VB Blog

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

Posted by Martijn Grooten on Nov 22, 2019

A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his presentation.

Posted by Martijn Grooten on Nov 21, 2019

Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution and the affiliate scheme behind it. Today we publish both their paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 18, 2019

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video of their presentation.

Posted by Martijn Grooten on Nov 18, 2019

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

Posted by Martijn Grooten on Nov 7, 2019

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

Posted by Martijn Grooten on Nov 6, 2019

VB has analysed a malicious spam campaign targeting German-speaking users with obfuscated Excel malware that would likely download Dridex but that mostly stood out through its size.

Posted by Martijn Grooten on Nov 5, 2019

We publish a paper by researchers from ESTsecurity in South Korea, who describe a fuzzy hashing algorithm for clustering Android malware datasets.

Posted by Martijn Grooten on Nov 4, 2019

Having returned from a summer hiatus, Emotet is back targeting inboxes and, as seen in the VBSpam test lab, doing a better job than most other malicious campaigns at bypassing email security products.

Posted by Martijn Grooten on Nov 1, 2019

Those working in the field of infosec are often faced with ethical dilemmas that are impossible to avoid. Today, we publish a VB2019 paper by Kaspersky researcher Ivan Kwiatkowski looking at ethics in infosec as well as the recording of Ivan's presentation.

Posted by Martijn Grooten on Oct 31, 2019

Malware used in domestic abuse situations is a growing threat, and the standard way for anti-virus products to handle such malware may not be good enough. But that doesn't mean there isn't an important role for anti-virus to play.

Previous1...7891011...215Next

Search blog

Attempted virus fumbles attack on F-Secure

Flawed file-infector fails to frighten Finns.
Flawed file-infector fails to frighten Finns. A highly buggy intended virus has been found to include an attempt to launch a DDoS attack on the websites of Finnish security firm… https://www.virusbulletin.com/blog/2007/11/attempted-virus-fumbles-attack-f-secure/

Symantec warns of rigged Google search links

Advanced search options lead clickers straight to junk sites.
Advanced search options lead clickers straight to junk sites. Spammers have found a novel use for Google's advanced search options and 'I'm Feeling Lucky' function, using a… https://www.virusbulletin.com/blog/2007/11/symantec-warns-rigged-google-search-links/

November

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2007/11/

The sound of spam

Firm reports 15 million MP3 spams in October.
Firm reports 15 million MP3 spams in October. Last month saw pump-and-dump spammers try out yet another file type for getting their message across to the gullible: MP3 audio… https://www.virusbulletin.com/blog/2007/11/sound-spam/

Melissa has users CAPTCHA'd

Spammers offer strip show for correctly completed CAPTCHAs.
Spammers offer strip show for correctly completed CAPTCHAs. Spammers have spotted a new opportunity for getting humans to help them get past the CAPTCHA tests put in place to… https://www.virusbulletin.com/blog/2007/11/melissa-has-users-captcha-d/

E-crime unit to get government funding?

UK government responds to House of Lords call for better policing of the Internet.
UK government responds to House of Lords call for better policing of the Internet. The UK government has indicated that it may set up a new national police unit dedicated to… https://www.virusbulletin.com/blog/2007/11/e-crime-unit-get-government-funding/

Phishing trojan targets Mac OSX

DNS hijack disguised as codec threatens Apple systems.
DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple's Mac OSX operating system - a relative rarity in the malware world - has been seen in the wild.… https://www.virusbulletin.com/blog/2007/11/phishing-trojan-targets-mac-osx/

VB100 NetWare update

Updated results for VB100 NetWare comparative.
Updated results for VB100 NetWare comparative.VB regrets that some erroneous results were recorded for Symantec AntiVirus 10 in last month's comparative review on Novell NetWare… https://www.virusbulletin.com/blog/2007/11/netware-update/

