VB Blog

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry

Posted by Martijn Grooten on Oct 28, 2019

Today we publish the VB2019 paper by RiskIQ researcher Yonathan Klijnsma, who looked at the Magecart web-skimming attacks.

Posted by Martijn Grooten on Oct 25, 2019

Today, we publish the videos of the VB2019 partner presentations by Michael Maltsev (Reason Cybersecurity) on webcam interception and protection, and by Jean-Ian Boutin and Anton Cherepanov (ESET) on the Buhtrap group.

Posted by Martijn Grooten on Oct 24, 2019

The web continues to be a major infection vector for malware and credential-stealing threats. In the VBWeb tests, we measure products' ability to block such threats and certify products that perform a good job at doing so.

Posted by Martijn Grooten on Oct 23, 2019

Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.

Posted by Virus Bulletin on Oct 22, 2019

The debate on responsible disclosure is about as old as IT security itself. In a guest post for Virus Bulletin Robert Neumann suggests we need to reconsider a one-size-fits-all solution and instead look for a well-respected independent organization to handle security issues.

Posted by Martijn Grooten on Oct 21, 2019

OpSec mistakes are what lead to many malware discoveries, and in the case of the Geost Android botnet the mistake was a really interesting one. Today we publish the VB2019 paper by Sebastian García, Maria Jose Erquiaga and Anna Shirokova on the Geost botnet, as well as the recording of Sebastian and Anna presenting their research in London.

Posted by Virus Bulletin on Oct 14, 2019

VB2019 Platinum partner Reason Cybersecurity presents a threat analysis report on the Save Yourself malware.

Posted by Virus Bulletin on Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

Posted by Virus Bulletin on Sep 25, 2019

In a guest blog post VB2019 Silver partner Intezer outlines the importance of paying attention to Linux threats.

Posted by Martijn Grooten on Sep 18, 2019

On Monday, the infamous Emotet malware resumed its spam campaign to spread the latest version of the malware. As before, the malware successfully bypasses many email security products.

Previous1...89101112...215Next

Search blog

Vista fails to reassure web users

50% of users don't believe Vista has made the Internet any safer.
50% of users don't believe Vista has made the Internet any safer. According to a recent poll, 50% of visitors to the VB website do not believe that Windows Vista has made the… https://www.virusbulletin.com/blog/2007/12/vista-fails-reassure-web-users/

Yuletide greetings

Festive wishes.
Festive wishes. The members of the VB team extend their warm wishes to Virus Bulletin readers for a very happy holiday season and a healthy and prosperous new year. This Christmas… https://www.virusbulletin.com/blog/2007/12/yuletide-greetings/

Teenage botherder arrested in New Zealand

International cooperation also leads to eight arrests in the US.
International cooperation also leads to eight arrests in the US. Police in New Zealand have arrested an 18-year-old youth believed to be the herder of a botnet of 1.3 million… https://www.virusbulletin.com/blog/2007/11/teenage-botherder-arrested-new-zealand/

Webroot merges with UK managed service firm

Anti-spyware firm moves into SaaS arena
Anti-spyware firm moves into SaaS arena Anti-spyware specialist Webroot has announced a merger with UK-based software-as-a-service firm Email Systems, expanding its provisions… https://www.virusbulletin.com/blog/2007/11/webroot-merges-uk-managed-service-firm/

AVAR 2007 opens in Seoul

Asian and global malware experts gather to discuss latest trends
Asian and global malware experts gather to discuss latest trends The annual conference of the Association of anti Virus Asia Researchers (AVAR) has convened in the comfortable… https://www.virusbulletin.com/blog/2007/11/avar-2007-opens-seoul/

SANS issues vulnerability top 20

Annual study of security risks finds software and humans present dangers.
Annual study of security risks finds software and humans present dangers. The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks… https://www.virusbulletin.com/blog/2007/11/sans-issues-vulnerability-top-20/

Inconvenient content

Hackers include spammish content into Al Gore's website.
Hackers include spammish content into Al Gore's website. Hackers have managed to break into a website set up to promote Al Gore's film An Inconvenient Truth and include links to… https://www.virusbulletin.com/blog/2007/11/inconvenient-content/

