Virus Bulletin issue archive
The Bulletin is an indispensable source of reference for anyone concerned with the prevention, detection and removal of computer threats, including but not limited to malware and spam.
Between 1989 and 2014, VB published the monthly, subscriber-based Virus Bulletin magazine. The Bulletin is a continuation of that publication, but with more frequent releases - the Bulletin is available free of charge and requires no registration.
Virus Bulletin - December 2012
BYOD and the mobile security maturity model (comment); New tricks ship with Zeus packer (malware analysis); Compromised library (malware analysis); A journey into the Sirefef packer: a research case study (feature); Part 2: Interaction with a black hole (feature); VB100 comparative on Windows 8 Pro (comparative review)
Virus Bulletin - November 2012
The cost of being scared safe (comment); Six flags over Texas (conference report); Is our viruses learning? (malware analysis); Ramnit bot (malware analysis); Dissecting Winlocker - ransomware goes centralized (malware analysis); Tracking the 2012 Sasfis campaign (feature); November 2012 VBSpam comparative review (comparative review)
Virus Bulletin - October 2012
Is AV the old dog? (comment); Cridex botnet preview (malware analysis); Filename: BUGGY.COD.E (malware analysis); Inside a Black Hole: Part 1 (feature); Code injection via return-oriented programming (feature); Unpacking x64 PE+ binaries part 3: IDA, graphs and binary instrumentation (tutorial); Trojan Horse (book review); Operation Desolation (book review)
Virus Bulletin - September 2012
Threat prevalence: your breach will have to wait (comment); 'Lahf'ing all the way (malware analysis); URLZone reloaded: new evolution (malware analysis); Pinterest scams - under the hood (feature); A global treaty on online threats (or the challenges of (inter)national cooperation) (feature); Unpacking x64 PE+ binaries part 2: using WinDbg (tutorial)
Virus Bulletin - August 2012
IP addresses and privacy-sensitive data: a different point of view (comment); ZAccess detailed analysis (malware analysis); Inside the ICE IX bot, descendent of Zeus (malware analysis); Tussling with Tussie (malware analysis); Garbage collection (feature)
Virus Bulletin - July 2012
Where should security reside? (comment); Noteven close (malware analysis); Tiny modularity (malware analysis); Malicious PDFs served by exploit kits (feature); Unpacking x64 PE+ binaries: introduction part 1 (tutorial); Quick reference for manual unpacking II (tutorial)
Virus Bulletin - June 2012
Botnets in the browser (comment); So, enter stage right (malware analysis); Andromeda botnet (malware analysis); Automatically detecting spam at the cloud level using text fingerprints (technical feature); Malware design strategies for circumventing detection and prevention controls - part two (technical feature); Understanding the domains involved in malicious activity on Facebook (technical feature); EICAR 2012 (conference report)
Virus Bulletin - May 2012
AV: Mind the gap (comment); evilMule in kernel mode - an analysis of the network functionality (malware analysis); Like a bat out of hell (malware analysis); Malware design strategies for circumventing detection and prevention controls - part one (technical feature); Mobile banking vulnerability: Android repackaging threat (technical feature); VBSpam comparative review
Virus Bulletin - April 2012
Is Android simply Windows all over again? (comment); 'Amfibee'-ous vehicle (malware analysis); Zombifying targets using phishing campaigns (malware analysis); Quick reference for manual unpacking (tutorial); Francophile phishers (feature)
Virus Bulletin - March 2012
Why you need to hack yourself (comment); Not 'Mifeve'-ourite thing (malware analysis); DroidDream mobile malware (malware analysis); What is DMARC and should you care? (spotlight); NCSC: public-private cooperation is key (spotlight)
Virus Bulletin - February 2012
Living the meme (comment); If Svar is the answer... (malware analysis); Static analysis of mobile malware (tutorial); And the devil is six: the security consequences of the switch to IPv6 (feature); Behind enemy lines: reporting from the CCC 28C3 Congress (conference report)
Virus Bulletin - January 2012
MUTE: the rebirth of centralized sharing (comment); This Sig doesn't run (malware analysis); Dissecting the NGR bot framework: IRC botnets die hard (malware analysis); The top 10 spam, malware and cybersecurity stories of 2011 (feature); Challenges for the London Action Plan (spotlight)
Latest articles:
Aditya Sood & Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited to compromise the C&C panel in order to gather threat intelligence, and present a model of mobile AppInjects.
TeamTNT is known for attacking insecure and vulnerable Kubernetes deployments in order to infiltrate organizations’ dedicated environments and transform them into attack launchpads. In this article Aditya Sood presents a new module introduced by…
Collector-stealer, a piece of malware of Russian origin, is heavily used on the Internet to exfiltrate sensitive data from end-user systems and store it in its C&C panels. In this article, researchers Aditya K Sood and Rohit Chaturvedi present a 360…
In 1989, Joe Wells encountered his first virus: Jerusalem. He disassembled the virus, and from that moment onward, was intrigued by the properties of these small pieces of self-replicating code. Joe Wells was an expert on computer viruses, was partly…
Kurt Natvig wanted to understand whether it’s possible to recompile VBA macros to another language, which could then easily be ‘run’ on any gateway, thus revealing a sample’s true nature in a safe manner. In this article he explains how he recompiled…
