VB Blog

VB2018 presentation: The wolf in sheep's clothing - undressed

Posted by   Martijn Grooten on   Oct 22, 2018

Today, we publish the video of the VB2018 presentation by CSIS researchers Benoît Ancel and Aleksejs Kuprins, who looked at a rather dubious seller of government spyware, described by someone else operating in the same space as a "criminal of the worst kind".

Read more  

VB2018 paper: The dark side of WebAssembly

Posted by   Virus Bulletin on   Oct 17, 2018

Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.

Read more  

The Virus Bulletin conference returns home: VB2019 to take place in London

Posted by   Martijn Grooten on   Oct 5, 2018

In 2019, the Virus Bulletin conference is set to return home, with VB2019 taking place in London, UK.

Read more  

Guest blog: The case for increasing transparency in cybersecurity

Posted by   Virus Bulletin on   Oct 2, 2018

In a guest blog post, Kaspersky Lab's Anton Shingarev considers the case for increasing transparency in cybersecurity.

Read more  

VB2018 preview: Workshops

Posted by   Martijn Grooten on   Sep 28, 2018

Workshops make their VB Conference debut during VB2018, giving delegates the opportunity to learn the basics of kernel-level malware analysis, Android reverse-engineering and artificial intelligence.

Read more  

New article: Through the looking glass: webcam interception and protection in kernel mode

Posted by   Martijn Grooten on   Sep 27, 2018

Today we publish a short article by Ronen Slavin and Michael Maltsev, researchers at Reason Software Company, who dive into the video capturing internals on Windows, and explain how this can be used by a malicious actor to steal images recorded by a computer's webcam.

Read more  

VB2018 preview: The botnet landscape - live threats and steps for mitigation (Small Talk)

Posted by   Martijn Grooten on   Sep 27, 2018

In a Small Talk at VB2018, Spamhaus's Simon Forster will present the organization's research into the botnet landscape and will discuss with the audience topics such as how the rise of anonymzation techniques and the hosting of botnets on well-regarded cloud providers have changed the landscape.

Read more  

VB2018 Threat Intelligence Summit: survey on threat intel usage

Posted by   Virus Bulletin on   Sep 26, 2018

Virus Bulletin is proud to host the first Threat Intelligence Summit as an integral part of VB2018 next week. In a bid to help collect as much current data as possible, we'd like to ask anyone generating or consuming threat intelligence to fill in a very short survey.

Read more  

VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

Posted by   Martijn Grooten on   Sep 26, 2018

In today's blog post, we preview the VB2018 paper by Dragos Inc.'s Joe Slowik, who looks at the CRASHOVERRIDE malware, the first (publicly known) malware designed to impact electric grid operations.

Read more  

VB2018 preview: Cyber Threat Alliance

Posted by   Martijn Grooten on   Sep 25, 2018

In today's blog post we look at a report on illicit cryptocurrency mining by the Cyber Threat Alliance and also look forward to the VB2018 talk by the CTA's CEO Michael Daniel.

Read more  

Search blog

OneCare labels Gmail a virus

Rival webmail system flagged infected by Microsoft AV.
Rival webmail system flagged infected by Microsoft AV. A number of users of Microsoft's anti-virus product Windows Live OneCare have reported being warned of a virus infection when… https://www.virusbulletin.com/blog/2006/11/onecare-labels-gmail-virus/

MS releases new Sysinternals utility

Process Monitor combines filemon, regmon into unified analysis tool.
Process Monitor combines filemon, regmon into unified analysis tool.Sysinternals, now 'a wholly owned subsidiary of Microsoft Corporation', has released a new system analysis tool… https://www.virusbulletin.com/blog/2006/11/ms-releases-new-sysinternals-utility/

Vista safe without AV, says Allchin

Microsoft chief confident in new security measures.
Microsoft chief confident in new security measures. During a telephone press conference, Microsoft Platform Products and Services Co-president Jim Allchin revealed that he lets his… https://www.virusbulletin.com/blog/2006/11/vista-safe-without-av-says-allchin/

More US political spam

Voter persuasion campaign late and sloppy, says Panda
Voter persuasion campaign late and sloppy, says Panda Spam watchers at PandaLabs have spotted a campaign hoping to trick recipients into visiting a page attacking the state of US… https://www.virusbulletin.com/blog/2006/11/more-us-political-spam/

AOL ICQ vulnerability revealed

Chat program remote execution flaw patched.
Chat program remote execution flaw patched. Details of a vulnerability found in AOL's ICQ instant messaging software have been released by TippingPoint. The ActiveX flaw could… https://www.virusbulletin.com/blog/2006/11/aol-icq-vulnerability-revealed/