QuickTime flaw could open Windows PCs to hackers

Firefox users most vulnerable; Internet Explorer users should be wary too.
Firefox users most vulnerable; Internet Explorer users should be wary too. Polish security researcher Krystian Kloskowski has published a proof-of-concept exploit for a… https://www.virusbulletin.com/blog/2007/11/quicktime-flaw-could-open-windows-pcs-hackers/

Five-year-old design flaw found in all Windows versions

Microsoft engineers spend Thanksgiving holidays writing patch.
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw… https://www.virusbulletin.com/blog/2007/11/five-year-old-design-flaw-found-all-windows-versions/

One in four consider online banking unsafe

Virus Bulletin finds that one in four users consider online banking to be unsafe, but manage their accounts online regardless, while 50% of users consider online banking to be risk free.
Virus Bulletin finds that one in four users consider online banking to be unsafe, but manage their accounts online regardless, while 50% of users consider online banking to be risk… https://www.virusbulletin.com/blog/2007/11/one-four-consider-online-banking-unsafe/

Pushy scamware ads served by DoubleClick

Advertising network provided ads for rogue security product.
Advertising network provided ads for rogue security product. Online advertising system DoubleClick, part of an ongoing acquisition attempt by Google, has allowed a wave of… https://www.virusbulletin.com/blog/2007/11/pushy-scamware-ads-served-doubleclick/

Two fixes released on lightweight Patch Tuesday

Monthly security update covers just couple of dangers.
Monthly security update covers just couple of dangers.Microsoft has released its monthly 'Patch Tuesday' security bulletin, with only two patches issued, one rated 'Important' and… https://www.virusbulletin.com/blog/2007/11/two-fixes-released-lightweight-patch-tuesday/

US botnet master confesses to crimes

Security consultant to plead guilty, could face heavy sentence.
Security consultant to plead guilty, could face heavy sentence. A Los Angeles man has agreed to plead guilty to several counts of fraud and unauthorised interfering with computer… https://www.virusbulletin.com/blog/2007/11/us-botnet-master-confesses-crimes/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Phished Salesforce.com data used for phishing attacks

Password leak leads to major CRM customer data haul.
Password leak leads to major CRM customer data haul. A security breach at customer relationship management (CRM) firm Salesforce.com has led to a large-scale leak of confidential… https://www.virusbulletin.com/blog/2007/11/phished-salesforce-com-data-used-phishing-attacks/

Russian Business Network leaves Russia

Leading cybercrime hosting hub moves business to fresh pastures.
Leading cybercrime hosting hub moves business to fresh pastures. The notorious Russian Business Network (RBN), recently making headlines for the massive amounts of malicious and… https://www.virusbulletin.com/blog/2007/11/russian-business-network-leaves-russia/

Sophos announces plans to float

Listing on London Stock Exchange expected soon.
Listing on London Stock Exchange expected soon. The long-anticipated floatation of Sophos, one of the biggest privately owned security firms, has been announced this week, with the… https://www.virusbulletin.com/blog/2007/11/sophos-announces-plans-float/

Symantec joins data leak frenzy

Vontu purchase latest move in data protection trend.
Vontu purchase latest move in data protection trend.Symantec has announced the $350 million purchase of data leak prevention firm Vontu, following several similar moves by major… https://www.virusbulletin.com/blog/2007/11/symantec-joins-data-leak-frenzy/

LinkedIn providing open redirect

Lax website setup could be used to trick the unwary.
Lax website setup could be used to trick the unwary. Popular professional networking system LinkedIn has been allowing free redirects from its website, providing spammers and… https://www.virusbulletin.com/blog/2007/11/linkedin-providing-open-redirect/

Attempted virus fumbles attack on F-Secure

Flawed file-infector fails to frighten Finns.
Flawed file-infector fails to frighten Finns. A highly buggy intended virus has been found to include an attempt to launch a DDoS attack on the websites of Finnish security firm… https://www.virusbulletin.com/blog/2007/11/attempted-virus-fumbles-attack-f-secure/

« Previous 1...7475767778...120 Next »