VB Blog

WordPress users urged to manually update to fix bug that prevents automatic updating

Posted by   Martijn Grooten on   Feb 8, 2018

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.

Read more  

New paper: A review of the evolution of Andromeda over the years

Posted by   Martijn Grooten on   Feb 7, 2018

The Andromeda botnet (aka Gamarue or Wauchos) has plagued Internet users for more than half a decade but, following a takedown effort and the arrest of the suspected botnet owner in December 2017, it is likely we have seen the end of it. In a new paper by Fortinet researchers Bahare Sabouri and He Xu, we look back at the evolution of Andromeda from version 2.06 to 2.10 and demonstrate both how it improved its loader to evade automatic analysis/detection and how the payload varied among the different versions.

Read more  

There is no evidence in-the-wild malware is using Meltdown or Spectre

Posted by   Martijn Grooten on   Feb 2, 2018

Reports of malware using the Meltdown or Spectre attacks are likely based on proof-of-concept code rather than files written for a malicious purpose.

Read more  

Throwback Thursday: Malware taking a bit(coin) more than we bargained for

Posted by   Martijn Grooten on   Feb 1, 2018

This Throwback Thursday, we republish the VB2012 paper by Microsoft researcher Amir Fouda, one of the earliest papers to look at malware targeting Bitcoin.

Read more  

First time speaker? Don't be afraid of submitting to the VB2018 CFP

Posted by   Martijn Grooten on   Jan 31, 2018

We especially encourage those less experienced in speaking in public to submit to the call for papers for VB2018, where we aim to provide a friendly and welcoming environment in which people can both present their own research and learn from what others have been working on.

Read more  

VB2017 paper: VirusTotal tips, tricks and myths

Posted by   Martijn Grooten on   Jan 25, 2018

At VB2017 in Madrid, security researcher Randy Abrams presented an overview of the VirusTotal service and then went on to bust several of the persistent myths that surround it. Today we publish both Randy's paper and the recording of his presentation.

Read more  

Healthcare CERTs highlight the need for security guidance for specific sectors

Posted by   Martijn Grooten on   Jan 24, 2018

A new computer emergency response team has been launched in the Netherlands to provide guidance specifically tailored to the healthcare sector. Martijn Grooten welcomes the development.

Read more  

VB2018 call for papers now open!

Posted by   Martijn Grooten on   Jan 23, 2018

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2018 is now open and we want to hear from you!

Read more  

Book review: Serious Cryptography

Posted by   Martijn Grooten on   Jan 22, 2018

VB Editor Martijn Grooten recommends Jean-Philippe Aumasson's 'Serious Cryptography' as a very solid but practically focused introduction to cryptography.

Read more  

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

Posted by   Martijn Grooten on   Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Read more  

Search blog

APWG and FTC combine to fight ID fraud

Agencies join forces to release safety guidance documents.
Agencies join forces to release safety guidance documents. The Anti-Phishing Working Group (APWG) and the US Federal Trade Commission (FTC) have pooled their resources and… https://www.virusbulletin.com/blog/2007/09/apwg-and-ftc-combine-fight-id-fraud/

Sender authentication checks on the rise

SPF records creep into top ten content triggers checked by ISPs.
SPF records creep into top ten content triggers checked by ISPs. A report by email marketing software provider Lyris has revealed that use of the Sender Policy Framework (SPF)… https://www.virusbulletin.com/blog/2007/09/sender-authentication-checks-rise/

Unsafe computing in abundance

Reports and statistics on unsafe computing practices.
Reports and statistics on unsafe computing practices. Last month saw a flurry of reports and statistics on unsafe computing practices. To kick off, almost a quarter of… https://www.virusbulletin.com/blog/2007/09/unsafe-computing-abundance/

September

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2007/09/

September issue of VB published

The September issue of Virus Bulletin is now available for subscribers to download.
The September issue of Virus Bulletin is now available for subscribers to download. The September 2007 issue of Virus Bulletin is now available for subscribers to browse online… https://www.virusbulletin.com/blog/2007/09/september-issue-vb-published/

YouTube latest Storm hook

Fake video links aim to pull in yet more victims.
Fake video links aim to pull in yet more victims. The never-ending stream of 'Storm' attacks continued over the weekend with a new tactic - the latest spammed email campaign… https://www.virusbulletin.com/blog/2007/08/youtube-latest-storm-hook/

