VB Blog

VB2019 presentation: A deep dive into iPhone exploit chains

Posted by Virus Bulletin on Jan 10, 2020

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recording of John's presentation.

Posted by Helen Martin on Jan 8, 2020

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.

Posted by Virus Bulletin on Jan 6, 2020

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of their presentation.

Posted by Helen Martin on Dec 31, 2019

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.

Posted by Martijn Grooten on Dec 27, 2019

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.

Posted by Martijn Grooten on Dec 23, 2019

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.

Posted by Virus Bulletin on Dec 20, 2019

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.

Posted by Martijn Grooten on Dec 19, 2019

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.

Posted by Martijn Grooten on Dec 19, 2019

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.

Posted by Martijn Grooten on Dec 18, 2019

In the second of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes cybersecurity professionals need to educate themselves on the complexities of the real-world situations in which security is applied.

Previous1...56789...215Next

Search blog

TJX hack thought biggest ever

Over 45 million card numbers gathered in massive breach.
Over 45 million card numbers gathered in massive breach. A report into a security breach at major US retailer TJX has revealed a lengthy and sophisticated attack which scooped vast… https://www.virusbulletin.com/blog/2007/03/tjx-hack-thought-biggest-ever/

Fujacks writer's removal tool slated

Virus creator's anti-virus not up to scratch, says Symantec.
Virus creator's anti-virus not up to scratch, says Symantec. A cleanup tool created by the writer of the Fujacks virus, also known as the 'Panda burning incense' virus in reference… https://www.virusbulletin.com/blog/2007/03/fujacks-writer-s-removal-tool-slated/

Another Windows zero-day exploit seen in wild

Trojans sneaking in through animated cursor flaw.
Trojans sneaking in through animated cursor flaw. A vulnerability has been discovered in the handling of .ani files, used for animated cursors on web pages and in HTML emails, and… https://www.virusbulletin.com/blog/2007/03/another-windows-zero-day-exploit-seen-wild/

Woolworths to join UK AV market

Retail chain set to issue own-label software range.
Retail chain set to issue own-label software range. Major UK high street retailer Woolworths is set to follow supermarket giant Tesco in releasing its own-brand range of software… https://www.virusbulletin.com/blog/2007/03/woolworths-join-uk-av-market/

Malware danger and profitability rising

Symantec, FBI reports show general increases in money-driven threats.
Symantec, FBI reports show general increases in money-driven threats. Two major new reports on computer security issues have shown a steady rise in just about every aspect of… https://www.virusbulletin.com/blog/2007/03/malware-danger-and-profitability-rising/

Huge haul of ID data stolen by trojan

Smart Russian spyware gathered info 'unnoticed' for 54 days.
Smart Russian spyware gathered info 'unnoticed' for 54 days. According to researchers at SecureWorks, a sophisticated trojan which spread through browser exploits, harvested… https://www.virusbulletin.com/blog/2007/03/huge-haul-id-data-stolen-trojan/

Search, link and trackback spam flooding web

Blogs, social sites and search results rivaling email for junk ads.
Blogs, social sites and search results rivaling email for junk ads. Email, long the most popular and lucrative means of getting advertising in front of computer users, is being… https://www.virusbulletin.com/blog/2007/03/search-link-and-trackback-spam-flooding-web/

RSA to provide trojan removal services

Anti-fraud system provides avenue for reporting and stopping targeted attacks.
Anti-fraud system provides avenue for reporting and stopping targeted attacks. Security firm RSA has announced a new system to block spyware and phishing fraud, by taking down… https://www.virusbulletin.com/blog/2007/03/rsa-provide-trojan-removal-services/

MS admits serious problems with OneCare

Detection failures and other issues confirmed, improvements promised.
Detection failures and other issues confirmed, improvements promised.Microsoft's Windows Live OneCare, hit by a series of public relations difficulties recently with failures in… https://www.virusbulletin.com/blog/2007/03/ms-admits-serious-problems-onecare/

No fanfare for Windows Server 2003 SP2

Major update release emerges in mysterious silence.
Major update release emerges in mysterious silence.Microsoft has released a new service pack for its Windows Server 2003 platform, almost entirely without warning or promotion. The… https://www.virusbulletin.com/blog/2007/03/no-fanfare-windows-server-2003-sp2/

Yet more vulnerabilities in major security products

Serious McAfee buffer overflow flaws join yet another Trend UPX issue.
Serious McAfee buffer overflow flaws join yet another Trend UPX issue. Several vulnerabilities have been found in McAfee's ePolicy Orchestrator management tool, which could be… https://www.virusbulletin.com/blog/2007/03/yet-more-vulnerabilities-major-security-products/

UK bankers show 44% rise in online theft

APACS study records major increase in phishing fraud earnings.
APACS study records major increase in phishing fraud earnings. UK banking payments body APACS has released its latest figures for credit card and other types of banking fraud,… https://www.virusbulletin.com/blog/2007/03/uk-bankers-show-44-rise-online-theft/

Trend takes over HijackThis

Popular free spyware-spotting tool acquired by security giant.
Popular free spyware-spotting tool acquired by security giant.Trend Micro has announced the acquisition of HijackThis, the popular freely available tool designed to reveal hidden… https://www.virusbulletin.com/blog/2007/03/trend-takes-over-hijackthis/

OneCare causing Outlook havoc

Old mailbox deletion bug resurfaces, upsets users
Old mailbox deletion bug resurfaces, upsets usersMicrosoft's Windows Live OneCare has been the cause of considerable frustration to its users recently, with an issue with the… https://www.virusbulletin.com/blog/2007/03/onecare-causing-outlook-havoc/

March Patch Tuesday cancelled

MS announces no security patches this month.
MS announces no security patches this month. With several known vulnerabilities still affecting Windows and other products, Microsoft has announced that there will be no security… https://www.virusbulletin.com/blog/2007/03/march-patch-tuesday-cancelled/

Report on TLD DNS DDoS attack released

Fact sheet on web root server bombardment published by ICANN.
Fact sheet on web root server bombardment published by ICANN. The Internet Corporation for Assigned Names and Numbers (ICANN), the body responsible for controlling the DNS system… https://www.virusbulletin.com/blog/2007/03/report-tld-dns-ddos-attack-released/

SEC halts trading in spammed stocks

Share trading in 35 pumped and dumped companies suspended.
Share trading in 35 pumped and dumped companies suspended. The US Securities and Exchange Commission (SEC) announced yesterday that it had suspended trading in the stocks of 35… https://www.virusbulletin.com/blog/2007/03/sec-halts-trading-spammed-stocks/

New Zealand passes anti-spam law

As bulk emailing is regulated in NZ, Canada hears calls for similar laws.
As bulk emailing is regulated in NZ, Canada hears calls for similar laws. The New Zealand government announced last week the final passing of a law to control spam originating in… https://www.virusbulletin.com/blog/2007/03/new-zealand-passes-anti-spam-law/

Gromozon hijacks Italian MSN searches

Link bombing pushes blended spyware attack to top of popular search results.
Link bombing pushes blended spyware attack to top of popular search results. The gang behind the sophisticated Gromozon blended threat, also known as LinkOptimizer, is thought to… https://www.virusbulletin.com/blog/2007/03/gromozon-hijacks-italian-msn-searches/

OneCare fails another detection test

Microsoft product found not up to scratch in AV-Comparatives review.
Microsoft product found not up to scratch in AV-Comparatives review. Respected testing organisation AV-Comparatives has released the results of its latest in-depth test of… https://www.virusbulletin.com/blog/2007/03/onecare-fails-another-detection-test/

« Previous 1...8687888990...120 Next »