spyware gathered info 'unnoticed' for 54 days.
Smart Russian spyware gathered info 'unnoticed' for 54 days. According to researchers at SecureWorks, a sophisticated trojan which spread through browser exploits, harvested… https://www.virusbulletin.com/blog/2007/03/huge-haul-id-data-stolen-trojan/

Search, link and trackback spam flooding web

Blogs, social sites and search results rivaling email for junk ads.
Blogs, social sites and search results rivaling email for junk ads. Email, long the most popular and lucrative means of getting advertising in front of computer users, is being… https://www.virusbulletin.com/blog/2007/03/search-link-and-trackback-spam-flooding-web/

Malware danger and profitability rising

Symantec, FBI reports show general increases in money-driven threats.
Symantec, FBI reports show general increases in money-driven threats. Two major new reports on computer security issues have shown a steady rise in just about every aspect of… https://www.virusbulletin.com/blog/2007/03/malware-danger-and-profitability-rising/

MS admits serious problems with OneCare

Detection failures and other issues confirmed, improvements promised.
Detection failures and other issues confirmed, improvements promised.Microsoft's Windows Live OneCare, hit by a series of public relations difficulties recently with failures in… https://www.virusbulletin.com/blog/2007/03/ms-admits-serious-problems-onecare/

RSA to provide trojan removal services

Anti-fraud system provides avenue for reporting and stopping targeted attacks.
Anti-fraud system provides avenue for reporting and stopping targeted attacks. Security firm RSA has announced a new system to block spyware and phishing fraud, by taking down… https://www.virusbulletin.com/blog/2007/03/rsa-provide-trojan-removal-services/

Yet more vulnerabilities in major security products

Serious McAfee buffer overflow flaws join yet another Trend UPX issue.
Serious McAfee buffer overflow flaws join yet another Trend UPX issue. Several vulnerabilities have been found in McAfee's ePolicy Orchestrator management tool, which could be… https://www.virusbulletin.com/blog/2007/03/yet-more-vulnerabilities-major-security-products/

No fanfare for Windows Server 2003 SP2

Major update release emerges in mysterious silence.
Major update release emerges in mysterious silence.Microsoft has released a new service pack for its Windows Server 2003 platform, almost entirely without warning or promotion. The… https://www.virusbulletin.com/blog/2007/03/no-fanfare-windows-server-2003-sp2/

Trend takes over HijackThis

Popular free spyware-spotting tool acquired by security giant.
Popular free spyware-spotting tool acquired by security giant.Trend Micro has announced the acquisition of HijackThis, the popular freely available tool designed to reveal hidden… https://www.virusbulletin.com/blog/2007/03/trend-takes-over-hijackthis/

UK bankers show 44% rise in online theft

APACS study records major increase in phishing fraud earnings.
APACS study records major increase in phishing fraud earnings. UK banking payments body APACS has released its latest figures for credit card and other types of banking fraud,… https://www.virusbulletin.com/blog/2007/03/uk-bankers-show-44-rise-online-theft/

OneCare causing Outlook havoc

Old mailbox deletion bug resurfaces, upsets users
Old mailbox deletion bug resurfaces, upsets usersMicrosoft's Windows Live OneCare has been the cause of considerable frustration to its users recently, with an issue with the… https://www.virusbulletin.com/blog/2007/03/onecare-causing-outlook-havoc/

SEC halts trading in spammed stocks

Share trading in 35 pumped and dumped companies suspended.
Share trading in 35 pumped and dumped companies suspended. The US Securities and Exchange Commission (SEC) announced yesterday that it had suspended trading in the stocks of 35… https://www.virusbulletin.com/blog/2007/03/sec-halts-trading-spammed-stocks/

New Zealand passes anti-spam law

As bulk emailing is regulated in NZ, Canada hears calls for similar laws.
As bulk emailing is regulated in NZ, Canada hears calls for similar laws. The New Zealand government announced last week the final passing of a law to control spam originating in… https://www.virusbulletin.com/blog/2007/03/new-zealand-passes-anti-spam-law/

March Patch Tuesday cancelled

MS announces no security patches this month.
MS announces no security patches this month. With several known vulnerabilities still affecting Windows and other products, Microsoft has announced that there will be no security… https://www.virusbulletin.com/blog/2007/03/march-patch-tuesday-cancelled/

Report on TLD DNS DDoS attack released

Fact sheet on web root server bombardment published by ICANN.
Fact sheet on web root server bombardment published by ICANN. The Internet Corporation for Assigned Names and Numbers (ICANN), the body responsible for controlling the DNS system… https://www.virusbulletin.com/blog/2007/03/report-tld-dns-ddos-attack-released/

Gromozon hijacks Italian MSN searches

Link bombing pushes blended spyware attack to top of popular search results.
Link bombing pushes blended spyware attack to top of popular search results. The gang behind the sophisticated Gromozon blended threat, also known as LinkOptimizer, is thought to… https://www.virusbulletin.com/blog/2007/03/gromozon-hijacks-italian-msn-searches/

OneCare fails another detection test

Microsoft product found not up to scratch in AV-Comparatives review.
Microsoft product found not up to scratch in AV-Comparatives review. Respected testing organisation AV-Comparatives has released the results of its latest in-depth test of… https://www.virusbulletin.com/blog/2007/03/onecare-fails-another-detection-test/

« Previous 1...8687888990...120 Next »