VB Blog

VB2018 presentation: Levelling up: why sharing threat intelligence makes you more competitive

Posted by   Helen Martin on   Mar 1, 2019

In a presentation at VB2018, Michael Daniel, President and CEO of the Cyber Threat Alliance, outlined exactly how threat sharing strengthens a company's competitive advantage. Today we release the recording of his presentation.

Read more  

The malspam security products miss: Emotet, Ursnif, and a spammer's blunder

Posted by   Martijn Grooten on   Feb 25, 2019

The set-up of the VBSpam test lab gives us a unique insight into the kinds of emails that are more likely to bypass email filters. This week we look at the malspam that was missed: a very international email with a link serving Emotet, an Italian Ursnif campaign with a password-protected ZIP and an email to which a clumsy spammer had attached a list of email addresses rather than a payload.

Read more  

VB2018 paper: The modality of mortality in domain names

Posted by   Martijn Grooten on   Feb 22, 2019

Domains play a crucial role in most cyber attacks, from the very advanced to the very mundane. Today, we publish a VB2018 paper by Paul Vixie (Farsight Security) who undertook the first systematic study into the lifetimes of newly registered domains.

Read more  

VB2018 paper: Analysing compiled binaries using logic

Posted by   Martijn Grooten on   Feb 20, 2019

Constraint programming is a lesser-known technique that is becoming increasingly popular among malware analysts. In a paper presented at VB2018 Thaís Moreira Hamasaki presented an overview of the technique and explained how it can be applied to the analysis of (potentially) malicious binaries. Today, we publish both Thaís' paper and the video of her presentation.

Read more  

Virus Bulletin encourages experienced speakers and newcomers alike to submit proposals for VB2019

Posted by   Martijn Grooten on   Feb 19, 2019

With a little less than a month before the deadline of the call for papers for VB2019, Virus Bulletin encourages submissions from experienced speakers and newcomers alike.

Read more  

VB2018 paper: Internet balkanization: why are we raising borders online?

Posted by   Helen Martin on   Feb 13, 2019

At VB2018 in Montreal, Ixia researcher Stefan Tanase presented a thought-provoking paper on the current state of the Internet and the worrying tendency towards raising borders and restricting the flow of information. Today we publish both his paper and the recording of his presentation.

Read more  

The malspam security products miss: banking and email phishing, Emotet and Bushaloader

Posted by   Martijn Grooten on   Feb 11, 2019

The set-up of the VBSpam test lab gives us a unique insight into the kinds of emails that are more likely to bypass email filters. This week we look at the malspam that was missed: banking and email phishing, Emotet and Bushaloader.

Read more  

VB2018 paper: Where have all the good hires gone?

Posted by   Helen Martin on   Feb 8, 2019

The cybersecurity skills gap has been described as one of the biggest challenges facing IT leaders today. At VB2018 in Montreal, ESET's Lysa Myers outlined some of the things the industry can do to help address the problem. Today we publish Lysa's paper and the recording of her presentation.

Read more  

Preview: Nullcon 2019

Posted by   Martijn Grooten on   Feb 5, 2019

We look forward the Nullcon 2019 conference in Goa, India, at which VB Editor Martijn Grooten will give a talk on the state of malware.

Read more  

From Amazon to Emotet: a look at those phishing and malware emails that bypassed email security products

Posted by   Martijn Grooten on   Feb 3, 2019

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Recently some of the emails that bypassed security products included a broken Amazon phishing campaign, a large fake UPS campaign and malicious emails carrying Emotet and Lokibot.

Read more  
Previous1...1213141516...215Next

Search blog

New paper: Behind the scenes of GandCrab's operation

The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab Security…
  For more details of GandCrab, also see the VB2019 paper and presentation by McAfee researchers John Fokker and Alexandre Mundo, who looked both at the malware code and its… https://www.virusbulletin.com/blog/2020/01/new-paper-behind-scenes-gandcrabs-operation/

VB2019 paper: King of the hill: nation-state counterintelligence for victim deconfliction

At VB2019 Juan Andres Guerrero-Saade looked at nation-state actors using threat intelligence for victim deconfliction. Today we publish both his paper and the recording of his presentation.
King of the hill: nation-state counterintelligence for victim deconfliction Read the paper (HTML) Download the paper (PDF)   Past Virus Bulletin conference papers… https://www.virusbulletin.com/blog/2020/01/vb2019-paper-king-hill-nation-state-counterintelligence-victim-deconfliction/

The VB2020 call for papers - how it works

With the VB2020 Call for Papers now open, we explain how the selection procedure works, which may help you during your abstract submission.
We recently opened the call for papers for VB2020, which is to take place 30 September to 2 October in Dublin, Ireland. The deadline for the call for papers is Sunday 15 March.… https://www.virusbulletin.com/blog/2020/01/vb2020-call-papers/

VB2019 presentation: Targeted attacks through ISPs

In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today we rel…
In 2019 we saw an increase in the number of targeted malware infections spread via ISPs and service providers. Some notable cases included the installation of digital certificates… https://www.virusbulletin.com/blog/2020/01/vb2019-presentation-targeted-attacks-through-isps/

VB2019 presentation: A deep dive into iPhone exploit chains

In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details of campaigns that used advanced iOS and Android exploit chains against China’s Uighur minority. Today we release the recor…
One of the biggest security stories of 2019 was the use of advanced iOS and Android exploit chains against China’s Uighur minority, first uncovered by Google’s Project Zero with… https://www.virusbulletin.com/blog/2020/01/vb2019-presentation-deep-dive-iphone-exploit-chains/

