Having returned from a summer hiatus, Emotet is back targeting inboxes and, as seen in the VBSpam test lab, doing a better job than most other malicious campaigns at bypassing email security products.
Emails with a malicious link or attachment form only a small minority of the spam that is sent every day. If it appears that such emails are more common than that, it is not just… https://virusbulletin.com/blog/2019/11/emotet-continues-bypass-many-email-security-products/
Today we publish VB2019 papers by Luca Nagy (Sophos) on Emotet and Gabriela Nicolao and Luciano Martins (Deloitte) on Ryuk, as well as the corresponding videos of their presentations.
Shinigami’s revenge: the long tail of the Ryuk malware
Read the paper (HTML)
Download the paper (PDF)
Exploring Emotet, an elaborate everyday enigma
Read the paper… https://virusbulletin.com/blog/2019/10/vb2019-papers-emotet-and-ryuk/
The set-up of the VBSpam test lab gives us a unique insight into the kinds of emails that are more likely to bypass email filters. This week we look at the malspam that was missed: a very international email with a link serving Emotet, an Italian Ursnif c…
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot.… https://virusbulletin.com/blog/2019/02/malspam-security-products-miss-emotet-ursnif-and-spammers-blunder/
At VB2017 in Madrid, CERT Poland researchers Maciej Kotowicz and Jarosław Jedynak presented a paper detailing their low-level analysis of five spam botnets. Today we publish their full paper.
Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt's… https://virusbulletin.com/blog/2017/12/vb2017-paper-peering-spam-botnets/