In their VB2014 paper, Jonathan Oliver and his colleagues look at abuse on Twitter.
It is reported that more than 1,400 financial institutions have been targeted by attackers using banking trojans, and the top 15 targeted financial institutions were attacked by more than 50 per cent of the trojans in 2013. One major tactic of…
A growing percentage of Android malware, including Zeus, SMSSend, and re-packaged applications, are packed using legitimate packers originally developed to protect the intellectual property of Android applications, with other malware having been…
An increasing number of developers are using certificates issued by Certificate Authorities (CAs) to create a more trustworthy environment for users. Although certificates should be used by legitimate developers only, we are seeing an increasing…
In their VB2014 paper, Cathal Mullaney and Sayali Kulkarni demonstrate that targeting Linux-based Apache web servers is an active and extremely effective method of malware infection. They present an overview of Linux malware and a technical analysis…
Analysing greyware applications and taking a definitive decision on whether or not to block them is more than often a tedious job, combining research and both dynamic and static analysis. In their VB2014 paper, Stefan Catalin Hanu, Stefan Mosoi and…
Exfiltration of data has been a feature of many attacks, where confidential customer information has been leaked to malicious actors - such infections can have disastrous effects on a company’s brand, customer loyalty, and competitive advantage. In…
With Android being the fastest-growing mobile OS, and with a rapidly increasing number of Android malware samples in existence, it is important to acknowledge the risk of exploitation of security vulnerabilities by malware. In their VB2014 paper,…
The Blackbeard/Pigeon clickbot follows the path that was previously set by ZeroAccess. It uses a sophisticated method to stay persistent in a victim’s computer. Analysing this kind of threat is not a straightforward task, because the entire process…
Tech support scams have been around for a long time, and despite all the attention they have received, they are only getting worse. Scammers are diversifying - no longer just using the Microsoft cold-calling technique but now also using deceptive ads…
In January 1998, VB Technical Editor Jakub Kaminski asked: If trojans seem to be more dangerous than viruses, why don’t anti-virus vendors tackle those too?
When the Skeleton Key malware is installed on a domain controller, the attacker can play a face-changing trick on the domain by logging in as any user it chooses and performing any number of actions on the system including, but not limited to,…
Information security researchers are increasingly finding themselves involved in investigating state-sponsored or geopolitically significant threats. In his VB2015 paper, Juan Andrés Guerrero-Saade looks at the perils and ethical conundrums involved…
How much does a user really need to know in order to defend his computer from computer viruses? In 1993, the latest news from the anti-viral battle-front was that if the user wanted to defend the contents of his computer from viral attack, he should…
As targeted attacks gain more attention, and protection developers pay more attention to the implementation of new defensive technologies, the need arises for the testing of product efficacy with respect to this new kind of threat. However, compared…
Sixteen full anti-spam solutions participated in the January 2016 VBSpam test, all of which easily achieved a VBSpam award by blocking 99.8% or more spam. What’s more, ten solutions reached the performance level required to earn a VBSpam+ award.
