VB Blog

Paper: API-EPO

Posted by   Virus Bulletin on   Jul 14, 2014

Raul Alvarez studies the unique EPO methodology used by the W32/Daum file infector.

Read more  

Paper: Not old enough to be forgotten: the new chic of Visual Basic 6

Posted by   Virus Bulletin on   Jul 10, 2014

Marion Marschalek looks at two Miuref binaries: one packed with Visual Basic 6 and one with C++.

Read more  

Paper: VBA is not dead!

Posted by   Virus Bulletin on   Jul 7, 2014

Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate.

Read more  

'Cyber attack on hedge fund' turns out to be internal 'scenario' used by BAE Systems

Posted by   Virus Bulletin on   Jul 3, 2014

Story that appeared to be taken from fiction turns out... to have been fiction.

Read more  

Paper: Obfuscation in Android malware, and how to fight back

Posted by   Virus Bulletin on   Jul 2, 2014

Axelle Apvrille and Ruchna Nigam look at both off-the-shelf products and custom obfuscation techniques.

Read more  

Virus Bulletin celebrates 25th birthday by making all content free

Posted by   Virus Bulletin on   Jul 1, 2014

Neither subscription nor registration required to access content.

Read more  

Exploit kit requires link to be clicked before redirection

Posted by   Virus Bulletin on   Jun 23, 2014

Automatic analysis of malicious payloads becomes a little bit harder again.

Read more  

Cheap Android phone comes shipped with spyware

Posted by   Virus Bulletin on   Jun 19, 2014

Trojan masquerades as Google Play app; cannot be removed.

Read more  

Virus Bulletin seeks security researchers

Posted by   Virus Bulletin on   Jun 17, 2014

Would you like to publish your research through Virus Bulletin - or perhaps even work for us?

Read more  

Game over for GameOver Zeus botnet?

Posted by   Virus Bulletin on   Jun 5, 2014

Coordinated effort against gang that's also behind CryptoLocker ransomware.

Read more  
Previous1...6970717273...215Next

Search blog

VB2014 preview: Labelling spam through the analysis of protocol patterns

Andrei Husanu and Alexandru Trifan look at what TCP packet sizes can teach us.
Andrei Husanu and Alexandru Trifan look at what TCP packet sizes can teach us.In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we will look at… https://www.virusbulletin.com/blog/2014/08/preview-labelling-spam-through-analysis-protocol-patterns/

VB2014 preview: Optimized mal-ops. Hack the ad network like a boss

Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits.
Researchers Vadim Kotov and Rahul Kashyap to discuss how advertisements are the new exploit kits.In the weeks running up to VB2014 (the 24th Virus Bulletin International… https://www.virusbulletin.com/blog/2014/08/preview-optimized-mal-ops-hack-ad-network-boss/

Guest blog: Cyber insurance, is it for you?

Sorin Mustaca looks at how companies trading online can insure the risks they run.
Sorin Mustaca looks at how companies trading online can insure the risks they run.Throughout its 25 year history, Virus Bulletin has regularly published technical analyses of the… https://www.virusbulletin.com/blog/2014/08/guest-blog-cyber-insurance-it-you/

Google to take tough stance on homoglyph attacks

Good idea, but unlikely to have a huge impact.
Good idea, but unlikely to have a huge impact. Ever since internationalized domain names (IDNs) were introduced in the last decade, allowing people to use non-ASCII characters in… https://www.virusbulletin.com/blog/2014/08/google-take-tough-stance-homoglyph-attacks/

VB2014 preview: P0wned by a barcode

Fabio Assolini to speak about malware targeting boletos.
Fabio Assolini to speak about malware targeting boletos.In the weeks running up to VB2014, we will look at some of the research that will be presented at the conference. In the… https://www.virusbulletin.com/blog/2014/08/preview-p0wned-barcode/

Paper: Inside the iOS/AdThief malware

75,000 jailbroken iOS devices infected with malware that steals ad revenues.
75,000 jailbroken iOS devices infected with malware that steals ad revenues. Believing that the device or operating system you use reduces your chance of being affected by malware… https://www.virusbulletin.com/blog/2014/08/paper-inside-ios-adthief-malware/

$83k in bitcoins 'stolen' through BGP hijack

Short-lived network changes used to make miners connect to rogue pool.
Short-lived network changes used to make miners connect to rogue pool. Researchers at Dell SecureWorks have discovered an operation that used BGP hijacking to force bitcoin miners… https://www.virusbulletin.com/blog/2014/08/83k-bitcoins-stolen-through-bgp-hijack/

