At VB2018 in Montreal, Ixia researcher Stefan Tanase presented a thought-provoking paper on the current state of the Internet and the worrying tendency towards raising borders and restricting the flow of information. Today we publish both his paper and th…
Sir Tim Berners-Lee, inventor of the world wide web, said "I hope we use the Net to cross barriers and connect cultures". Yet increasingly we are seeing barriers being raised not… https://virusbulletin.com/blog/2019/02/vb2018-paper-internet-balkanization-why-are-we-raising-borders-online/
The cybersecurity skills gap has been described as one of the biggest challenges facing IT leaders today. At VB2018 in Montreal, ESET's Lysa Myers outlined some of the things the industry can do to help address the problem. Today we publish Lysa's paper a…
Did you see we have opened the Call for Papers for VB2019 in London? Submit your abstract before 17 March for a chance to make it onto the programme of one of the… https://virusbulletin.com/blog/2019/02/vb2018-paper-where-have-all-good-hires-gone/
At VB2018 in Montreal, researchers from Fraunhofer SIT looked at privacy vulnerabilities in legitimate Android family-tracking apps that leaked location data. Today, we publish both their paper and the video of their presentation.
The use of mobile spyware to spy on (ex-)partners is an underreported problem, despite the prevalence of such apps and their use in cases of domestic violence. At VB2017 in… https://virusbulletin.com/blog/2019/02/vb2018-paper-little-brother-watching-we-know-all-your-secrets/
The Formbook information-stealing trojan may not be APT-grade malware, but its continuing spread means it can still be effective. At VB2018 in Montreal, Gabriela Nicolao, a researcher from Deloitte in Argentina, presented a short paper in which she looked…
The Formbook information-stealing trojan has been spread by a number of recent spam campaigns. The malware was advertised in hacking forums as long ago as January 2016, but wasn't… https://virusbulletin.com/blog/2019/01/vb2018-paper-inside-formbook-infostealer/
Today we publish the VB2018 paper and video by ESET researcher Filip Kafka, who looked at the new malware by Hacking Team, after the company had recovered from the 2015 breach.
It is good practice not to mock or laugh at hacking victims. But when the victim is a company that itself is in the business of hacking and has a habit of selling its products and… https://virusbulletin.com/blog/2019/01/vb2018-paper-hacking-team-hacked-team/
At VB2018 Sophos researcher Gábor Szappanos provided a detailed overview of Office exploit builders, and looked in particular at the widely exploited CVE-2017-0199. Today we publish his paper and release the video of his presentation.
A large portion of today's malware infections use malicious Office documents as a first-stage payload. Typically, the user is tricked into enabling macros or disabling some… https://virusbulletin.com/blog/2018/12/vb2018-paper-office-bugs-rise/
Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.
The APT-C-23 group, which targets users in the Middle East and in particular in the State of Palestine, was named and first reported on by 360 in a Chinese language blog post in… https://virusbulletin.com/blog/2018/12/vb2018-video-big-bang-theory-apt-c-23/
Today, we publish the VB2018 paper by Qihoo 360 researchers Ya Liu and Hui Wang, on extracting data from variants of the Mirai botnet to classify and track variants.
The leaking or publishing of malware source code often leads to multiple spin-off families based on the code. Never has this been more clear than in the case of the Mirai Internet… https://virusbulletin.com/blog/2018/12/vb2018-paper-tracking-mirai-variants/
2018 has seen an increase in the variety of botnets living on the Internet of Things - such as Hide'N'Seek, which is notable for its use of peer-to-peer for command-and-control communication. Today, we publish the VB2018 paper by Bitdefender researchers A…
Until recently IoT botnets mostly consisted of Mirai and its many descendants. However, during 2018 we have seen an increase in the variety of botnets living on the Internet of… https://virusbulletin.com/blog/2018/12/vb2018-paper-hidenseek-adaptive-peer-peer-iot-botnet/
In a new paper, Avast researchers Jan Sirmer and Adolf Streda look at how a spam campaign sent via the Necurs botnet was delivering the Flawed Ammyy RAT. As well as publishing the paper, we have also released the video of the reseachers' VB2018 presentati…
The Necurs botnet has been active for some time. In 2014, Virus Bulletin published a 3-part article by Peter Ferrie (1, 2, 3) who had studied the botnet in great detail. And… https://virusbulletin.com/blog/2018/12/new-paper-botception-botnet-distributes-script-bot-capabilities/
Today we have published the video of the VB2018 presentation by Andrew Brandt (Sophos) on the SamSam ransomware, which became hot news following the indictment of its two suspected authors yesterday.
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware.
SamSam has been one of the most successful… https://virusbulletin.com/blog/2018/11/vb2018-video-behind-scenes-samsam-investigation/
The Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Today we publish the VB2018 paper by AhnLab researcher Minseok (Jacky) Ch…
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial… https://virusbulletin.com/blog/2018/11/vb2018-paper-hacking-sony-pictures/
Today, we have published the video of a VB2018 presentation by Kaspersky Lab researchers Kurt Baumgartner and Mike Scott, who looked at the latest activity of the Turla group.
"Capable, well-resourced, and they go back decades." The Turla threat group doesn't make the news as much as some other Russian-speaking APT groups, but it is one of the most… https://virusbulletin.com/blog/2018/11/vb2018-video-shedding-skin-turlas-fresh-faces/
Cisco Talos researchers Paul Rascagnères and Warren Mercer were among the first to write about the Olympic Destroyer, the malware that targeted the 2018 PyeongChang Winter Olympic Games. Today, we publish the paper they presented at VB2018 about the malwa…
It may be hard to believe, but it was only eight months ago that the 2018 PyeongChang Winter Olympic Games were targeted by malware named Olympic Destroyer. Though not the first… https://virusbulletin.com/blog/2018/10/who-wasnt-responsible-olympic-destroyer/