VB Blog

Subtle change could see a reduction in installation of malicious Chrome extensions

Posted by   Martijn Grooten on   Jun 13, 2018

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.

Read more  

Paper: EternalBlue: a prominent threat actor of 2017–2018

Posted by   Martijn Grooten on   Jun 11, 2018

We publish a paper by researchers from Quick Heal Security Labs in India, who study the EternalBlue and DoublePulsar exploits in full detail.

Read more  

'North Korea' a hot subject among VB2018 talks

Posted by   Virus Bulletin on   Jun 1, 2018

Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.

Read more  

Expired domain led to SpamCannibal's blacklist eating the whole world

Posted by   Martijn Grooten on   May 31, 2018

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.

Read more  

MnuBot banking trojan communicates via SQL server

Posted by   Martijn Grooten on   May 30, 2018

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.

Read more  

Throwback Thursday: Giving the EICAR test file some teeth

Posted by   Martijn Grooten on   May 24, 2018

The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.

Read more  

XMRig used in new macOS cryptominer

Posted by   Martijn Grooten on   May 23, 2018

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.

Read more  

Tendency for DDoS attacks to become less volumetric fits in a wider trend

Posted by   Martijn Grooten on   May 22, 2018

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

Read more  

Turkish Twitter users targeted with mobile FinFisher spyware

Posted by   Martijn Grooten on   May 15, 2018

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

Read more  

Hide'n'Seek IoT botnet adds persistence

Posted by   Martijn Grooten on   May 9, 2018

The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.

Read more  
Previous1...2021222324...215Next

Search blog

OneCare labels Gmail a virus

Rival webmail system flagged infected by Microsoft AV.
Rival webmail system flagged infected by Microsoft AV. A number of users of Microsoft's anti-virus product Windows Live OneCare have reported being warned of a virus infection when… https://www.virusbulletin.com/blog/2006/11/onecare-labels-gmail-virus/

MS releases new Sysinternals utility

Process Monitor combines filemon, regmon into unified analysis tool.
Process Monitor combines filemon, regmon into unified analysis tool.Sysinternals, now 'a wholly owned subsidiary of Microsoft Corporation', has released a new system analysis tool… https://www.virusbulletin.com/blog/2006/11/ms-releases-new-sysinternals-utility/

Vista safe without AV, says Allchin

Microsoft chief confident in new security measures.
Microsoft chief confident in new security measures. During a telephone press conference, Microsoft Platform Products and Services Co-president Jim Allchin revealed that he lets his… https://www.virusbulletin.com/blog/2006/11/vista-safe-without-av-says-allchin/

More US political spam

Voter persuasion campaign late and sloppy, says Panda
Voter persuasion campaign late and sloppy, says Panda Spam watchers at PandaLabs have spotted a campaign hoping to trick recipients into visiting a page attacking the state of US… https://www.virusbulletin.com/blog/2006/11/more-us-political-spam/

AOL ICQ vulnerability revealed

Chat program remote execution flaw patched.
Chat program remote execution flaw patched. Details of a vulnerability found in AOL's ICQ instant messaging software have been released by TippingPoint. The ActiveX flaw could… https://www.virusbulletin.com/blog/2006/11/aol-icq-vulnerability-revealed/

Email worm spams global war news

Bush and Putin still alive, no nuclear war ahead.
Bush and Putin still alive, no nuclear war ahead. An email worm is posing as news of global warfare and the death of major world leaders in an attempt to persuade recipients to… https://www.virusbulletin.com/blog/2006/11/email-worm-spams-global-war-news/

Google blog spreads Kama Sutra worm

MyWife variant mailed to 50,000 video blog watchers.
MyWife variant mailed to 50,000 video blog watchers.Google has apologised to users of its Google Video Blog, some 50,000 of whom were exposed to an email worm after three postings… https://www.virusbulletin.com/blog/2006/11/google-blog-spreads-kama-sutra-worm/

