Bulletin

An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.

Surf's up

The 010 Editor is a powerful tool for analysing files. The editor can also alter files, and it supports a scripting language to automate certain tasks. Who would have guessed that one of those tasks would be to infect files? Peter Ferrie describes…

Read more  

Talk to you later

Thousands of unsuspecting chat users clicked on a malicious link a few months ago. A spam message contained a link that led to a worm being downloaded, which, in turn, downloaded a component that sent more copies of the spam message. Variously dubbed…

Read more  

Ransomware for fun and profit

David Jacoby (Kaspersky Lab)

‘The people behind these scams are making significant amounts of money, and they are infecting users all over the world.’ David Jacoby, Kaspersky Lab

Read more  

A change in the toolkit/exploit kit landscape

Loucif Kharouni (Trend Micro)

Recently, there has been a change in the toolkit/exploit kit landscape, with bad guys dedicating more time and resources to securing their creations and the servers on which their software will be installed. Loucif Kharouni explains why we need to…

Read more  

Writing a static unpacker for XPXAXCXK

Sebastian Eschweiler describes a static unpacker for the 'XPACK' packer - outlining each step of the unpacking process and looking at how weaknesses in vital steps can efficiently be exploited to produce a generic unpacker.

Read more  

Part 2: Interaction with a black hole

Gabor Szappanos (Sophos)

Gabor Szappanos started with two fairly incomplete sources of information about the latest Blackhole server version: the server-side source code from old versions and the outgoing flow of malware. He describes how, using these sources, he was able to…

Read more  

Compromised library

The Floxif DLL file infector implements both anti‑static- and anti-dynamic-analysis techniques. Raul Alvarez describes how.

Read more  

A journey into the Sirefef packer: a research case study

Sirefef is a fast-paced malware family. It frequently changes its obfuscated packer layer in order to avoid detection by AV scanners and to impede reverse engineering. Tim Liu present the technical processes he and his team followed during analysis…

Read more  

New tricks ship with Zeus packer

Recently, the Pony trojan (a.k.a. FareIt) has been observed installing a new Zeus sample on users’ machines. Jie Zhang takes a look at the new packer tricks that are used by this latest Zeus sample.

Read more  

BYOD and the mobile security maturity model

‘The BYOD concept needs a maturity model to ensure there is a clear path to increased organizational security’ Jeff Debrosse, Western Governors University

Read more  

Search the Bulletin


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.