November issue of VB published

The November issue of Virus Bulletin is now available for subscribers to download.
The November issue of Virus Bulletin is now available for subscribers to download. The November 2007 issue of Virus Bulletin is now available for subscribers to browse online or… https://www.virusbulletin.com/blog/2007/11/november-issue-vb-published/

Supermarket sweep

Phishers almost get away with $10m scam.
Phishers almost get away with $10m scam. Court documents have revealed that phishers nearly managed a whopping $10 million supermarket (bank account) sweep earlier this year.… https://www.virusbulletin.com/blog/2007/11/supermarket-sweep/

FTC demands more power against spyware

Prosecutions and fines needed to deter badware makers.
Prosecutions and fines needed to deter badware makers. Representatives of the US Federal Trade Commission (FTC), the consumer protection body which has seen some success in the… https://www.virusbulletin.com/blog/2007/10/ftc-demands-more-power-against-spyware/

McAfee acquires website trust mark firm

ScanAlert certification system bought for $51 million.
ScanAlert certification system bought for $51 million.McAfee has bought ScanAlert, the firm behind the 'Hacker Safe' trust mark logo, carried by some 75,000 websites to indicate… https://www.virusbulletin.com/blog/2007/10/mcafee-acquires-website-trust-mark-firm/

Storm spams promise spooky Halloween

Tricks not treats as skeleton game emails link to attack.
Tricks not treats as skeleton game emails link to attack. The 'Storm' attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to… https://www.virusbulletin.com/blog/2007/10/storm-spams-promise-spooky-halloween/

Trend Micro invests in leak-prevention firm

Further data security added to portfolio.
Further data security added to portfolio. Security giant Trend Micro has acquired California-based data leak prevention specialist Provilla, to add its data protection technologies… https://www.virusbulletin.com/blog/2007/10/trend-micro-invests-leak-prevention-firm/

Microsoft unveils January-June threat report

Security analysis shows rise in vulnerabilities, trojans and scamware.
Security analysis shows rise in vulnerabilities, trojans and scamware.Microsoft has released its latest 'Security Intelligence Report', covering the first half of 2007, showing a… https://www.virusbulletin.com/blog/2007/10/microsoft-unveils-january-june-threat-report/

Spyware maker Direct Revenue closes doors

Notorious company forced out of business by legal actions.
Notorious company forced out of business by legal actions. After numerous lawsuits and fines, adware and spyware maker Direct Revenue is no more. The firm behind a swathe of… https://www.virusbulletin.com/blog/2007/10/spyware-maker-direct-revenue-closes-doors/

PDF trojan exploits Adobe flaw

Reader/Acrobat vulnerability targeted day after patch release.
Reader/Acrobat vulnerability targeted day after patch release. A vulnerability in Adobe's popular PDF-viewing software Adobe Reader and editing suite Acrobat, first reported a… https://www.virusbulletin.com/blog/2007/10/pdf-trojan-exploits-adobe-flaw/

RealPlayer zero-day flaw exploited

Manufacturer responds rapidly to serious security hole.
Manufacturer responds rapidly to serious security hole. A zero-day vulnerability in the popular media playing system RealPlayer was spotted being exploited in the wild late last… https://www.virusbulletin.com/blog/2007/10/realplayer-zero-day-flaw-exploited/

Latest VB100 announced

Windows 2000 Professional products to be tested.
Windows 2000 Professional products to be tested. VB has issued a call for submissions for the latest VB100 comparative review, which will measure the performance of products for… https://www.virusbulletin.com/blog/2007/10/latest-announced/

Pump-and-dumpers move on to MP3 spam

Audio files latest stock pushing tactic.
Audio files latest stock pushing tactic. Pump-and-dump spammers have moved on from image spam, PDF spam and Excel spreadsheet spam to try out yet another file type: MP3 audio… https://www.virusbulletin.com/blog/2007/10/pump-and-dumpers-move-mp3-spam/

« Previous 1...7576777879...120 Next »