Sony in more rootkit rows

Accusations of sneakiness and unsafe practices hit media giants again.
Accusations of sneakiness and unsafe practices hit media giants again.Sony has been tangled up in two separate rootkit scares in the past few days, with a brief outcry over hidden… https://www.virusbulletin.com/blog/2007/08/sony-more-rootkit-rows/

FBI-led panel to provide insight into international fight against cybercrime

International law enforcement agencies set to join forces at VB2007 in Vienna.
International law enforcement agencies set to join forces at VB2007 in Vienna. International law enforcement agencies are set to join forces at the VB2007 anti-malware conference… https://www.virusbulletin.com/blog/2007/08/fbi-led-panel-provide-insight-international-fight-against-cybercrime/

String of vulnerabilities found in ServerProtect

Several minor holes patched in Trend Micro corporate product.
Several minor holes patched in Trend Micro corporate product. A series of security issues have been reported in Trend Micro's ServerProtect server-level product, which could allow… https://www.virusbulletin.com/blog/2007/08/string-vulnerabilities-found-serverprotect/

Four charged with writing Fujacks

Malware authors and sellers appear in Chinese court.
Malware authors and sellers appear in Chinese court. Four men have appeared in a public court in Hubei Province, China, charged with writing, selling and spreading the W32/Fujacks… https://www.virusbulletin.com/blog/2007/08/four-charged-writing-fujacks/

Latest VB100 announced

Novell NetWare server products to be tested.
Novell NetWare server products to be tested. VB has issued a call for submissions for the latest VB100 comparative review, which will measure the performance of products for the… https://www.virusbulletin.com/blog/2007/08/latest-announced/

AVK tops latest AV-Test charts

Top four beat 99% in large collection scan.
Top four beat 99% in large collection scan. Testers at AV-Test.org have run 29 products over a massive collection of malware samples, with detection rates measured against 874,822… https://www.virusbulletin.com/blog/2007/08/avk-tops-latest-av-test-charts/

Latest Storm barrage offers site memberships

New tactic provides logins to special-interest sites.
New tactic provides logins to special-interest sites. The 'Storm' attack has changed tactic yet again, with the latest set of spams providing login details to a wide selection of… https://www.virusbulletin.com/blog/2007/08/latest-storm-barrage-offers-site-memberships/

Monster haul of data reaped from job site

Trojan gathers 1.6 million sets of jobseeker records.
Trojan gathers 1.6 million sets of jobseeker records. Researchers at Symantec have reported discovering a server carrying 1.6 million entries from the popular jobseeking website… https://www.virusbulletin.com/blog/2007/08/monster-haul-data-reaped-job-site/

Phish poses as Sophos malware alert

Fake security alarm lures users to spoofed site.
Fake security alarm lures users to spoofed site. A phishing email recently spammed out uses the name of security firm Sophos to lend credence to a fake malware alert, designed to… https://www.virusbulletin.com/blog/2007/08/phish-poses-sophos-malware-alert/

ClamAV taken over by Sourcefire

Snort maker buys into open-source AV.
Snort maker buys into open-source AV. Open-source anti-virus product ClamAV has been acquired by Sourcefire, the US-based company behind leading open-source intrusion detection… https://www.virusbulletin.com/blog/2007/08/clamav-taken-over-sourcefire/

14 flaws fixed in bumper Patch Tuesday

Critical remote execution and hijack holes closed.
Critical remote execution and hijack holes closed.Microsoft's monthly 'Patch Tuesday' security bulletin includes nine separate bulletins this month, covering a total of 14… https://www.virusbulletin.com/blog/2007/08/14-flaws-fixed-bumper-patch-tuesday/

Storm e-card malware keeps on coming

No end to flood of fake friendly greetings.
No end to flood of fake friendly greetings. A further wave of e-cards carrying links to 'Storm' malware (various labelled Nuwar, Peacomm, Dorf, Zhelatin) has been hitting inboxes… https://www.virusbulletin.com/blog/2007/08/storm-e-card-malware-keeps-coming/

Webcam zero-day in Yahoo! Messenger

Video chat invites pose vulnerability danger.
Video chat invites pose vulnerability danger. A zero-day vulnerability has been reported in the webcam module of Yahoo! Messenger, allowing attackers remote access to systems open… https://www.virusbulletin.com/blog/2007/08/webcam-zero-day-yahoo-messenger/

AV testing practices questioned

Professional and amateur tests criticised.
Professional and amateur tests criticised. Last week, IT industry commentator and renowned anti-anti-virus writer Robin Bloor released a typically inflammatory article implying… https://www.virusbulletin.com/blog/2007/08/av-testing-practices-questioned/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.