Virus Bulletin newsletter

The Virus Bulletin newsletter – a weekly round-up presenting an overview of the best threat intelligence sources from around the web, with a focus on technical analyses of threats and attacks – is currently on hold, with the aim of re-starting in the near future. In the meantime, please browse the archives below.

VB-newsletter-img.jpg

 

Archive

23 December 2019: VB2019 papers, Operation Wocao, Rancor, ToTok, ServHelper, Dactl, Poison Frog, Emotet, MyKings, Spelevo, etc.

16 December 2019: VB2020 CFP, Machete, Operation Soft Cell, Patch Tuesday, Trickbot/Anchor, BlueAlpha, Ryuk, Snatch, Zeppelin, etc.

9 December 2019: Botconf, VB2019 papers, Imminent Monitor, Lazarus, ZeroCleare, StrandHogg, PyXie, xHunt, CallerSpy, Buer, IcedID, etc.

2 December 2019: Poison Vine, Emotet, Tick, Fullz House, RevengeHotels, Dexphot, Stantinko, stalkerware, CoinLoader, etc.

25 November 2019: stalkerware, GandCrab, OT reconnaissance, DePriMon, Phorpiex, CVE-2019-2215, exploit kits, Lazarus, Monero, etc.

18 November 2019: Firefox zero-days, Domestic Kitten, APT33, Patch Tuesday, PureLocker, carding bots, TA2101, FakeAdsBlocker, etc.

12 November 2019: DNS attacks, Dridex, Dexofuzzy, Emotet, DarkUniverse, Capesand, BlueKeep, Platinum, Nemty, Magecart, etc.

4 November 2019: stalkerware, Emotet, BlueKeep, MESSAGETAP, Chrome zero-day, Xhelper, Android adware, Magecart, Adwind, etc.

28 October 2019: CCleaner, Emotet and Ryuk, Magecart, Winnti, Carbanak, sextortion, Rig, Buran, Remcos RAT, Gustuff, Raccoon, etc.

21 October 2019: Geost, sextortion, The Dukes, STOP ransomware, APT41, Winnti, TA505, Fallout, TA407, click-fraud, Blackremote RAT, etc.

14 October 2019: VB2019 roundup (Simjacker, Magecart, Geost, SandCat etc.), xHunt, Reductor, Pegasus, Charming Kitten, Tortoiseshell, etc.

23 September 2019: Emotet, macOS process and file monitors, Magecart, BlackTech, FlexiSpy, Tortoiseshell, WannaCry, Adwind, Nemty, etc.

16 September 2019: VB2019 TIPS, Simjacker, Stealth Falcon, CRASHOVERRIDE, Thrip, Cobalt Dickens, Charming Kitten, Patch Tuesday, etc.

9 September 2019: VB2019, Buckeye, watering holes against Uyghurs, North Korean credential stealing, PsiXBot, Domen, spam, Glupteba, etc.

2 September 2019: Magecart, parent-child relationships, iPhone watering hole attacks, Retadup, LYCEUM, China Chopper, TA505, FIN6, etc.

26 August 2019: Emotet, Machete, OAuth phishing, Silence, Android spyware, Gamaredon, Magecart, Asruex, Guildma, North Korean phishing, etc.

20 August 2019: AfricaHackon, Cloud Atlas, Patch Tuesday and DejaBlue, Photoshop vulnerabilities, GoBrut, BalkanDoor and BalkanRAT, etc.

13 August 2019: Protonmail phishing, APT41, Machete, BITTER, Sodinokibi, STRONTIUM and IoT, MoqHao, GermanWiper, Bladr, Lokibot, etc.

30 July 2019: VB2019 call for last-minute papers, Winnti, Energetic Bear, IcedID, Phobos, Brushaloader, Spelevo, NoMoreRansom.

22 July 2019: PowerBrace, Turla/Topinambour, Ke3chang, SLUB, Projecto RAT, APT34, EvilGnome, CVE-2018-0798, StrongPity, Bitpaymer, etc.

15 July 2019: Buhtrap, Patch Tuesday, FinFisher, Sea Turtle, DNS hijacks, QNAPCrypt, Excel formula injections, Doppelpaymer, Router exploit kits, etc.

8 July 2019: Péter Szőr Award, CVE-2018-0798, Godlua, Operation Tripoli, Heaven's Gate, Sodinokibi, TA505, Hancitor and Cobalt Strike, BianLian, etc.

1 July 2019: VB2019 keynotes, Operation Soft Cell, APT10, Regin, APT33, ViceLeaker, GreenFlash Sundown, Spelevo, RIg, Triada, Ritlok, Scranos, etc.

24 June 2019: Turla and fourth-party collection, GandCrab, Sodinokibi, Bouncing Golf, Ryuk, Cobalt Strike, Danabot, Ngioweb, LoudMiner/Bird Miner, etc.

17 June 2019: MuddyWater, FIN8, Xenotime, Hide'n'Seek, TA505, Exim worm, Ursnif, Patch Tuesday, Echobot, IPStorm, Fishwrap, etc.  

10 June 2019: Lazarus, Triada, PLATINUM, Carbanak, HAWKBALL, Frankenstein, Zebrocy, GoldBrute, Magecart, BeiTaAd, Scattered Canary, etc.

