An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Neurevt first appeared over a year ago – its many components cover a large number of the most popular malicious functionalities, including downloading malware, DDoS attacks and website sniffing. He Xu discusses the major changes that have been…
Read moreElevation of privilege (EoP) vulnerabilities can allow a program to run arbitrary code, regardless of that program’s current permission level – as a result, they draw a lot of attention from malware authors. Wayne Low describes two of the EoP…
Read moreMartijn Grooten (Virus Bulletin)
‘We plan to increase our scope further and look even more at other areas of IT security.’ Martijn Grooten
Read moreThe current information landscape is pretty lacking when it comes to information about cyber investigations. Most reports on cybercrime cover only the results of an investigation, omitting the process, the investigative techniques and the specific…
Read moreIn the latest of his ‘Greetz from Academe’ series, highlighting some of the work going on in academic circles, John Aycock looks at PREC: practical root exploit containment for Android devices.
Read moreThe Necurs rootkit is composed of a kernel-mode driver and a user-mode component. The rootkit makes use of some very powerful techniques, but fortunately it also has some chinks in its armour. Peter Ferrie describes its strengths and weaknesses.
Read moreThe spam botnet Tofsee can be divided into three components: loader, core module and plug-ins. Ryan Mi describes how the components communicate with the C&C server, and how they work with one another.
Read moreGabor Szappanos (Sophos)
Last month’s issue of Virus Bulletin featured a detailed analysis of the Polarbot (a.k.a. Solarbot) trojan. The article covered just about everything you could ever want to know about it – except for one thing: how does a computer end up being…
Read moreWorking both as a product manager and as an IT security expert and evangelist for an IT security company, Sorin Mustaca has seen that, with the technologies and products that we have available, we can't mitigate all the attack vectors used by today’s…
Read more‘We will need to collaborate and implement standardized threat data sharing.' Chad Loeven
Read more