VB Blog

VBSpam tests to be executed under the AMTSO framework

Posted by   Virus Bulletin on   Jun 24, 2024

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

Read more  

In memoriam: Prof. Ross Anderson

Posted by   Virus Bulletin on   Apr 2, 2024

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

Read more  

In memoriam: Dr Alan Solomon

Posted by   Virus Bulletin on   Feb 14, 2024

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

Read more  

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Posted by   Virus Bulletin on   Oct 12, 2023

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

Read more  

New paper: Collector-stealer: a Russian origin credential and information extractor

Posted by   Virus Bulletin on   Dec 8, 2021

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

Read more  

VB2021 localhost videos available on YouTube

Posted by   Virus Bulletin on   Nov 4, 2021

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

Read more  

VB2021 localhost is over, but the content is still available to view!

Posted by   Virus Bulletin on   Oct 11, 2021

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

Read more  

VB2021 localhost call for last-minute papers

Posted by   Virus Bulletin on   Aug 2, 2021

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

Read more  

New article: Run your malicious VBA macros anywhere!

Posted by   Virus Bulletin on   Apr 21, 2021

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

Read more  

New article: Dissecting the design and vulnerabilities in AZORult C&C panels

Posted by   Virus Bulletin on   Apr 7, 2021

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

Read more  
Previous1234567...215Next

Search blog

Tor exit node found to turn downloaded binaries into malware

Tor provides anonymity, not security, hence using HTTPS is essential.
Tor provides anonymity, not security, hence using HTTPS is essential. A security researcher has discovered a Tor exit node that was modifying binaries downloaded through it on the… https://www.virusbulletin.com/blog/2014/10/tor-exit-node-found-turn-downloaded-binaries-malware/

VB2014 paper: Exposing Android white collar criminals

Luis Corrons dives into the world of shady Android apps.
Luis Corrons dives into the world of shady Android apps.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/10/paper-exposing-android-white-collar-criminals/

Black Hat Europe - day 2

IPv6 versus IDPS, XSS in WYSIWYG editors, and reflected file downloads.
IPv6 versus IDPS, XSS in WYSIWYG editors, and reflected file downloads. After a busy first day, I was somewhat glad that the talks on the second day of Black Hat Europe appealed… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-2/

Black Hat Europe - day 1

Programme packed with interesting talks.
Programme packed with interesting talks. Though the prestige of Black Hat Europe doesn't compare to that of its American parent conference, and the event certainly doesn't dominate… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-1/

VB2014 paper: DNSSEC - how far have we come?

Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.
Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.Over the next months, we will be sharing conference papers as well as… https://www.virusbulletin.com/blog/2014/10/paper-dnssec-how-far-have-we-come/

Report: 15 solutions achieve VBSpam award

Surprisingly, the presence of more URLs doesn't necessarily make spam easier to block.
Surprisingly, the presence of more URLs doesn't necessarily make spam easier to block. Yet again, we have good news for those who need to run a spam filter (in other words:… https://www.virusbulletin.com/blog/2014/10/report-15-solutions-achieve-vbspam-award/

POODLE attack forces the Internet to move away from SSL 3.0

Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks.
Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks. After Heartbleed and Shellshock, or the SSL/TLS attacks CRIME and BEAST,… https://www.virusbulletin.com/blog/2014/10/poodle-attack-forces-internet-move-away-ssl-3-0/

Windows zero-day used in targeted attacks

Vulnerability used to download BlackEnergy trojan - as discussed during VB2014.
Vulnerability used to download BlackEnergy trojan - as discussed during VB2014. Today is going to be a busy day for system administrators: they were already on high alert following… https://www.virusbulletin.com/blog/2014/10/windows-zero-day-used-targeted-attacks/

VB2014 paper: The evolution of webinjects

Jean-Ian Boutin looks at the increased commoditization of webinjects.
Jean-Ian Boutin looks at the increased commoditization of webinjects.Virus Bulletin has always been about sharing information, and the Virus Bulletin conference is an important… https://www.virusbulletin.com/blog/2014/10/paper-evolution-webinjects/

Shellshock used to spread Mayhem

Malware switched to more effective Perl installer.
Malware switched to more effective Perl installer. One of the most prominent discussion topics during VB2014 was the 'Shellshock' vulnerability (CVE-2014-6271) in the popular Bash… https://www.virusbulletin.com/blog/2014/10/shellshock-used-spread-mayhem/

Paper: The Hulk

Raul Alvarez studies cavity file infector.
Raul Alvarez studies cavity file infector. Most file infectors increase the length of the infected file, as the malicious code is added as a new section of the host file, or to the… https://www.virusbulletin.com/blog/2014/10/paper-hulk/

October

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/10/

VB2014: Slides day three

Thanks all for a fantastic conference and see you in Prague... or in Denver!
Thanks all for a fantastic conference and see you in Prague... or in Denver! Two days ago, a lively panel discussion closed what we can only describe as a fantastic conference. For… https://www.virusbulletin.com/blog/2014/09/slides-day-three/

'Windigo' research wins first annual Péter Szőr award

The first of many awards to commemorate brilliant researcher.
The first of many awards to commemorate brilliant researcher. When, in November last year, we heard of the passing of Péter Szőr, we wanted to do something to keep the memory of… https://www.virusbulletin.com/blog/2014/09/windigo-research-wins-first-annual-p-ter-sz-r-award/

VB2014: Slides day two

Another day of excellent presentations.
Another day of excellent presentations. The second day of VB2014 was just as successful as the first one, and saw 22 interesting presentations, divided over two parallel streams,… https://www.virusbulletin.com/blog/2014/09/slides-day-two/

VB2014: Slides day one

Almost £1,300 donated to WWF!
Almost £1,300 donated to WWF! The inaugural Virus Bulletin conference was held in 1991, making it one of the oldest security conferences in the world. It is also one of very few… https://www.virusbulletin.com/blog/2014/09/slides-day-one/

VB2014 previews: an overview

Fourteen blog posts look ahead at the 24th Virus Bulletin conference.
Fourteen blog posts look ahead at the 24th Virus Bulletin conference. In just a few more hours, delegates will be able to collect their VB2014 badges before the conference really… https://www.virusbulletin.com/blog/2014/09/previews-overview/

VB2014 preview: Tech Support Scams 2.0: an inside look into the evolution of the classic Microsoft tech support scam

Jérôme Segura looks at recent developments in malicious cold calls.
Jérôme Segura looks at recent developments in malicious cold calls.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of… https://www.virusbulletin.com/blog/2014/09/preview-tech-support-scams-2-0-inside-look-evolution-classic-microsoft-tech-support-scam/

VB2014 preview: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash.
Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we… https://www.virusbulletin.com/blog/2014/09/preview-ubiquitous-flash-ubiquitous-exploits-and-ubiquitous-mitigation/

VB2014: frequently asked questions

Some useful information for those attending VB2014 - or those interested in attending.
Some useful information for those attending VB2014 - or those interested in attending.I haven't registered yet, but I'd like to attend. Can I still register? Yes, you can. Use our… https://www.virusbulletin.com/blog/2014/09/frequently-asked-questions/

« Previous 1...3637383940...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.