VB Blog

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Posted by Martijn Grooten on Jan 7, 2019

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.

Posted by Martijn Grooten on Dec 19, 2018

VB Editor Martijn Grooten reviews Charles Arthur's Cyber Wars, which looks at seven prominent hacks and attacks, and the lessons we can learn from them.

Posted by Martijn Grooten on Dec 14, 2018

At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.

Posted by Martijn Grooten on Dec 12, 2018

Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.

Posted by Martijn Grooten on Dec 11, 2018

VB calls on organisations and individuals involved in threat intelligence from around the world to participate in next year's Virus Bulletin conference.

Posted by Martijn Grooten on Dec 7, 2018

Today, we publish the VB2018 paper by Qihoo 360 researchers Ya Liu and Hui Wang, on extracting data from variants of the Mirai botnet to classify and track variants.

Posted by Martijn Grooten on Dec 6, 2018

2018 has seen an increase in the variety of botnets living on the Internet of Things - such as Hide'N'Seek, which is notable for its use of peer-to-peer for command-and-control communication. Today, we publish the VB2018 paper by Bitdefender researchers Adrian Șendroiu and Vladimir Diaconescu, who studied the Hide'N'Seek IoT botnet. We also release the recording of their presentation.

Posted by Martijn Grooten on Dec 4, 2018

In a new paper, Avast researchers Jan Sirmer and Adolf Streda look at how a spam campaign sent via the Necurs botnet was delivering the Flawed Ammyy RAT. As well as publishing the paper, we have also released the video of the reseachers' VB2018 presentation on the same topic.

Posted by Martijn Grooten on Nov 29, 2018

Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.

Posted by Martijn Grooten on Nov 28, 2018

Today, we publish the video of the VB2018 presentation by CitizenLab researchers Masashi Nishihata and John Scott Railton, on threats faced by civil society.

Previous1...1415161718...215Next

Search blog

New OpenOffice proof-of-concept widely noted

Odd payload, not spreading danger, brings attention to cross-platform worm.
Odd payload, not spreading danger, brings attention to cross-platform worm. A new proof-of-concept malware exploiting the OpenOffice document format has made headlines across the… https://www.virusbulletin.com/blog/2007/05/new-openoffice-proof-concept-widely-noted/

Norton FP trashes Chinese systems

Vital DLLs flagged as malware disable Windows XP across China.
Vital DLLs flagged as malware disable Windows XP across China. A serious false positive, caused by an erroneous update to Symantec's Norton Anti-virus product range issued late… https://www.virusbulletin.com/blog/2007/05/norton-fp-trashes-chinese-systems/

New spam-fighting system for France

Junk mail blacklisting project goes live.
Junk mail blacklisting project goes live. A group of public bodies and private companies have joined forces to implement a new system allowing French email users to report spam… https://www.virusbulletin.com/blog/2007/05/new-spam-fighting-system-france/

Zango sues PC Tools for $35 million

'Reformed' adware shippers upset by detection and removal.
'Reformed' adware shippers upset by detection and removal. Adware and sometime spyware maker Zango has brought a suit against anti-spyware firm PC Tools complaining that the… https://www.virusbulletin.com/blog/2007/05/zango-sues-pc-tools-35-million/

Estonian websites suffer wave of DoS attacks

Baltic republic accuses Russia of cyber-warfare.
Baltic republic accuses Russia of cyber-warfare. A wave of denial of service (DoS) attacks on Estonian websites has prompted the Estonian government to accuse its neighbour of… https://www.virusbulletin.com/blog/2007/05/estonian-websites-suffer-wave-dos-attacks/

Symantec files 8 piracy suits

Symantec pursues distributors of counterfeit software.
Symantec pursues distributors of counterfeit software.Symantec has revealed that it has filed civil lawsuits against eight US and Canadian companies accused of selling counterfeit… https://www.virusbulletin.com/blog/2007/05/symantec-files-8-piracy-suits/

Verizon acquires Cybertrust

ICSA Labs parent company subsumed.
ICSA Labs parent company subsumed.Verizon Business, a division of Verizon Communications has announced that it is set to acquire managed security services supplier Cybertrust. The… https://www.virusbulletin.com/blog/2007/05/verizon-acquires-cybertrust/

