Blog keyword search

Malware authors' continued use of stolen certificates isn't all bad news

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors' use of stolen certificates.
A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov… https://virusbulletin.com/blog/2018/07/malware-authors-continued-use-stolen-certificates-not-only-bad-news/

DMARC: an imperfect solution that can make a big difference

US Senator Ron Wyden has asked the Department of Homeland Security to implement DMARC. Martijn Grooten looks at what difference this could make for phishing attacks impersonating the US federal governent.
US Senator Ron Wyden has written a letter (pdf) to the Department of Homeland Security, urging the US government to implement DMARC to "ensure hackers cannot send emails that… https://virusbulletin.com/blog/2017/07/dmarc-imperfect-solution-can-make-big-difference/

TorrentLocker spam has DMARC enabled

Use of email authentication technique unlikely to bring any advantage.
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an… https://virusbulletin.com/blog/2015/03/torrentlocker-spam-has-dmarc-enabled/

Yahoo's DMARC policy wreaks havoc among mailing lists

Collateral damage in instruction to reject emails with invalid DKIM signatures.
Collateral damage in instruction to reject emails with invalid DKIM signatures. A change in Yahoo's DMARC policy has caused frustration among operators of many mailing lists and… https://virusbulletin.com/blog/2014/04/yahoo-s-dmarc-policy-wreaks-havoc-among-mailing-lists/

Weak cryptography keys allow others to add valid DKIM signatures to fake emails

512-bit key cracked within 72 hours.
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after… https://virusbulletin.com/blog/2012/10/weak-cryptography-keys-allow-others-add-valid-dkim-signatures-fake-emails/

New RFC grants DKIM improved status

Email signing method now 'Draft Standard'.
Email signing method now 'Draft Standard'. The Internet Engineering Task Force (IETF) has published a new RFC describing the DKIM protocol which sees its status advance from… https://virusbulletin.com/blog/2011/09/new-rfc-grants-dkim-improved-status/

EU report suggests 95% of email is spam

Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox.
Less than five per cent of all SMTP connections result in an email being delivered into a user's inbox. A survey carried out by the European Network and Information Security Agency… https://virusbulletin.com/blog/2010/01/eu-report-suggests-95-email-spam/

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.
Two products achieve top level VBSpam Platinum award. Virus Bulletin has announced the results of its second comparative review of anti-spam products, revealing two top-level… https://virusbulletin.com/blog/2009/07/vb-announces-latest-vbspam-certification-results/

DKIM usage shows significant growth

US banks urged to use authentication method
US banks urged to use authentication method In a report on its website, Internet giant Cisco states it has been seeing almost 700,000 non-spam messages that contain valid DKIM… https://virusbulletin.com/blog/2009/06/dkim-usage-shows-significant-growth/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.