3 June 2019: BlueKeep, CVE-2019-0604, Turla, HiddenWasp, Hidden Bee, Nansh0u, ATM malware, Magecart Group 1, Emotet, TA505, etc.

28 May 2019: MuddyWater, Satan ransomware, Cyber Command, Zebrocy, APT10, iframe skimming, ProtonBot, GandCrab, 16Shop, etc.

20 May 2019: RDP worm warning, Patch Tuesday, Acrobat Reader RCEs, WhatsApp, Plead, ScarCruft, Winnti, Reaver, Endless Mayfly, Goznym, etc.

14 May 2019: Turla's LightNeuron, Buckeye, FIN7, Dharma, BEC using RATs, Uzbekistan DDoS and phishing, Megacortex, Confluence, etc.

6 May 2019: Megacortex, supply-chain actor, WebLogic vulnerability, MuddyWater, OilRig, LockerGoga, Coinhive, Qakbot, support scans, Buhtrap and RTM, etc.

29 April 2019: NTP, Fake News, DNSpionage and Karkoff, Carbanak, Emotet, Babyshark, Ocean Lotus, Beapy, ShadowHammer, TA505, Mirai, etc.

23 April 2019: Sea Turtle, Aggah, Luhansk APT attacks, DNS tunneling and OilRig, DNS logs, CVE-2019-0859, MuddyWater, BitPaymer, HawkEye, etc.

15 April 2019: GossipGirl and Flame 2.0, TRITON, OceanLotus, Emotet, Qakbot, MuddyWater, WINRAR, Gaza Cybergang, Tajmahal, Exodus, Gustuff, etc.

8 April 2019: Stalkerware, VB2019 programme, Ryuk and LockerGoga, Emotet and Trickbot, Ocean Lotus, spam server, hacked home routers, etc.

1 April 2019: Car hacking, ShadowHammer, Exodus spyware, Elfin, WinRAR, LUCKY ELEPHANT, Scanbox, Lazarus Group, PsiXBot, Soula, etc.

25 March 2019: Android app analysis, email security report, Lockergoga, Cardinal RAT, FIN7, Pegasus, Bokbot, Trickbot, Ocean Lotus, Nanocore RAT, etc.

19 March 2019: Patch Tuesday, CVE-2019-0797, GlitchPOS, DMSniff, Operation Commando, Nymaim, Ursnif, Predator, Danabot, GMO sniffer, Emotet, etc.

11 March 2019: CRASHOVERRIDE, Pirrit, SLUB, WhiteFly, Chafer, Emotet, APT40, OAuth phishing in Egypt, Ryuk, GandCrab, Office 365 phishing, etc.

4 March 2019: Cyber Threat Alliance, Cobalt Strike, BITTER APT, Farseer, Bronze Union, Magecart, Necurs, Windows DHCP vulnerability, etc.

25 February 2019: Domain mortality, constraint programming, malspam, APT group ranking, Lazarus Group, BabyShark, Blind Eagle, Brushaloader, etc.

18 February 2019: Balkanisation, Old Phantom Crypter, DNS in Venezuela, AZORult, Trickbot, IcedID, exploit kits, fake updates, Quasar RAT, etc.

11 February 2019: VB2019 CFP, Nullcon, Emotet, Bushaloader, GoDaddy DNS, ExileRAT and LuckyCat, Ocean Lotus, Android spyware in Korea, APT10, IcedID, etc.

4 February 2019: Tracking apps, journalists and threat intelligence, malspam and phishing, Project Raven, SS7 hacking, Lazarus Group, APT39, Chafer, Orcus, etc.

28 January 2019: VB2019 CFP, Formbook, malspam and phishing, Emotet, DNSpionage, GreyEnergy and Zebrocy, WRITE, WindTail, malvertising, Fallout exploit kit, etc.

21 January 2019: VB2019 CFP, Hacking Team, malspam and phishing, Mydoom, Magecart, Adminer and MySQL, DarkHydrus, Telegram bots, Lazarus Group, Lojax, etc.

14 January 2019: WeddingCake and Zen Android malware, Ryuk, DNSpionage, Zebrocy, Singapore data breach, ChinaZ, Hide'N'Seek, etc.

7 January 2019: APT actors, attacks against North Korean defectors, Ryuk ransomware, Vidar, phishing with letter-swapping font, Goblin Panda, MobSTSPY, etc.

24 December 2018: APT10, 2FA phishing, Shamoon and APT33, CVE-2018-8653, Underminer exploit kit, Ryuk, WindTail macOS malware, etc.

17 December 2018: exploit builders, APT-C-23, CVE-2018-8611, Shamoon, Virut, Operation Sharpshooter, Charming Kitten, Sofacy, bomb hoax spam, etc.

10 December 2018: Necurs, Hide'N'Seek, Mirai, Kelihos, STOLEN PENCIL, Magecart, ForSSHe, DarthMiner, etc.

3 December 2018: SamSam, Pegasus, exploit kits, 3ve takedown, Backswap, DNSpionage, MuddyWater, Bladabindi, etc.

26 November 2018: Lazarus, Cozy Bear, Fancy Bear, OceanLotus, Magecart, IoT botnets, OilRig, FIN7, etc.