Latest flaws affect AV giants

Symantec, McAfee and CA all patch vulnerabilities.
Symantec, McAfee and CA all patch vulnerabilities. Three of the biggest names in the security sector, McAfee, Symantec and CA, have all revealed details of flaws in their software… https://www.virusbulletin.com/blog/2007/05/latest-flaws-affect-av-giants/

Phishing techniques and technology revealed

Serious software used to analyse phished data, and a phisher talks.
Serious software used to analyse phished data, and a phisher talks. Some insights into the workings of phishing scams were revealed this week, as a sophisticated tool designed to… https://www.virusbulletin.com/blog/2007/05/phishing-techniques-and-technology-revealed/

1.4 million Chinese infected over holiday week

May vacations bring trojan avalanche for gamers and filesharers.
May vacations bring trojan avalanche for gamers and filesharers. Chinese computers, in heavy use with many people off work for the Labour Day holiday week, have suffered a major… https://www.virusbulletin.com/blog/2007/05/1-4-million-chinese-infected-over-holiday-week/

Five ISPs hosting a third of malware, says study

StopBadware survey finds small group of ISPs most to blame.
StopBadware survey finds small group of ISPs most to blame. In a recent study of almost 50,000 sites known to be hosting malware, five ISPs have been identified as repeat… https://www.virusbulletin.com/blog/2007/05/five-isps-hosting-third-malware-says-study/

ZOO archive issues hit security vendors

Errors handling rare format patched by four AV and anti-spam products.
Errors handling rare format patched by four AV and anti-spam products. A researcher has revealed details of flawed implementation of a somewhat archaic archive format, .zoo, which… https://www.virusbulletin.com/blog/2007/05/zoo-archive-issues-hit-security-vendors/

Phishing moves into more new areas

Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers.
Surveys, phone lines, USB sticks and call girls the latest tactics for spammers and phishers. The latest social-engineering methods being put to use by phishers show no let up in… https://www.virusbulletin.com/blog/2007/05/phishing-moves-more-new-areas/

7 critical flaws patched on Patch Tuesday

May Security Bulletin covers wide range of vulnerabilities.
May Security Bulletin covers wide range of vulnerabilities.Microsoft's latest 'Patch Tuesday' security bulletin included fixes for seven vulnerabilities, all rated 'Critical' and… https://www.virusbulletin.com/blog/2007/05/7-critical-flaws-patched-patch-tuesday/

I-SPY chases SPY-ACT through approval process

Second piece of US anti-spyware legislation given go-ahead.
Second piece of US anti-spyware legislation given go-ahead. With the 'Securely Protect Yourself Against Cyber Trespass Act' (aka SPY-ACT act) approved by a House of Representatives… https://www.virusbulletin.com/blog/2007/05/i-spy-chases-spy-act-through-approval-process/

Questionable false positive file removed

Amendment to VB's April Linux comparative review.
Amendment to VB's April Linux comparative review. In Virus Bulletin's April 2007 Linux comparative review (see VB, April 2007, p.11), VB reported that ESET's product NOD32 had… https://www.virusbulletin.com/blog/2007/05/questionable-false-positive-file-removed/

Microsoft to beat Symantec to corporate release punch

With Forefront due out soon, Symantec's latest release suffers further delay.
With Forefront due out soon, Symantec's latest release suffers further delay.Microsoft has announced the release to manufacture of Forefront Client, the corporate implementation of… https://www.virusbulletin.com/blog/2007/05/microsoft-beat-symantec-corporate-release-punch/

Law to stop spam reaching kids dubbed a failure

Utah registry to protect children's email leaks cash and addresses.
Utah registry to protect children's email leaks cash and addresses. A law enacted in the state of Utah, as well as some other states, with the aim of preventing spammers from… https://www.virusbulletin.com/blog/2007/05/law-stop-spam-reaching-kids-dubbed-failure/

Touchy mail blocker upsets Gay

Content filter berates woman for using own name in mails.
Content filter berates woman for using own name in mails. A woman has complained to the New Zealand ISP Telecom after an email she sent them was bounced back to her, with a message… https://www.virusbulletin.com/blog/2007/05/touchy-mail-blocker-upsets-gay/

Botnet DoS no longer profitable

Extortion attacks fall as herders find easier money elsewhere.
Extortion attacks fall as herders find easier money elsewhere. The use of armies of botnets to carry out denial-of-service attacks on lucrative websites, as a method of extorting… https://www.virusbulletin.com/blog/2007/05/botnet-dos-no-longer-profitable/

« Previous 1...8384858687...120 Next »