Blog keyword search

Patch early, patch often, but don't blindly trust every 'patch'

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.
Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of… https://www.virusbulletin.com/blog/2018/04/patch-early-patch-often-dont-blindly-trust-every-patch/

There are lessons to be learned from government websites serving cryptocurrency miners

Thousands of websites, including many sites of government organisations in the UK, the US and Sweden, were recently found to have been serving a cryptocurrency miner. More interesting than the incident itself, though, are the lessons that can be learned f…
This was awkward. On Sunday, the Information Commissioner's Office (ICO), the UK's data protection regulator and thus the public body that issues fines for data breaches, was… https://www.virusbulletin.com/blog/2018/02/there-are-lessons-be-learned-government-websites-serving-cryptocurrency-miners/

WordPress users urged to manually update to fix bug that prevents automatic updating

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.
WordPress has long had a bad reputation in the security community. While this is understandable – compromised installations of the popular content management system are regularly… https://www.virusbulletin.com/blog/2018/02/wordpress-users-urged-manually-update-fix-bug-prevents-automatic-updating/

Romanian university website compromised to serve Neutrino exploit kit

The website of the Carol Davila University of Medicine and Pharmacy has been compromised to inject a hidden iframe into the site's source code that serves the Neutrino exploit kit and may infect visitors with ransomware.
This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the… https://www.virusbulletin.com/blog/2016/07/romanian-university-website-compromised-serve-neutrino-exploit-kit/

To make Tor work better on the web, we need to be honest about it

Many websites put barriers in front of visitors who use the Tor network. If we want to make the web more accessible through Tor, we need to be honest about why this is done, rather than cry wolf about a dislike for privacy, Martijn Grooten says.
If you regularly browse the web through the Tor network, you will have noticed that many websites are either inaccessible, or have strong barriers (in the form of difficult… https://www.virusbulletin.com/blog/2016/05/make-tor-work-better-web-we-need-be-honest-about-it/

Compromised site serves Nuclear exploit kit together with fake BSOD

Support scammers not lying about a malware infection for a change.
Support scammers not lying about a malware infection for a change. During our work on the development of the VBWeb tests, which will be started soon, we came across an interesting… https://www.virusbulletin.com/blog/2015/07/compromised-site-serves-nuclear-exploit-kit-together-fake-bsod/

VB2014 paper: Quantifying maliciousness in Alexa top-ranked domains

Paul Royal looks at malware served through the most popular websites.
Paul Royal looks at malware served through the most popular websites. Though VB2014 took place nine months ago, most of the papers presented during the conference remain very… https://www.virusbulletin.com/blog/2015/06/paper-quantifying-maliciousness-alexa-top-ranked-domains/

Php.net compromised to serve malware

Researchers initially believed Google warning was a false positive.
Researchers initially believed Google warning was a false positive. For a few days this week, the popular php.net website was serving malware to some of its visitors and was doing… https://www.virusbulletin.com/blog/2013/10/php-net-compromised-serve-malware/

Android malware served via compromised websites

Malware downloaded automatically, but requires user permission to be installed.
Malware downloaded automatically, but requires user permission to be installed. Researchers at mobile security company Lookout have discovered a number of compromised websites that… https://www.virusbulletin.com/blog/2012/05/android-malware-served-compromised-websites/

Researchers find many popular sites serving drive-by downloads

10 million people exposed to malware served by 25,000 most visited sites alone.
10 million people exposed to malware served by 25,000 most visited sites alone. Researchers at Barracuda Labs have found that 58 among the 25,000 most popular websites were serving… https://www.virusbulletin.com/blog/2012/04/researchers-find-many-popular-sites-serving-drive-downloads/

Mysql.com hacked, serving malware

Root access to site offered on black market.
Root access to site offered on black market. Yesterday, mysql.com, the official website of the popular database management system MySQL, was hacked and visitors to the website were… https://www.virusbulletin.com/blog/2011/09/mysql-com-hacked-serving-malware/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.