An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Neurevt is a relatively new HTTP bot that already has a lot of functionalities along with an extendable and flexible infrastructure. Zhongchun Huo takes a detailed look at its infrastructure, communication protocol and encryption scheme.
Read moreWhen one has a nice idea – such as a tricky method for encoding data – it is common to take that idea and improve on it. It is rare to see someone take such an idea and degenerate it, but that’s exactly what we see in W32/Tussie.B. Peter Ferrie…
Read moreThe first week of October saw the 23rd anniversary of German reunification and the 23rd Virus Bulletin International Conference – in Berlin. Helen Martin reports on the latter.
Read moreZAccess (a.k.a. ZeroAccess) is a complex botnet with many different variants and updates to the malware having been observed over several years. In June He Xu and colleagues found and analysed some variants which integrated a debugger engine. He…
Read morePeter Ferrie revisits W32/Lerock and its so-called ‘virtual code’ - which, despite some updates and tweaks still lends itself to simple detection by anti virus software.
Read moreWe have seen hundreds, if not thousands, of variations of Zeus in the wild. The main goal of the malware does not vary, yet different functionalities have been added over time. Raul Alvarez takes a detailed look at some of those functionalities and…
Read moreLysa Myers (ESET)
It has often been said that the reason the general public does not take IT security seriously is that there has not been a sufficiently serious IT security disaster to make them take notice. But have leaks about the NSA given us the ‘cyber-Chernobyl’…
Read moreJohn Aycock considers Internet censuses and a tool that can scan almost the entire IPv4 address space in search of the answer to a given census question in less than 45 minutes.
Read moreRunning an iframe injector on a compromised virtual hosting server can easily result in the infection of hundreds of web servers in just a few seconds. Aditya Sood and colleagues look at the design of a basic injector: NiFramer.
Read moreUK banks' cyber defences put to the test in large-scale simulated attack.
Read more