Email worm spams global war news

Bush and Putin still alive, no nuclear war ahead.
Bush and Putin still alive, no nuclear war ahead. An email worm is posing as news of global warfare and the death of major world leaders in an attempt to persuade recipients to… https://www.virusbulletin.com/blog/2006/11/email-worm-spams-global-war-news/

Google blog spreads Kama Sutra worm

MyWife variant mailed to 50,000 video blog watchers.
MyWife variant mailed to 50,000 video blog watchers.Google has apologised to users of its Google Video Blog, some 50,000 of whom were exposed to an email worm after three postings… https://www.virusbulletin.com/blog/2006/11/google-blog-spreads-kama-sutra-worm/

US politicians slated for spam tactics

Report criticises leaders for election-pushing mass mail campaigns.
Report criticises leaders for election-pushing mass mail campaigns. A report from Sophos has criticised the behaviour of both major US political parties, after numerous emails… https://www.virusbulletin.com/blog/2006/11/us-politicians-slated-spam-tactics/

XMLHTTP zero-day exploit

ActiveX vulnerability in use by attackers.
ActiveX vulnerability in use by attackers. A new flaw in Microsoft's XML Core Services 4.0 is in active use by malicious websites, with attackers using the vulnerability to… https://www.virusbulletin.com/blog/2006/11/xmlhttp-zero-day-exploit/

US way ahead in phishing and spam

PhishTank, Sophos stats put US at top of lists.
PhishTank, Sophos stats put US at top of lists. Statistics released by anti-phishing community project PhishTank, launched early last month, have put the US far ahead of the field… https://www.virusbulletin.com/blog/2006/11/us-way-ahead-phishing-and-spam/

FBI busts phishing gang

Arrests made in Poland and US, more expected.
Arrests made in Poland and US, more expected. A large operation carried out by the FBI against a phishing operation has resulted in a string of arrests. Four people are being held… https://www.virusbulletin.com/blog/2006/11/fbi-busts-phishing-gang/

Adware costs Zango $3 million

Cash and promises settle deceptive practices case.
Cash and promises settle deceptive practices case. Adware giant Zango, formerly known as 180Solutions, has settled a case brought by the US Federal Trade Commission (FTC) for $3… https://www.virusbulletin.com/blog/2006/11/adware-costs-zango-3-million/

Spam worse than postal junk mail

Survey finds emails more irritating than unwanted paper.
Survey finds emails more irritating than unwanted paper. A study carried out by researchers from the University of Georgia's Grady College of Journalism and Mass Communication and… https://www.virusbulletin.com/blog/2006/11/spam-worse-postal-junk-mail/

Wikipedia spam points to malware

Emails used archive function to lend authenticity.
Emails used archive function to lend authenticity. Popular online encyclopaedia Wikipedia has been used as a vector for malware, with a spam campaign using the site's reputation… https://www.virusbulletin.com/blog/2006/11/wikipedia-spam-points-malware/

IE7 causing McAfee update problems

New browser version blocking install and updates.
New browser version blocking install and updates. Security settings in the new version of Microsoft's web browser, Internet Explorer 7, are causing problems for users of McAfee… https://www.virusbulletin.com/blog/2006/11/ie7-causing-mcafee-update-problems/

New OSX parasitic virus found

Symantec report proof-of-concept file infector for Mac.
Symantec report proof-of-concept file infector for Mac. Analysts at Symantec have received samples of a proof-of-concept file infector for the Apple Mac OSX platform. The virus,… https://www.virusbulletin.com/blog/2006/11/new-osx-parasitic-virus-found/

Spammed trojans posing as McAfee report

Campaign uses security news to bypass security.
Campaign uses security news to bypass security. A spam campaign has been spotted, with the emails claiming to come from security giant McAfee and to contain a report on recent… https://www.virusbulletin.com/blog/2006/11/spammed-trojans-posing-mcafee-report/

Academics create mobile malware

California University publishes Symbian proof of concept.
California University publishes Symbian proof of concept. A group of researchers at the University of California, Santa Barbara, (UCSB) have released details and source code for a… https://www.virusbulletin.com/blog/2006/11/academics-create-mobile-malware/

Spamhaus rests easy

US judge rules against suspending Spamhaus domain.
US judge rules against suspending Spamhaus domain. At the end of a month-long court battle, a US judge has ruled that UK anti-spam advisory organization Spamhaus will not have its… https://www.virusbulletin.com/blog/2006/11/spamhaus-rests-easy/

Sender ID specification released

Microsoft reveals all as part of its Open Specification Promise.
Microsoft reveals all as part of its Open Specification Promise.Microsoft has made its Sender ID Framework specification available as part of its recent Open Specification Promise,… https://www.virusbulletin.com/blog/2006/11/sender-id-specification-released/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.