US politicians slated for spam tactics

Report criticises leaders for election-pushing mass mail campaigns.
Report criticises leaders for election-pushing mass mail campaigns. A report from Sophos has criticised the behaviour of both major US political parties, after numerous emails… https://www.virusbulletin.com/blog/2006/11/us-politicians-slated-spam-tactics/

XMLHTTP zero-day exploit

ActiveX vulnerability in use by attackers.
ActiveX vulnerability in use by attackers. A new flaw in Microsoft's XML Core Services 4.0 is in active use by malicious websites, with attackers using the vulnerability to… https://www.virusbulletin.com/blog/2006/11/xmlhttp-zero-day-exploit/

US way ahead in phishing and spam

PhishTank, Sophos stats put US at top of lists.
PhishTank, Sophos stats put US at top of lists. Statistics released by anti-phishing community project PhishTank, launched early last month, have put the US far ahead of the field… https://www.virusbulletin.com/blog/2006/11/us-way-ahead-phishing-and-spam/

FBI busts phishing gang

Arrests made in Poland and US, more expected.
Arrests made in Poland and US, more expected. A large operation carried out by the FBI against a phishing operation has resulted in a string of arrests. Four people are being held… https://www.virusbulletin.com/blog/2006/11/fbi-busts-phishing-gang/

Adware costs Zango $3 million

Cash and promises settle deceptive practices case.
Cash and promises settle deceptive practices case. Adware giant Zango, formerly known as 180Solutions, has settled a case brought by the US Federal Trade Commission (FTC) for $3… https://www.virusbulletin.com/blog/2006/11/adware-costs-zango-3-million/

Spam worse than postal junk mail

Survey finds emails more irritating than unwanted paper.
Survey finds emails more irritating than unwanted paper. A study carried out by researchers from the University of Georgia's Grady College of Journalism and Mass Communication and… https://www.virusbulletin.com/blog/2006/11/spam-worse-postal-junk-mail/

Wikipedia spam points to malware

Emails used archive function to lend authenticity.
Emails used archive function to lend authenticity. Popular online encyclopaedia Wikipedia has been used as a vector for malware, with a spam campaign using the site's reputation… https://www.virusbulletin.com/blog/2006/11/wikipedia-spam-points-malware/

IE7 causing McAfee update problems

New browser version blocking install and updates.
New browser version blocking install and updates. Security settings in the new version of Microsoft's web browser, Internet Explorer 7, are causing problems for users of McAfee… https://www.virusbulletin.com/blog/2006/11/ie7-causing-mcafee-update-problems/

New OSX parasitic virus found

Symantec report proof-of-concept file infector for Mac.
Symantec report proof-of-concept file infector for Mac. Analysts at Symantec have received samples of a proof-of-concept file infector for the Apple Mac OSX platform. The virus,… https://www.virusbulletin.com/blog/2006/11/new-osx-parasitic-virus-found/

Spammed trojans posing as McAfee report

Campaign uses security news to bypass security.
Campaign uses security news to bypass security. A spam campaign has been spotted, with the emails claiming to come from security giant McAfee and to contain a report on recent… https://www.virusbulletin.com/blog/2006/11/spammed-trojans-posing-mcafee-report/

Academics create mobile malware

California University publishes Symbian proof of concept.
California University publishes Symbian proof of concept. A group of researchers at the University of California, Santa Barbara, (UCSB) have released details and source code for a… https://www.virusbulletin.com/blog/2006/11/academics-create-mobile-malware/

Spamhaus rests easy

US judge rules against suspending Spamhaus domain.
US judge rules against suspending Spamhaus domain. At the end of a month-long court battle, a US judge has ruled that UK anti-spam advisory organization Spamhaus will not have its… https://www.virusbulletin.com/blog/2006/11/spamhaus-rests-easy/

Sender ID specification released

Microsoft reveals all as part of its Open Specification Promise.
Microsoft reveals all as part of its Open Specification Promise.Microsoft has made its Sender ID Framework specification available as part of its recent Open Specification Promise,… https://www.virusbulletin.com/blog/2006/11/sender-id-specification-released/

« Previous 1...9192939495...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.