Report: 15 solutions achieve VBSpam award

Despite short spike, image spam no problem for spam filters.
Despite short spike, image spam no problem for spam filters. Good news for those who need to run a spam filter (in other words: everyone who runs a mail server). For the second… https://www.virusbulletin.com/blog/2014/08/report-15-solutions-achieve-vbspam-award/

Researchers release CryptoLocker decryption tool

Tool uses private keys found in database of victims.
Tool uses private keys found in database of victims.Please note: this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active… https://www.virusbulletin.com/blog/2014/08/researchers-release-cryptolocker-decryption-tool/

Paper: IcoScript: using webmail to control malware

RAT gets instructions from Yahoo Mail address.
RAT gets instructions from Yahoo Mail address. One of the big challenges for malicious actors in operating a RAT (remote administration tool) is how to control the malware and… https://www.virusbulletin.com/blog/2014/08/paper-icoscript-using-webmail-control-malware/

August

Anti-virus and security related news provided by independent anti-virus advisors, Virus Bulletin
https://www.virusbulletin.com/blog/2014/08/

Paper: Learning about Bflient through sample analysis

Flexible module-handling mechanism allows malware to adjust functionalities at will.
Flexible module-handling mechanism allows malware to adjust functionalities at will. The history of the 'Bflient' worm goes back to the discovery of its first variants in June… https://www.virusbulletin.com/blog/2014/07/paper-learning-about-bflient-through-sample-analysis/

Report: VB100 comparative review on Windows 7

29 out of 35 tested products earn VB100 award.
29 out of 35 tested products earn VB100 award. The various changes at Virus Bulletin mean that things are busier than ever in our office. Still, behind the scenes we continue to… https://www.virusbulletin.com/blog/2014/07/report-comparative-review-windows-7/

Call for last-minute papers for VB2014 announced

Seven speaking slots waiting to be filled with presentations on 'hot' security topics.
Seven speaking slots waiting to be filled with presentations on 'hot' security topics. Earlier this year, we announced the programme for VB2014: three days filled with excellent… https://www.virusbulletin.com/blog/2014/07/call-last-minute-papers-announced/

Paper: Mayhem - a hidden threat for *nix web servers

New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system.
New kind of malware has the functions of a traditional Windows bot, but can act under restricted privileges in the system. One of the main trends in malware in recent years is a… https://www.virusbulletin.com/blog/2014/07/paper-mayhem-hidden-threat-nix-web-servers/

Google's Project Zero to hunt for zero-days

Bugs to be reported to the vendor only, and to become public once patched.
Bugs to be reported to the vendor only, and to become public once patched.Google has created a new team, called Project Zero, whose task is to find vulnerabilities in any kind of… https://www.virusbulletin.com/blog/2014/07/google-s-project-zero-hunt-zero-days/

Paper: API-EPO

Raul Alvarez studies the unique EPO methodology used by the W32/Daum file infector.
Raul Alvarez studies the unique EPO methodology used by the W32/Daum file infector. A few months ago, we published an article by Fortinet's Raul Alvarez on the Expiro file… https://www.virusbulletin.com/blog/2014/07/paper-api-epo/

Paper: Not old enough to be forgotten: the new chic of Visual Basic 6

Marion Marschalek looks at two Miuref binaries: one packed with Visual Basic 6 and one with C++.
Marion Marschalek looks at two Miuref binaries: one packed with Visual Basic 6 and one with C++. Two months ago, Microsoft announced it had added 'Miuref' to its Malicious Software… https://www.virusbulletin.com/blog/2014/07/paper-not-old-enough-be-forgotten-new-chic-visual-basic-6/

Paper: VBA is not dead!

Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate.
Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate.Macro malware had long been assumed dead. After all, macros are disabled by… https://www.virusbulletin.com/blog/2014/07/paper-vba-not-dead/

'Cyber attack on hedge fund' turns out to be internal 'scenario' used by BAE Systems

Story that appeared to be taken from fiction turns out... to have been fiction.
Story that appeared to be taken from fiction turns out... to have been fiction. Two weeks after BAE Systems reported its technicians had thwarted an attack against hedge fund… https://www.virusbulletin.com/blog/2014/07/cyber-attack-hedge-fund-turns-out-be-internal-scenario-used-bae-systems/

« Previous 1...3839404142...120 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.