Latest VBWeb report describes current state of the web-based threat landscape

Today we released the Winter 2020 VBWeb report, detailing the performance of web security products against live web threats and looking at the current state of the web-based threat landscape.
VBWeb Comparative Review - Winter 2020 Read the report (HTML) Download the report (PDF)   If you are interested in having your product tested either publicly or privately, or… https://www.virusbulletin.com/blog/2020/01/latest-vbweb-report-describes-current-state-web-based-threat-landscape/

VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity

In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani discussed code injection vulnerabilities and presented a tool that could detect this vulnerability class. Today we publish their paper and the recording of…
Catch me if you can: detection of injection exploitation by validating query and API integrity Read the paper (HTML) Download the paper (PDF)       Any web app that… https://www.virusbulletin.com/blog/2020/01/vb2019-paper-catch-me-if-you-can-detection-injection-exploitation-validating-query-and-api-integrity/

2020

https://www.virusbulletin.com/blog/2020/

January

https://www.virusbulletin.com/blog/2020/01/

Virus Bulletin says a fond farewell and thank you to Martijn Grooten

As VB Editor Martijn Grooten steps down from his role to move on to new challenges, the team wish him a fond farewell and the very best of luck in his future endeavours.
Thirteen years ago, VB was searching for a web developer to join the very small team based in Oxfordshire, UK. A CV came in from one Martijn Grooten, a former Ph.D. student in… https://www.virusbulletin.com/blog/2019/12/virus-bulletin-says-fond-farewell-and-thank-you-martijn-grooten/

VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)

Today, we publish the VB2019 paper and video by Sophos researcher Sergei Shevchenko in which he analyses a popular yet unnamed piece of macOS ‘bundleware’.
Over the years, many ‘potentially unwanted applications’ have plagued macOS in the same way they have plagued other platforms. Though anti-virus isn’t ubiquitous on Macs,… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-never-had-stierlitz-been-so-close-failure-or-what-soviet-super-spy-doing-popular-bundleware-mac/

Parting thoughts 5: bringing the good news

In the final of a five-part series of blog posts, departing VB Editor Martijn Grooten argues for more emphasis on the good news in security, especially that which is more subtle.
At the end of this month, I will step down as Editor of Virus Bulletin. Before doing so, I have been sharing some 'parting thoughts' in five blog posts, based on my experience… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-5-bringing-good-news/

Parting thoughts 4: the big picture

In the fourth of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why security researchers should refer to other people's work.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-4-big-picture/

VB2019 paper: Exploring the Chinese DDoS landscape

China has long been a hotbed of DDoS activities, and today we publish a VB2019 paper by Intezer researcher Nacho Sanmillan who looked at Chinese threat groups engaged in performing DDoS attacks. We have also uploaded the recording of his presentation.
Exploring the Chinese DDoS landscape Read the paper (HTML) Download the paper (PDF)       China has long been a hotbed of DDoS activities, with several groups… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-exploring-chinese-ddos-landscape/

Parting thoughts 3: taking security seriously

In the third of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes security vendors should take their products' security more seriously.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-3-taking-security-seriously/

VB2019 paper: Absolutely routed!! Why routers are the new bullseye in cyber attacks

Today we publish the VB2019 paper by Anurag Shandilya (K7 Computing) who looked at recent malware attacks against routers, as well as the video of his presentation in London.
Given their prominent position on home and corporate networks and their often poor standard of security, one might be forgiven for being surprised that massive attacks against… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-absolutely-routed-why-routers-are-new-bullseye-cyber-attacks/

Parting thoughts 2: the need for education in security

In the second of a five-part series of blog posts, departing VB Editor Martijn Grooten explains why he believes cybersecurity professionals need to educate themselves on the complexities of the real-world situations in which security is applied.
At the end of this month, I will step down as Editor of Virus Bulletin. Before I do so, I will share some 'parting thoughts' in five blog posts, based on my experience working in… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-2-need-education-security/

Parting thoughts 1: cybersecurity as a social science

In the first of a five-part series of blog post, departing VB Editor Martijn Grooten explains why he believes cybersecurity isn't as much as technical field as we like to believe.
At the end of this month, I will step down as Editor of Virus Bulletin. This week, I will share some 'parting thoughts' in five blog posts, based on my experience working in the… https://www.virusbulletin.com/blog/2019/12/parting-thoughts-1-cybersecurity-social-science/

VB2020 call for papers - now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2020 is now open and we want to hear from you!
In the October 1990 edition of Virus Bulletin (pdf), then a printed monthly magazine sent to subscribers around the world by post, the very first Virus Bulletin conference was… https://www.virusbulletin.com/blog/2019/12/vb2020-call-papers-now-open/

VB2019 paper: Operation Soft Cell - a worldwide campaign against telecommunication providers

Today we publish the VB2019 paper by Cybereason researchers Mor Levi, Amit Serper and Assaf Dahan on Operation Soft Cell, a targeted attack against telecom providers around the world.
Operation Soft Cell - a worldwide campaign against telecommunication providers Read the paper (HTML) Download the paper (PDF)   In June this year, Cybereason published a blog… https://www.virusbulletin.com/blog/2019/12/vb2019-paper-operation-soft-cell-worldwide-campaign-against-telecommunication-providers/

« Previous 1234567...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.