VB Blog

Paper: Inside the iOS/AdThief malware

Posted by   Virus Bulletin on   Aug 12, 2014

75,000 jailbroken iOS devices infected with malware that steals ad revenues.

Read more  

$83k in bitcoins 'stolen' through BGP hijack

Posted by   Virus Bulletin on   Aug 8, 2014

Short-lived network changes used to make miners connect to rogue pool.

Read more  

Report: 15 solutions achieve VBSpam award

Posted by   Virus Bulletin on   Aug 7, 2014

Despite short spike, image spam no problem for spam filters.

Read more  

Researchers release CryptoLocker decryption tool

Posted by   Virus Bulletin on   Aug 6, 2014

Tool uses private keys found in database of victims.

Read more  

Paper: IcoScript: using webmail to control malware

Posted by   Virus Bulletin on   Aug 4, 2014

RAT gets instructions from Yahoo Mail address.

Read more  

Paper: Learning about Bflient through sample analysis

Posted by   Virus Bulletin on   Jul 30, 2014

Flexible module-handling mechanism allows malware to adjust functionalities at will.

Read more  

Report: VB100 comparative review on Windows 7

Posted by   Virus Bulletin on   Jul 29, 2014

29 out of 35 tested products earn VB100 award.

Read more  

Call for last-minute papers for VB2014 announced

Posted by   Virus Bulletin on   Jul 21, 2014

Seven speaking slots waiting to be filled with presentations on 'hot' security topics.

Read more  

Paper: Mayhem - a hidden threat for *nix web servers

Posted by   Virus Bulletin on   Jul 17, 2014

New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system.

Read more  

Google's Project Zero to hunt for zero-days

Posted by   Virus Bulletin on   Jul 16, 2014

Bugs to be reported to the vendor only, and to become public once patched.

Read more  
Previous1...6869707172...215Next

Search blog

Tor exit node found to turn downloaded binaries into malware

Tor provides anonymity, not security, hence using HTTPS is essential.
Tor provides anonymity, not security, hence using HTTPS is essential. A security researcher has discovered a Tor exit node that was modifying binaries downloaded through it on the… https://www.virusbulletin.com/blog/2014/10/tor-exit-node-found-turn-downloaded-binaries-malware/

VB2014 paper: Exposing Android white collar criminals

Luis Corrons dives into the world of shady Android apps.
Luis Corrons dives into the world of shady Android apps.Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations.… https://www.virusbulletin.com/blog/2014/10/paper-exposing-android-white-collar-criminals/

Black Hat Europe - day 2

IPv6 versus IDPS, XSS in WYSIWYG editors, and reflected file downloads.
IPv6 versus IDPS, XSS in WYSIWYG editors, and reflected file downloads. After a busy first day, I was somewhat glad that the talks on the second day of Black Hat Europe appealed… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-2/

Black Hat Europe - day 1

Programme packed with interesting talks.
Programme packed with interesting talks. Though the prestige of Black Hat Europe doesn't compare to that of its American parent conference, and the event certainly doesn't dominate… https://www.virusbulletin.com/blog/2014/10/black-hat-europe-day-1/

VB2014 paper: DNSSEC - how far have we come?

Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.
Nick Sullivan describes how DNSSEC uses cryptography to add authentication and integrity to DNS responses.Over the next months, we will be sharing conference papers as well as… https://www.virusbulletin.com/blog/2014/10/paper-dnssec-how-far-have-we-come/

POODLE attack forces the Internet to move away from SSL 3.0

Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks.
Users and administrators urged to stop supporting the protocol, or at least to prevent downgrade attacks. After Heartbleed and Shellshock, or the SSL/TLS attacks CRIME and BEAST,… https://www.virusbulletin.com/blog/2014/10/poodle-attack-forces-internet-move-away-ssl-3-0/

Report: 15 solutions achieve VBSpam award

Surprisingly, the presence of more URLs doesn't necessarily make spam easier to block.
Surprisingly, the presence of more URLs doesn't necessarily make spam easier to block. Yet again, we have good news for those who need to run a spam filter (in other words:… https://www.virusbulletin.com/blog/2014/10/report-15-solutions-achieve-vbspam-award/

Windows zero-day used in targeted attacks

Vulnerability used to download BlackEnergy trojan - as discussed during VB2014.
Vulnerability used to download BlackEnergy trojan - as discussed during VB2014. Today is going to be a busy day for system administrators: they were already on high alert following… https://www.virusbulletin.com/blog/2014/10/windows-zero-day-used-targeted-attacks/

VB2014 paper: The evolution of webinjects

Jean-Ian Boutin looks at the increased commoditization of webinjects.
Jean-Ian Boutin looks at the increased commoditization of webinjects.Virus Bulletin has always been about sharing information, and the Virus Bulletin conference is an important… https://www.virusbulletin.com/blog/2014/10/paper-evolution-webinjects/

Paper: The Hulk

Raul Alvarez studies cavity file infector.
Raul Alvarez studies cavity file infector. Most file infectors increase the length of the infected file, as the malicious code is added as a new section of the host file, or to the… https://www.virusbulletin.com/blog/2014/10/paper-hulk/

Shellshock used to spread Mayhem

Malware switched to more effective Perl installer.
Malware switched to more effective Perl installer. One of the most prominent discussion topics during VB2014 was the 'Shellshock' vulnerability (CVE-2014-6271) in the popular Bash… https://www.virusbulletin.com/blog/2014/10/shellshock-used-spread-mayhem/

October

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/10/

VB2014: Slides day three

Thanks all for a fantastic conference and see you in Prague... or in Denver!
Thanks all for a fantastic conference and see you in Prague... or in Denver! Two days ago, a lively panel discussion closed what we can only describe as a fantastic conference. For… https://www.virusbulletin.com/blog/2014/09/slides-day-three/

'Windigo' research wins first annual Péter Szőr award

The first of many awards to commemorate brilliant researcher.
The first of many awards to commemorate brilliant researcher. When, in November last year, we heard of the passing of Péter Szőr, we wanted to do something to keep the memory of… https://www.virusbulletin.com/blog/2014/09/windigo-research-wins-first-annual-p-ter-sz-r-award/

VB2014: Slides day two

Another day of excellent presentations.
Another day of excellent presentations. The second day of VB2014 was just as successful as the first one, and saw 22 interesting presentations, divided over two parallel streams,… https://www.virusbulletin.com/blog/2014/09/slides-day-two/

VB2014: Slides day one

Almost £1,300 donated to WWF!
Almost £1,300 donated to WWF! The inaugural Virus Bulletin conference was held in 1991, making it one of the oldest security conferences in the world. It is also one of very few… https://www.virusbulletin.com/blog/2014/09/slides-day-one/

VB2014 previews: an overview

Fourteen blog posts look ahead at the 24th Virus Bulletin conference.
Fourteen blog posts look ahead at the 24th Virus Bulletin conference. In just a few more hours, delegates will be able to collect their VB2014 badges before the conference really… https://www.virusbulletin.com/blog/2014/09/previews-overview/

VB2014 preview: Tech Support Scams 2.0: an inside look into the evolution of the classic Microsoft tech support scam

Jérôme Segura looks at recent developments in malicious cold calls.
Jérôme Segura looks at recent developments in malicious cold calls.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of… https://www.virusbulletin.com/blog/2014/09/preview-tech-support-scams-2-0-inside-look-evolution-classic-microsoft-tech-support-scam/

VB2014 preview: Ubiquitous Flash, ubiquitous exploits and ubiquitous mitigation

Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash.
Chun Feng and Elia Florio look at exploits targeting domain memory opcode in Adobe Flash.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we… https://www.virusbulletin.com/blog/2014/09/preview-ubiquitous-flash-ubiquitous-exploits-and-ubiquitous-mitigation/

VB2014: frequently asked questions

Some useful information for those attending VB2014 - or those interested in attending.
Some useful information for those attending VB2014 - or those interested in attending.I haven't registered yet, but I'd like to attend. Can I still register? Yes, you can. Use our… https://www.virusbulletin.com/blog/2014/09/frequently-asked-questions/

« Previous 1...3637383940...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.